From blog.gitguardian.com
Securing secrets is an endless and uphill battle. API tokens, cloud credentials, and database URLs have a terrible habit of getting exposed everywhere – from private repositories to CI job logs and Slack messages. And let’s not forget those leaks tend to happen when your security teams least expect them, usually during “out of office hours” and far beyond your perimeter – think personal GitHub repos of your developers.