Skip to main content

CYBERSTATS

Security Intelligence

Back to Home

Secrets found in self‐hosted, private GitLab instances and Docker registries were 3 to 4 times more likely to be valid.

The State of Secrets Sprawl 2026
May 27, 2026
GitLabDockerSelf-HostedLeaked Secrets

Secrets found in self‐hosted, private GitLab instances and Docker registries were 3 to 4 times more likely to be valid. — This cybersecurity statistic was published by The State of Secrets Sprawl 2026 in May 2026. It covers topics including GitLab, Docker, Self-Hosted, Leaked Secrets. The original data appears in GitGuardian. For the full methodology and detailed findings, refer to the original report.

Source

View Original Report

Published on 3/17/2026

Share or Copy this stat

Frequently Asked Questions

What does this statistic say?

Secrets found in self‐hosted, private GitLab instances and Docker registries were 3 to 4 times more likely to be valid. This data was published by The State of Secrets Sprawl 2026 and covers GitLab, Docker, Self-Hosted, Leaked Secrets.

Where does this data come from?

This statistic comes from GitGuardian, published by The State of Secrets Sprawl 2026 on May 27, 2026. You can view the original report at https://www.gitguardian.com/state-of-secrets-sprawl-report-2026.

What cybersecurity topics does this cover?

This statistic relates to GitLab, Docker, Self-Hosted, Leaked Secrets. Browse more statistics on GitLab or from The State of Secrets Sprawl 2026.

Want More Statistics Like This?

Get the latest cybersecurity stats delivered to your inbox every week

Related Statistics

In 2025, 28.65 million new hardcoded secrets were found in new public GitHub commits, a 34% increase from the previous year.

The State of Secrets Sprawl 20265/27/2026
Hardcoded SecretsGitHub

Internal repos are 6x more likely to contain hardcoded secrets than public ones.

The State of Secrets Sprawl 20265/27/2026
Internal ReposLeaked Secrets

Leaks outside of the codebase are 13% more likely to be categorized as critical than secrets discovered inside the code.

The State of Secrets Sprawl 20265/27/2026
Leaked Secrets

28% of incidents originate entirely outside repositories—in Slack, Jira, Confluence, and similar tools.

The State of Secrets Sprawl 20265/27/2026
Leaked Secrets

Eight of the ten types of leaked secrets showing the sharpest increase year over year are tied to AI services.

The State of Secrets Sprawl 20265/27/2026
Leaked SecretsAI Services

LLM infrastructure (orchestration, retrieval augmented generation (RAG), vector storage) is leaking 5x faster than core model providers.

The State of Secrets Sprawl 20265/27/2026
LLM InfrastructureCode Model ProvidersLeaked Secrets

Browse by Topic

GitLabDockerSelf-HostedLeaked SecretsMore from The State of Secrets Sprawl 2026

Stay Ahead of Cyber Threats

Join 1,000+ security professionals getting weekly insights