#420 - Sponsor Spotlight - GitGuardian
Identity at the Center6 Maj

#420 - Sponsor Spotlight - GitGuardian

This episode is made possible by GitGuardian. Jeff speaks with Dwayne McDaniel, Principal Developer Advocate at GitGuardian, about secrets sprawl, non-human identity governance, and the findings of the State of Secret Sprawl 2026 report. With 28.6 million secrets leaked to public GitHub in 2025 - a 34% year-over-year increase - they explore why hardcoded credentials persist, how agentic AI tools are making the problem worse, and what IAM practitioners can do to start addressing machine identity governance. Topics include GitGuardian's Good Samaritan notification program, the growing NHI inventory challenge, SPIFFE and SPIRE as a path to zero standing privilege, and data showing Claude Code co-authored commits are more than twice as likely to contain leaked secrets. Visit gitguardian.com/lps/idac to learn more.




Connect with Dwayne: https://www.linkedin.com/in/dwaynemcdaniel/


Dwayne's website: https://dwayne-mcdaniel.com/


Learn more about GitGuardian: https://www.gitguardian.com/lps/idac


GitGuardian Good Samaritan Program (free) - https://www.gitguardian.com/good-samaritan


The State of Secrets Sprawl 2026: https://www.gitguardian.com/state-of-secrets-sprawl-report-2026


SPIFFE Book: https://spiffe.io/book/




Connect with us on LinkedIn:


Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/


Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/


Visit the show on the web at http://idacpodcast.com




TIMESTAMPS:

00:00 Introduction and sponsor welcome

00:48 Dwayne's background and path to developer advocacy

04:11 Surprises from entering the identity and security space

06:29 What a principal developer advocate actually does

09:32 Why secrets became Dwayne's focus area

14:10 GitGuardian: overview and mission

19:36 Where secrets commonly leak across the SDLC

22:17 The Good Samaritan notification program explained

28:00 Why 70% of leaked secrets from 2022 were still valid in 2025

33:54 State of Secret Sprawl 2026: the year software changed

40:39 AI coding tools, Claude Code, and secrets leakage data

47:28 Practical questions for IAM practitioners to start asking

52:24 Zero standing privilege and the case for SPIFFE/SPIRE

01:00:00 Resources: the SPIFFE book, WIMSE, and AWS STS

01:02:51 Hot sauce, the Cubs, and closing thoughts




KEYWORDS:

secrets sprawl, hardcoded secrets, non-human identity, NHI governance, GitGuardian, SPIFFE, SPIRE, workload identity, DevSecOps, agentic AI, Claude Code, zero standing privilege, supply chain security, credential abuse, identity and access management, IAM, IDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dwayne McDaniel

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(423)

#423 - The Middle Market Identity Security Gap with Robert Snodgrass

#423 - The Middle Market Identity Security Gap with Robert Snodgrass

Jeff and Jim welcome back Robert Snodgrass, Principal at RSM, for a deep dive into the RSM Middle Market Business Index cybersecurity report. The conversation covers the confidence gap facing middle m...

18 Maj 1h 1min

#422 - Decoded - Securing AI Agents with Standards You Already Have

#422 - Decoded - Securing AI Agents with Standards You Already Have

Episode 422 is the debut of Decoded by Identity at the Center, a new sub-series hosted by Jeff Steadman and Sean O'Dell dedicated to unpacking the specifications and standards powering IAM. Joining th...

15 Maj 1h 18min

#421 - The AI Identity Control Plane with Henrique Teixeira

#421 - The AI Identity Control Plane with Henrique Teixeira

Jeff and Jim welcome back Henrique Teixeira, SVP of Strategy at Saviynt, for his fourth appearance on the podcast. The episode opens with Jim's firsthand experience building an AI agent for a work pro...

11 Maj 1h 10min

#419 - Identity Management Day 2026 - IDAC Live

#419 - Identity Management Day 2026 - IDAC Live

Recorded live as part of the Identity Management Day 2026 streaming program, Jeff and Jim mark their fifth IMD episode. Introduced by Jeff Reich from the Identity Defined Security Alliance, they refle...

4 Maj 29min

#418 - Ethical IAM with Elizabeth Garber

#418 - Ethical IAM with Elizabeth Garber

What does it mean to build an identity system that is ethical? Jim McDonald and Jeff Steadman are joined by Elizabeth Garber, Executive Director of IDPro and marketing lead for the OpenID Foundation, ...

27 Apr 1h 8min

#417 - Sponsor Spotlight - Elimity

#417 - Sponsor Spotlight - Elimity

This bonus episode of Identity at the Center is brought to you with support from Elimity. Jeff and Jim sit down with Maarten Decat, co-founder and CEO of Elimity, to explore the emerging product categ...

22 Apr 48min

#416 - European Identity and Cloud Conference 2026 Preview with Warwick Ashford

#416 - European Identity and Cloud Conference 2026 Preview with Warwick Ashford

Jeff and Jim are joined by Warwick Ashford, senior analyst at KuppingerCole and returning MC of the European Identity and Cloud Conference, for a full preview of EIC 2026. The conference runs May 19-2...

20 Apr 1h

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
bilar-med-sladd
market-makers
rss-laddstationen-med-elbilen-i-sverige
natets-morka-sida
rss-technokratin
rss-elektrikerpodden
rss-uppgang-och-fall
rss-veckans-ai
rss-powerboat-sverige-podcast
developers-mer-an-bara-kod
bli-saker-podden
skogsforum-podcast
rss-fabriken-2
rss-digitala-influencer-podden
rss-en-ai-till-kaffet
rss-snacka-om-ai
dom-kallar-oss-krypto
rss-bakom-boken