TL;DR: Secret sprawl is expanding across code, chat, and AI workflows, with leaked credentials now showing up outside repositories and often remaining valid long after exposure, according to GitGuardian and vendor analysis. The right response is not just better storage, but lifecycle control, rotation, scanning, and revocation across human, machine, and agent identities.
At a glance
What this is: This is a comparative analysis of 2026 secrets management tools, with the central finding that secret sprawl now spans cloud, code, and AI workflows and demands broader lifecycle governance.
Why it matters: It matters because IAM teams now have to govern secrets as identities, not just as stored values, across NHI, workload, and emerging agentic use cases.
By the numbers:
- AI-related credential leaks surged 81.5% year-over-year in 2025, with the surrounding AI infrastructure leaking 5x faster than core LLM providers.
- 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025 alone, a 34% year-over-year increase and the largest single-year jump ever recorded.
- 64% of valid secrets leaked in 2022 are still valid and exploitable today, proving that detection alone is not enough without automated revocation.
👉 Read Infisical's comparison of the best secrets management tools in 2026
Context
Secrets management is no longer just about storing API keys safely. The real problem is secret sprawl, where credentials are created, copied, exposed, reused, and forgotten across code, cloud services, chat tools, CI/CD systems, and AI-assisted workflows.
For identity teams, that makes secrets governance an NHI problem first and a tooling problem second. The article compares vendors, but the underlying issue is whether organisations can control secret lifecycle, access scope, and revocation across multi-cloud and AI-adjacent environments.
Key questions
Q: How should security teams reduce secret sprawl across cloud and AI workflows?
A: Start by treating secrets as governed identities with an owner, scope, lifecycle, and revocation path. Then connect discovery across code, chat, build systems, and AI workflows to automated containment so exposed credentials stop being usable quickly, not just visible in alerts. That is the difference between leakage detection and real control.
Q: Why do exposed secrets remain such a serious risk after discovery?
A: Because many leaked credentials are still valid when found. If a secret can still authenticate, attackers can use it to access cloud services, CI/CD systems, or backend APIs even after the original leak is detected. Revocation speed, not just discovery volume, determines whether the exposure becomes an incident.
Q: What do teams get wrong about secrets rotation?
A: They often rotate on a schedule without fixing where secrets are copied, shared, and reused. Rotation helps, but it does not solve secret sprawl if the same value is embedded in code, chat, or pipeline tooling. The control must include discovery, ownership, and removal from every place it was replicated.
Q: How do you know if a secrets management programme is working?
A: Look for lower secret reuse, faster revocation after exposure, and fewer valid secrets found outside approved storage. A working programme also reduces the number of credentials that appear in chat, tickets, logs, and AI-assisted workflows. If exposed secrets remain usable for long periods, the programme is not yet controlling the identity lifecycle.
Technical breakdown
Why secret sprawl breaks cloud-native secrets management
Secret sprawl happens when credentials leave the boundaries of a controlled vault and appear in repositories, tickets, logs, chat tools, or build pipelines. Cloud-native secret managers often store and rotate values well inside one ecosystem, but they do not remove the operational habit of copying secrets into too many places. Once a secret is duplicated, the security problem becomes distribution and revocation, not storage. That is why versioning, auditability, and rotation have to be paired with discovery and policy enforcement across the rest of the stack.
Practical implication: treat secret discovery and revocation as first-class controls, not optional add-ons after vault deployment.
Secrets management for AI agents and automated workflows
AI agents and automation layers change the secrets problem because they can consume credentials at runtime through APIs, SDKs, or injected environment variables without a human sitting in the loop. A secret that was acceptable for a build job may become inappropriate for an agent that can chain actions across tools and services. The architectural issue is not the existence of automation, but the widening of access paths and the speed at which credentials can be exercised. That makes short-lived credentials, scoped access, and tight audit logs more important than simple central storage.
Practical implication: separate human-operated workflows from agent-executed workflows and restrict each to the minimum credential path it actually needs.
Why lifecycle controls matter more than repository scanning alone
Repository scanning catches one exposure channel, but the article shows secrets also leak from Slack, Jira, Confluence, CI runners, and cloud-specific services. That means lifecycle governance has to extend beyond code hygiene to onboarding, offboarding, rotation, and removal of stale credentials. A secret that remains valid after exposure is still an active identity problem. The architecture that matters is one where detection triggers automated containment, and containment is measured by whether the credential can still authenticate anywhere.
Practical implication: tie secret scanning to automated expiry, revocation, and access review so exposed credentials do not remain usable.
Threat narrative
Attacker objective: The attacker aims to turn exposed secrets into authenticated access that survives long enough to reach data, infrastructure, or downstream services.
- Entry occurs when secrets are introduced into source code, collaboration tools, or AI-assisted workflows and then copied into systems outside the intended control boundary.
- Escalation follows when exposed credentials retain standing privilege, letting attackers authenticate into cloud services, CI/CD pipelines, or backend systems without further compromise.
- Impact is achieved when those credentials are used to access data, pivot into connected services, or persist inside the environment after initial discovery.
Breaches seen in the wild
- Shai Hulud npm malware campaign — Shai Hulud campaign: npm malware exposed secrets on GitHub.
- Reviewdog GitHub Action supply chain attack — reviewdog/action-setup GitHub Action supply chain attack exposed secrets.
Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.
NHI Mgmt Group analysis
Secret sprawl is now an identity lifecycle failure, not just a storage problem. The article correctly shows that credentials move through code, collaboration tools, CI/CD, and AI workflows before they are ever protected or rotated. Once a secret has multiple replicas, the governance question becomes where its lifecycle is terminated, not where it was originally stored. Practitioners should treat every secret as a governed identity with creation, use, exposure, revocation, and retirement states.
AI-assisted development increases the number of credential touchpoints faster than most governance programmes can see. Developer productivity tools, LLM-assisted commits, and automated agents expand the places where secrets can be created or copied. That is a structural change in the control plane, because security teams can no longer assume secrets are only introduced by humans into code. The implication is that discovery must move closer to runtime and pipeline execution, where the credential is actually exercised.
Secret scanning without automated revocation leaves standing credential exposure intact. The article’s own evidence on lingering valid secrets shows why detection alone is insufficient. A leaked credential that still authenticates is a live identity, and every hour of persistence extends attacker dwell time. Practitioners should judge secret controls by how fast exposure is converted into unusable credentials, not by how many findings are generated.
Multi-cloud secrets governance is becoming a policy problem before it is a platform problem. Cloud-specific managers can be adequate inside one ecosystem, but they do not solve migration, shadow integrations, or third-party credential sprawl across heterogeneous estates. This is where cross-cloud controls, audit evidence, and lifecycle ownership matter most. Teams need a policy model that follows the secret across environments rather than assuming one vault can cover every identity path.
Secret sprawl creates an identity blast radius that extends beyond the application team that owns the secret. When credentials are embedded in pipelines, chat tools, or AI services, ownership becomes shared across engineering, security, and platform teams. That breaks the old assumption that the application owner alone can manage the risk. Practitioners should reframe secret governance as enterprise access management for machine identities, not as a narrow developer tooling decision.
From our research:
- 64% of valid secrets leaked in 2022 are still valid and exploitable today, according to Guide to the Secret Sprawl Challenge.
- 28.65 million new hardcoded secrets were detected in public GitHub commits in 2025 alone, a 34% year-over-year increase and the largest single-year jump ever recorded.
- For a deeper view of the breach patterns behind secret leakage, review 52 NHI Breaches Analysis for recurring identity and lifecycle failures.
What this signals
Secret sprawl will keep widening until teams govern credentials as identities with lifecycle states. The practical shift is from periodic vault reviews to continuous control over creation, replication, exposure, and revocation. As AI-assisted development increases the number of places a secret can surface, the governance model has to follow the credential across the delivery chain, not just inside the vault.
With 24,008 unique secrets exposed in MCP configuration files in 2025 alone, the control boundary now reaches into AI tooling. That means teams running agentic or LLM-adjacent workflows need to inspect configuration, prompt, and integration paths as part of secrets governance. If those files are treated as low-risk operational artefacts, the organisation is already behind the exposure curve.
The emerging concept here is identity blast radius. Once a secret is reused across cloud services, pipelines, and AI systems, one leak can create multiple valid entry points. That is why practitioners should align controls with OWASP Non-Human Identity Top 10 and tighten scoped access before the next sprawl event becomes an incident.
For practitioners
- Define secret lifecycle ownership Assign a named owner for creation, rotation, revocation, and retirement of every secret class, including API keys, tokens, and certificates. Require ownership mapping for human-managed pipelines, service accounts, and AI-enabled workflows so exposure can be acted on immediately.
- Pair scanning with automatic revocation Connect repository, chat, and ticketing scanners to revocation workflows so a confirmed leak triggers credential invalidation, not just an alert. Measure the time from detection to unusability for each credential type.
- Segment credentials by workload and toolchain Issue separate secrets for CI/CD runners, application services, and AI agent workflows so one compromise does not grant broad reuse. Limit each credential to the narrowest toolchain and environment it actually needs.
- Review secret exposure outside source control Add Slack, Jira, Confluence, build logs, and AI prompt histories to recurring secret hunting and remediation workflows. The article makes clear that repository-only scanning misses a large share of real exposure paths.
Key takeaways
- Secrets management now sits at the intersection of NHI governance, developer workflow, and AI-assisted automation.
- The scale problem is real: exposed secrets often remain valid, so discovery without revocation leaves an active attack path.
- Teams need lifecycle ownership, scoped credentials, and automated containment if they want to reduce secret sprawl instead of merely documenting it.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-01 | Secret sprawl and exposed credentials map directly to NHI credential risk. |
| NIST CSF 2.0 | PR.AC-1 | Access control and credential management are central to exposed secret handling. |
| NIST Zero Trust (SP 800-207) | PR.AC-4 | Zero Trust requires continuous verification rather than trusting long-lived secrets. |
Inventory all secrets, scope their use, and remove unmanaged credentials from the estate.
Key terms
- Secret Sprawl: Secret sprawl is the uncontrolled spread of credentials across code, chat tools, pipelines, logs, and cloud services. It turns a single secret into many copies that are hard to track, rotate, and revoke, which increases exposure and makes identity governance much more difficult.
- Standing Credential Exposure: Standing credential exposure is the condition where a leaked secret remains valid long after it has been copied or disclosed. In practice, this means the credential can still authenticate to systems, so the security problem persists until the value is revoked or expired.
- Identity Blast Radius: Identity blast radius is the amount of access an exposed credential can unlock across systems, services, and workflows. The larger the reuse of a secret, the broader the potential impact when it is leaked, stolen, or misused.
- Secret Lifecycle Governance: Secret lifecycle governance is the discipline of managing credentials from creation through use, rotation, revocation, and retirement. It treats each secret as a governed identity object, with clear ownership, scope, and removal obligations across the full environment.
What's in the full article
Infisical's full blog post covers the operational detail this post intentionally leaves for the source:
- Feature-by-feature comparisons of cross-cloud, cloud-specific, open-source, and in-house secrets management approaches
- Tool-specific operational trade-offs for Vault, OpenBao, Doppler, AWS Secrets Manager, GCP Secret Manager, and Azure Key Vault
- Implementation details on secret rotation, access workflows, and developer ergonomics across the listed tools
- Practical selection guidance for teams deciding between self-hosted control and managed convenience
Deepen your knowledge
NHI governance, agentic AI identity, and machine identity security are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are responsible for identity security strategy or NHI governance in your organisation, it is worth exploring.
Published by the NHIMG editorial team on 2026-05-05.
NHI Mgmt Group — the independent authority on Non-Human Identity, IAM, and Agentic AI security. nhimg.org