Estimated reading time: 7 minutes
For a decade, the secret-sprawl problem lived in source code. The supply-chain campaigns of the past year moved it onto the laptop. That shift should reach the underwriting questionnaire. A run of incidents over the past twelve months has followed one pattern. Attackers land on a developer or build-server endpoint, harvest valid credentials sitting in plaintext, and ride those credentials into production systems, cloud control planes, and SaaS apps.
The endpoint is back at the center of the breach story. The threat model is the part that moved.
Ken Buckler, Information Security Research Director at Enterprise Management Associates, frames why the existing control stack misses it. “EDR focuses on malicious processes, identity programs only see secrets after they’re used,” Buckler said. The endpoint becomes the gap.
GitGuardian moved on that shift today. The firm launched Developer Endpoint Protection, extending its secrets detection and non-human-identity coverage to developer and privileged workstations. The tool maps each credential found on a machine back to the production systems it unlocks, and inventories the AI agents and connectors that increasingly generate those secrets. The numbers below come from GitGuardian’s own research. The underwriting questions they raise stand on their own.
Developer Endpoints Belong on the Questionnaire
Treat developer laptops and privileged workstations as credential stores, because that is what they are.
According to GitGuardian’s analysis, the average developer laptop carries roughly 150 secrets at any moment, with some machines holding thousands. Private keys make up about 38% of them. Identity and cloud-provider credentials add another 22%. More than half of the secrets on a typical developer endpoint are high-privilege, production-grade keys.
Soujanya Ain, a Senior Product Marketing Manager at GitGuardian, says the traditional stack was built for a different problem. EDR catches malicious processes. MFA blocks unauthorized logins. PAM governs human sessions. “None of them are built to find a plaintext API key sitting in ~/.zsh_history or an AWS token cached in a coding agent’s log file,” Ain said.
Her prescription for underwriters is concrete. Inventory credentials at rest on developer and privileged endpoints. Define a scan cadence and the file surfaces it covers. Produce a point-in-time credential map for any machine. These sit alongside EDR, MFA, and PAM, not in place of them.
How Credential Sprawl Changes Claims
A modern supply-chain incident rarely fails at one control. “The credential is the connective tissue between every layer,” Ain said.
She points to the Shai-Hulud campaign. Of the compromised machines GitGuardian reviewed, 44% held more than ten credentials. Most were build-pipeline runners, not personal laptops. Each opened a path into multiple downstream systems without further compromise.
For claims review, a single incident now touches four control categories at once: endpoint visibility, identity governance, secrets management, and software supply chain. Insurers should expect evidence across all four. The forensic record depends on knowing which credentials lived where, what they unlocked, and when each rotated.
Firms without that inventory will struggle to bound the loss. The result is longer business-interruption windows, broader notification duties, and higher remediation costs. This is the same questionnaire-versus-reality gap that pushed underwriting beyond self-reported applications in the first place.
AI Coding Agents Are a New Exposure Class
Ain flags a credential pattern that is newer than most questionnaires. AI coding agents and their connector servers “represent a credential exposure pattern that did not exist eighteen months ago,” she said.
Coding agents log their environment, including tokens, to local cache files. A single integration handshake can write a credential into a log directory that no developer will read. The connector servers these agents use often store their own credentials in plaintext config files. Every new integration widens the surface.
GitGuardian’s analysis puts roughly 40% of secrets found on developer machines in these AI directories, agent caches, and log files. Standard secret scanners were never built to inspect those surfaces. Ain expects that share to climb as adoption grows.
Most enterprises hold no central inventory of which AI tools run on which machines. Ain suggests underwriters start asking now, both to price the exposure and to push the policyholder base toward better controls. She puts the window for this to become standard at twelve to eighteen months.
Coverage May Soon Require Shorter-Lived Credentials
“Detection alone is no longer sufficient as a risk control,” Ain said. The defensible posture assumes credentials will leak and shrinks the window in which a leaked one stays useful.
The persistence data is the alarming part. GitGuardian reports that about 64% of the credentials it confirmed valid in 2022 still worked when retested in 2026. A credential leaked years ago is, statistically, likely still live against production today. A breach timeline that surfaces an old credential can still produce an active loss.
Ain expects insurers to begin asking for short-lived credentials, documented rotation, and a measurable time-to-revoke. Organizations that revoke in hours carry a different risk profile than those measuring it in weeks. She also points to vault-coverage metrics and a maintained inventory of non-human identities, their owners, and their last rotation.
The lever is familiar. Insurers drove MFA and EDR adoption through coverage conditions. Ain’s argument is that the same pressure on the credential lifecycle would compress an attack surface that has grown for a decade.
“What Was on This Machine on This Date”
The sharpest question Ain offers is also the simplest. The underwriting test, she said, is whether an applicant “can produce, on demand, the credential inventory for any machine in their developer or privileged workstation fleet, as of any specific date.”
A firm that can answer yes recovers faster and scopes incidents more precisely. A firm that cannot defaults to maximum exposure during a claim.
The cascade runs through every phase. Without an inventory, responders cannot prioritize revocation, so the breach window widens. Loss estimates balloon because a machine with an unknown credential count grants access to whatever the attacker finds during dwell time. Forensic defensibility collapses, because reviewers cannot bound what was reachable. Notification duties under HIPAA, GDPR, and similar regimes become guesswork.
Ain’s case is that continuous credential inventory should rank alongside log retention and asset inventory as a core control. It is not yet standard. The firms that have adopted it, she says, are demonstrably easier to insure: faster incident closure, tighter loss estimates, better claims outcomes.
That distinction belongs in pricing, in coverage conditions, and in claims expectations. The endpoint moved to the center of the breach story. Underwriting has not caught up yet.
FAQ – Cyber Insurance Underwriting
Why should underwriters treat developer laptops as credential stores?
GitGuardian’s analysis puts about 150 secrets on the average developer laptop, more than half of them high-privilege production keys. Recent supply-chain attacks harvest those credentials at rest, so the endpoint is now a primary attack surface that EDR, MFA, and PAM do not fully cover.
How does credential sprawl change a cyber claim?
A single supply-chain incident can touch endpoint security, identity governance, secrets management, and software supply chain at once. Without a pre-incident inventory of which credentials lived where, a firm cannot bound the loss, which lengthens business interruption and widens notification duties.
Are AI coding agents a new underwriting concern?
Yes. Coding agents and their connector servers cache credentials in log files and config files that standard scanners miss. GitGuardian puts roughly 40% of secrets on developer machines in these AI-generated surfaces, a share it expects to grow.
Why are insurers likely to require shorter-lived credentials?
GitGuardian reports about 64% of credentials valid in 2022 still worked in 2026. Long-lived credentials stay exploitable for years. Short-lived tokens, documented rotation, and a fast time-to-revoke shrink that window, the same way MFA conditions once shrank password risk.
What is the single strongest credential-governance question?
Can the applicant produce, on demand, the credential inventory for any machine in its developer or privileged fleet, as of any specific date? A firm that can is operating at a materially higher level of governance than one that cannot.
What is a non-human identity in this context?
A non-human identity is a machine credential, such as an API key, token, or service account, that software uses to authenticate instead of a person. These cannot use MFA and often carry standing, over-privileged access, which makes their inventory and rotation an underwriting concern.
Related Cyber Insurance Posts
- Law Firm Cybersecurity: One Question Underwriters Should Ask First
- 70% of Leaked Secrets Remain Active for Years – GitGuardian Report Exposes Secrets Sprawl Cybersecurity Risk(Opens in a new browser tab)
- Artificial Intelligence Report: Only 44% Ready to Support Secure AI, Delinea Finds(Opens in a new browser tab)
- Your Password Is Now The Perimeter – Sophos Finds 71% Of Firms Hit By Identity Attacks(Opens in a new browser tab)
- AI Risk Grows As Firms Sacrifice Identity Security For Speed(Opens in a new browser tab)