The recent proliferation of non-human identities (NHIs) in DevOps environments, such as service accounts, AI agents, and microservices, has brought about a concerning rise in the risk of secrets exposure. With machine credentials now outnumbering human identities by 45-to-1, threat actors have an extensive attack surface to exploit. According to the 2025 State of Secrets Sprawl report by GitGuardian, a staggering 23.77 million new secrets were leaked on GitHub in 2024, marking a 25% surge from the previous year and underscoring the escalating challenges faced by security teams.
Of particular alarm is the enduring presence of exposed credentials, as GitGuardian’s analysis revealed that 70% of secrets uncovered in public repositories back in 2022 are still active today. This persistence suggests a fundamental flaw in credential management practices, with many leaked secrets remaining unrotated or unremoved over time. Even in supposedly secure private repositories, where breaches are uncommon, secrets were found to be eight times more likely to be exposed, hinting at developers taking shortcuts in these supposedly protected environments.
The integration of AI-powered tools like GitHub Copilot has only exacerbated the problem of secret leaks. Repositories utilizing Copilot exhibited a 40% higher likelihood of secret exposure compared to those not utilizing the AI tool. While AI tools expedite code production, they also appear to inadvertently facilitate the inclusion of sensitive credentials in ways that conventional development methods might have avoided. Furthermore, an examination of Docker Hub unveiled over 100,000 valid secrets exposed in public Docker images, exposing a significant vulnerability in container security.
In addition to code repositories, collaboration platforms such as Slack, Jira, and Confluence have emerged as significant avenues for credential leaks. Secrets detected in these platforms are often more critical than those in code repositories, with 38% of incidents classified as highly critical. Unlike source code management systems boasting robust security controls, these collaboration tools lack the same level of protection, leading to only 7% of secrets discovered in these platforms also being found in codebases. The widespread adoption of these tools across different departments further complicates matters, as almost anyone can unintentionally leak credentials into these systems.
The mounting prevalence of NHIs and the persistent exposure of secrets underscore the pressing need for stringent credential management practices and enhanced security measures. As technology continues to evolve, it is imperative for organizations to prioritize the safeguarding of sensitive information and fortify their defense mechanisms against opportunistic threat actors seeking to exploit vulnerabilities in the digital landscape.