Safeguard
Tag

secrets-scanning

Safeguard articles tagged "secrets-scanning" — guides, analysis, and best practices for software supply chain and application security.

21 articles

DevSecOps

Where Security Gates Belong in Your CI/CD Pipeline

23.8 million secrets leaked on public GitHub in 2024 alone. The fix isn't more scanners — it's putting the right gate at the right stage and tuning out the noise.

Jul 11, 20267 min read
DevSecOps

A reference architecture for automating security gates in CI/CD

29M hardcoded secrets leaked in 2025 alone. Here's a gate architecture — SAST, SCA, secrets, IaC — that catches that without adding a day to your release cycle.

Jul 9, 20267 min read
AI Security

Auditing AI agent skill registries for hardcoded keys

29M new hardcoded secrets hit public GitHub in 2025, up 34% YoY — and 3% of MCP servers in production carry hardcoded credentials as theft traps.

Jul 9, 20267 min read
AI Security

The Security Pitfalls Hiding in AI-Generated Code

A 2021 NYU study found roughly 40% of Copilot completions on security-relevant prompts contained exploitable flaws. Here's a field guide to catching them.

Jul 8, 20266 min read
Best Practices

Data loss prevention for developers: stopping leaks before they hit the network

CWE-532 covers secrets logged in plaintext — the exact bug that led Twitter to reset every password on May 3, 2018. Network DLP can't catch it; your code has to.

Jul 8, 20267 min read
AI Security

The Hidden Risks of AI Coding Assistants

A 2021 NYU study found 40% of Copilot-generated code contained exploitable bugs — and that's before counting leaked secrets or hallucinated packages.

Jul 8, 20266 min read
Supply Chain Security

How to Scan Large GitHub Orgs for Exposed Secrets Responsibly

28.65 million new secrets landed on public GitHub in 2025 alone. Here's a research methodology for finding them at scale without becoming the next incident.

Jul 8, 20267 min read
Best Practices

The complete workflow for finding and remediating hardcoded secrets in GitHub

GitGuardian found 12.8 million secrets leaked on public GitHub in 2023 alone, and over 90% were still valid five days later. Here's the fix workflow that actually closes the gap.

Jul 8, 20268 min read
AI Security

Secure AI-Assisted Development: A Best-Practices Guide

Samsung banned ChatGPT company-wide in May 2023 after engineers pasted proprietary source code into it three times in 20 days. Here's how to adopt AI coding assistants without repeating that mistake.

Jul 8, 20266 min read
AI Security

Security Practices for GitHub Copilot and AI Coding Assistants

Copilot suggested 2,702 hardcoded secrets from just 900 prompts in one study, and at least 200 were live credentials — adoption without policy is a leak waiting to happen.

Jul 8, 20266 min read
Security Guides

Detecting Hardcoded Secrets in Code (2026 Guide)

Nearly 24 million secrets leaked to public GitHub in 2024 alone. This guide covers how hardcoded secrets get in, how detection actually works, and how to catch them pre-commit with real commands.

Jul 6, 20266 min read
DevSecOps

Pre-Commit Security Hooks: Catch Problems Before They're Committed

The cheapest place to catch a security issue is before the commit exists. Here is how to set up pre-commit security hooks that give developers instant feedback without slowing them down.

Jul 6, 20266 min read
secrets-scanning — Safeguard Blog