TAG · Security

Security

4 FILES TAG · SECURITY

Publishes May 1 KPM Launch

When a credential leaks, you know everything in 30 seconds

GitHub emails you at 2am about a leaked token. Old world: rotate everything, file a ticket, investigation takes a week. New world: one command, 30 seconds, ticket closed.

kpmsecretsforensicssecurity

Publishes Apr 27 KPM Launch

AI coding agents make the secrets problem worse. Here's the fix.

When your AI coding agent runs, it should see the Anthropic key and the project context — not your production database password. Unless you explicitly said so.

kpmsecretsai-agentssecurity

2026 · 04 · 22 7 min readKPM Launch

Your .env files are a liability — even when they never leave your machine

Your .env never touched git. The password leaked anyway. Nine separate places, depending on which tools you used that afternoon. Here's the better model.

kpmsecretssecurityenvironment-variables

2026 · 04 · 21 7 min readKPM Launch

I had 47 places I stored secrets. Then I built this.

A few weeks ago I went hunting for an API key. I found my secrets in 47 places. Here's what I built to fix that.

kpmsecretssecuritydeveloper-tools