Skip to main content

Why AI-Generated Code Is Raising the Stakes for Secrets Management

Following a $50 million funding round, GitGuardian CEO Eric Fourrier discusses why secrets security is becoming a much bigger problem in the age of AI-generated code and autonomous agents. As more organizations rush to deploy coding assistants and AI agents, Fourrier argues that the number of exposed credentials, API keys and tokens is rising just as quickly, creating new risks for DevSecOps teams already struggling to manage software supply chain security.

Fourrier explains that AI agents need access to data and systems to be useful, but many organizations are still handling that access the old way by handing over secrets. That, he says, is accelerating an already serious problem. Secrets are ending up in code, collaboration tools, tickets, developer laptops and other places where they can be exposed, reused or stolen. While early concerns focused on whether large language models themselves might reveal secrets from training data, Fourrier says the bigger issue now is how humans are using these tools, especially as non-developers begin building applications with little understanding of secure credential management.

The discussion also highlights how traditional approaches are falling short. According to Fourrier, scanning for secrets at scale still requires deterministic methods because the volume of data across code repositories, binary artifacts, collaboration platforms and cloud environments is simply too large and too costly to hand off entirely to LLMs. Instead, he sees a hybrid model emerging, one that combines fast detection with AI-assisted prioritization and remediation.

Just as important, Fourrier says secrets security can no longer sit with one team alone. Developers, application security teams, identity teams and DevOps leaders all need to work together to prevent leaks, improve remediation and reduce reliance on long-lived credentials. As AI speeds up software creation and expands who can build software, organizations will need new safeguards, better visibility and much tighter collaboration to keep sensitive credentials from becoming the weakest link in the modern development pipeline.



from DevOps.com https://ift.tt/Y4waTi8
Labels:

Comments

Post a Comment

Popular posts from this blog

How Network APIs Will Finally Realize the Potential of 5G Slicing

Developers are progressively realizing they’re going to require more from the network if they are to create revolutionary new applications. from DevOps.com https://ift.tt/Q57as1y
Post a Comment
Read more

A Quiet Life Out of the Spotlight? Not for This Former President

A Quiet Life Out of the Spotlight? Not for This Former President By Maggie Haberman from NYT U.S. https://ift.tt/3bHPHeZ Presidential Election of 2020, United States Politics and Government, Voter Fraud (Election Fraud), Presidential Election of 2016, Conservative Political Action Conference, Republican Party, Carville, James, Nunberg, Sam, Trump, Donald J
Post a Comment
Read more

New Research Points to Wuhan Market as Pandemic Origin

New Research Points to Wuhan Market as Pandemic Origin By Carl Zimmer and Benjamin Mueller from NYT Science https://ift.tt/H6cNpEQ Coronavirus (2019-nCoV), Wuhan (China), Viruses
Post a Comment
Read more