2025 State of Secrets Exposure Report
Trends in user sharing habits tend to follow trends in data usage, so it's no surprise that thousands of secrets that could put organizations in serious harm's way are being exposed every day, given the race most modern organizations are in to develop the best apps, at the fastest pace, powered by the latest AI tools and technologies. Find out what impact the AI race had on secrets sharing last year, where your greatest risks probably are as a result, the most challenging data types to detect, and more.
Download the 22-page PDF
Download the full report to gain insight into secret sprawl, emerging risks, detection challenges, and remediation tactics that work to help you mitigate secret-related risk.
Key insights at a glance
API Keys and Passwords
remained at the top of the
most-exposed list.
In 2025, companies are chasing rapid development cycles faster than ever in an effort to keep up, increasing the need to use and share human credentials and nonhuman identities throughout the development lifecycle.
Cloud Infrastructure Keys
were the most-shared
API key type.
The risk to any organization whose active cloud infrastructure keys are exposed is tremendous. Organizations need to find ways to improve end-user training and data hygiene to prevent potentially catastrophic outcomes.
The rise in corporate LLM use impacted the frequency of LLM API key exposure.
Given the cost of LLM use, why would attackers want to pay for their own instances when they can just hijack someone else's? Mitigating this risk may keep your organization from inadvertently funding attackers' use of AI to build more effective attacks.
.svg){kind=small}
