Safeguard
Tag

secret-scanning

Safeguard articles tagged "secret-scanning" — guides, analysis, and best practices for software supply chain and application security.

21 articles

AI Security

OpenAI API Key Leakage on GitHub at Scale

A senior engineer's view of OpenAI API key leakage on GitHub at scale, why automated secret scanning misses so many, and what actually stops the bleeding.

Apr 1, 20267 min read
Best Practices

Best Secret Scanning Tools 2026 Comparison

A senior-engineer view of secret-scanning tools worth running in 2026: what TruffleHog, Gitleaks, GitGuardian, and platform-native scanners actually do well.

Mar 31, 20269 min read
Vulnerability Analysis

What Are Hardcoded Credentials

Hardcoded credentials are secrets baked into code instead of a vault. Toyota, Uber, and Samsung breaches show why that risk never expires on its own.

Mar 23, 20268 min read
Tools

GitHub Advanced Security 2026: Copilot Autofix Goes GA

GHAS in 2026 made Copilot Autofix generally available, opened secret scanning to Team plans, and shipped extended secret metadata. We walked the upgrade for an org with 800 repos.

Mar 5, 20266 min read
Best Practices

Safeguard vs GitHub Advanced Security 2026

A technical comparison of Safeguard and GitHub Advanced Security in 2026 across scanning depth, secret detection, container coverage, and cost.

Mar 2, 20268 min read
DevSecOps

What is a CI/CD Secrets Leak

A CI/CD secrets leak exposes real credentials through build logs, forks, or compromised Actions. Here's how it happens and how to stop it.

Jan 20, 20267 min read
DevSecOps

Securing Azure DevOps pipelines against supply chain comp...

Pipelines now hold more privilege than the apps they build. Here's how Azure DevOps pipeline security actually breaks down—and how to close the gaps.

Jan 16, 20267 min read
DevSecOps

GitGuardian vs TruffleHog: Secret Detection Showdown

Compare GitGuardian and TruffleHog on detector coverage, validation, historical scans, developer workflow, and pricing to pick the right secret scanning tool.

Sep 18, 20245 min read
Tool Reviews

GitHub Advanced Security: CodeQL, Dependabot, and Secret Scanning in Practice

A review of GitHub Advanced Security covering CodeQL SAST, Dependabot SCA, secret scanning, and how the integrated security experience works for development teams.

Jul 8, 20236 min read
secret-scanning (Page 2) — Safeguard Blog