🚨 NEW: Our State of Secrets Sprawl 2025 Report has dropped! We analyzed GitHub, Docker Hub, and even AI-assisted coding—the results will surprise you. Get the full report: https://t.co/AxNpuktYvZ #AppSec #CyberSecurity #SecretsManagement

As cyber threats grow more sophisticated, organizations need innovative defenses to stay protected. That’s why we’re proud to see 3 of our portfolio companies recognized on @Fortune’s Cyber 60 list in the growth stage category. Congratulations to @GitGuardian, @HuntressLabs, &

Think your Artifactory token is safe in that Jenkinsfile? So did the last company... until their CI/CD pipeline became an attack vector. Read-only tokens can still write your downfall. https://t.co/3jO83yzELv #DevOps #Security

🔓 Artifactory tokens: the skeleton keys to your kingdom. Leaked one? Congrats, you just invited attackers to your production party. Read-only? More like read-everything. https://t.co/3jO83yzELv #SupplyChainSecurity #DevSecOps

🚢 15M Docker images scanned. 🔐 100K valid secrets found. 😱 7K+ active AWS keys exposed. 🏭 Fortune 500 companies affected. 🧪 Secrets in ENV, configs, layers. 🛡️ Time to scan your containers. Read more :

Secrets #scanning isn't just about monitoring code repositories like GitHub. The 2025 GitGuardian report reveals a surge in hardcoded #secrets, with 23.7M added in 2024. Critical exposures also occur in collaboration tools like Slack and Jira☝️🤖 https://t.co/E3PTHp0qyK

Security isn’t just about tech—it’s about people. Kayssar Daher shares why building relationships in a company is just as critical as patching vulnerabilities. 🔑 🎧 Listen to the latest Security Repo Podcast! : https://t.co/AlOcFaCDpG #SecurityLeadership #DevSecOps #AppSec

🎙️ Time to properly meet your Security Repo Podcast co-host! The latest episode we get to know Kayssar Daher—his journey, security hot takes, and why he thinks security is just “housekeeping.��� Listen now: https://t.co/AlOcFaCDpG #CyberSecurity #AppSec #DevSecOps

🔑 Git is powerful… and permanent. Many assume overwriting a commit removes secrets, but Git’s history is forever! At #WWHF #MileHigh2025, we discussed why rotation—not deletion—is the only safe fix for exposed credentials. Read more: https://t.co/xdNmbjQNX4

"Security teams can't be everywhere—but your devs can." 🎯 Security Champions help spread security knowledge! Learn how to start (and scale) a great program on the latest Security Repo Podcast! 🎙️ Listen here: https://t.co/2l5wFFFKya #SecurityChampions #AppSec #DevSecOps

🚨 Leaked AWS keys aren’t fully revoked! At #WWHF #MileHigh2025, we learned that AWS’s CompromisedKeyQuarantine policy doesn’t prevent all actions—it’s not really a security feature. Rotate exposed secrets immediately! More insights: https://t.co/xdNmbjQNX4

👑 Security Champion Programs help build trust, catch risks early, and make security a shared responsibility. 🚀 Dustin Lehr shares what works (and what doesn’t) in the latest Security Repo Podcast! 🎙️ Listen now: https://t.co/2l5wFFFKya #CyberSecurity #AppSec #DevSecOps

IAM without non-human identity (NHI) governance? Incomplete. ❌ Service accounts, APIs, & machine identities are prime targets for attackers. It’s time for CISOs to take charge & secure NHIs. 🔐 Full breakdown: https://t.co/pu39AxzMBk

🚨 Non-human identities (NHIs) outnumber human users by 45:1—yet many IAM strategies ignore them. CISOs must take ownership of NHI security to prevent breaches. Don’t leave the biggest attack surface unprotected! 🔑 More insights here: https://t.co/pu39AxzMBk

From ancient texts to ransomware notes—Cherie Burgett bridges philosophy & cybersecurity at Mining & Metals ISAC. Learn how interpreting threat actor behavior can improve defenses. 🛡️ #ThreatIntel #Hermeneutics https://t.co/0NAMK3I57J

🎭 Hermeneutics meets cybersecurity! Mining & Metals ISAC’s Cherie Burgett applies ancient interpretation techniques to modern threat intelligence. 🔍 #CyberThreats https://t.co/0NAMK3I57J

🤔 Comparing Secrets Detection solutions? Don't get lost in the 📊 metrics maze! 🎯The F1 score balances precision and recall to find the sweet spot. 👉 Learn how to use it https://t.co/kqS5oxdBHV

Observability isn't just metrics, logs, and traces—it's about context! Josh Lee breaks down why understanding the why behind your data is crucial for both #DevOps and #security. 💡 Catch his insights on the most recent Security Repo Podcast episode: https://t.co/vfuCghPyUR

What do observability & security have in common? Context is king 👑. On this episode of the Security Repo Podcast, Josh Lee explains why collecting all the data isn’t enough—it’s about what you focus on. Learn more: https://t.co/vfuCghPyUR #DevSecOps #Observability

Cedar Point isn’t the only thrill in Sandusky, OH! 🚀 CodeMash 2024 was all about sharing community wisdom, which is really exciting stuff. Who’s responsible for non-human identity security? Learn what the community thought. Catch up here: https://t.co/0gnPDNS6xh