GitGuardian sent thousands of warning emails so far.
Some of the leaks we detected could have led to unexpected charges on developers' accounts. A lot of them were also highly critical security leaks impacting corporations, governmental organizations and universities around the world. Sometimes it only takes one single indirect compromised access to jeopardize an entire organization.
Hacking bots are constantly scanning GitHub for API keys. They steal, ransom, disclose and destroy data, spawn servers to mine bitcoins, charge your company's customers, gain access to other services, etc.
Setup your preferred communication channel at subscription to be alerted in real time.
Automatically detecting authentication keys in source code can be tricky. There are a lot of APIs out there and as much authentication patterns.
We use a combination of algorithms (including Machine Learning techniques) to keep evolving with threats and API providers. Here is a sample of the keys we already detected.
GitGuardian is our way to give something back to the Open Source Community.
We got a free tier for individual developers ! All it takes is to subscribe and setup your preferred email address to make it easier for us to reach you.
Privacy matters. Only minimal permission required.