Cyentia Cybersecurity Research Library
  • Sources
  • Tags
  • About
  • Sponsors
  • More from Cyentia

GitGuardian

Below you will find reports with the source of “GitGuardian”

image from The State of Secrets Sprawl 2024

The State of Secrets Sprawl 2024

Our research sheds light on a concerning trend: 90% of exposed valid secrets remain active for at least five days after the author is notified. This finding emphasizes a crucial lesson in code security: while detecting vulnerabilities is critical, the real challenge lies in remediation. Security, we believe, must be a shared responsibility across all stages of the Software Development Life Cycle (SDLC), not just the domain of specialized teams. Raising awareness about these seemingly minor lapses is essential for mitigating supply chain risks.

(more available)
Added: March 23, 2024
image from The State of Secrets Sprawl 2023

The State of Secrets Sprawl 2023

This report will serve as a valuable resource for developers, security professionals, and decisions-makers committed to ensuring the security and integrity of their applications and data. We have never detected as many secrets and secrets sprawl has been accelerating yearly since 2020. Hard-coded secrets increased by 67% compared to 2021, whereas the volume of scanned commits rose by 20% (860M to 1.027B commits between 2021 and 2022).

(more available)
Added: March 11, 2023
image from The State of Secrets Sprawl 2022

The State of Secrets Sprawl 2022

In this report, data reveals that on average, in 2021, a typical company with 400 developers would discover 1,050 unique secrets leaked upon scanning its repositories and commits. With each secret detected in 13 different places on average, the amount of work required for remediation far exceeds current AppSec capabilities: with a security-to-developers ratio of 1:100.

(more available)
Added: October 5, 2022
© Cyentia Institute 2025
Library updated: June 19, 2025 00:08 UTC (build b1d7be4)