Taxonomy
Every credential that grants access to a system, dataset, or service is a secret that needs to be managed.
Authentication tokens for third-party services, cloud providers, and internal APIs. Often the most commonly leaked secret type.
Usernames, passwords, and connection strings for databases. Compromise means direct access to your data.
Private keys and certificates for encrypted communications. Expired or stolen certs can enable man-in-the-middle attacks.
Key pairs for server access and Git operations. Unmanaged SSH keys are a common vector for lateral movement.
Symmetric and asymmetric keys used for data encryption at rest and in transit. Loss means data is unrecoverable; theft means data is exposed.
OAuth tokens, JWTs, and service credentials used for machine-to-machine authentication in automated workflows.