GitGuardian highlights the growing challenge of managing non-human identities (NHIs), such as service accounts and API keys, which now outnumber human identities significantly. Without effective governance, these machine identities become susceptible to attacks, leading to risks like orphaned credentials and secret sprawl. Research indicates that a large percentage of detected secrets persist over years, exposing organizations to breaches. The release of the OWASP Top 10 Non-Human Identity Risks for 2025 underscores the urgency of addressing secret leakage, while traditional secrets managers fall short in managing the full lifecycle of NHIs.
Without robust governance, NHIs become a prime target for attackers. Orphaned credentials, over-privileged accounts, and 'zombie' secrets are proliferating.
GitGuardian's research shows that 70% of valid secrets detected in public repositories...remained active in 2025—a three-year window of vulnerability.
The proliferation of unmanaged secrets has caught the attention of security frameworks... 'Secret Leakage' as the #2 risk, noting that compromised credentials are implicated in over 80% of breaches.
Traditional secrets managers are essential for secure storage—but they don't address the full lifecycle of NHI governance.
Collection
[
|
...
]