Credential Leakage

A Wiz report reveals widespread security vulnerabilities within leading AI companies due to rapid innovation outpacing security measures. Analyzing the top 50 AI firms, 65% had exposed secrets like API keys on GitHub, granting unauthorized access to sensitive systems and models. The report advocates for a “Depth, Perimeter, and Coverage” scanning approach to uncover hidden risks and improve AI supply chain security. It also urges companies to treat employees as part of the attack surface and prioritize proactive secret scanning to mitigate potential data breaches and IP theft.