In this blog, we will explore Terraform secrets management best practices, ephemeral resources, and some examples of securely orchestrating AWS infrastructure with AWS Secrets Manager.
In this blog, we will explore Terraform secrets management best practices, ephemeral resources, and some examples of securely orchestrating AWS infrastructure with AWS Secrets Manager.
DevOpsDays Philadelphia 2025 showed how AI governance, secrets security, runtime traces, and ablative resilience work together to reduce operational risk.
This breach exposed 570GB of data from 28,000 repositories, affecting 800+ organizations. Crimson Collective leaked Customer Engagement Reports containing credentials, API keys, and infrastructure details from major enterprises.
GitHub is hardening npm publishing rules but the underlying lessons can be applied by all developers: WebAuthn for writes, OIDC, and short-lived least-privilege credentials.
Let's have a look at how to integrate NHI Governance with AWS IAM to get detailed security insights into your dashboard.
OWASP AppSecDays France 2025 explored supply chain trust, CI/CD as the new perimeter and passkeys, showing how shared guardrails make secure delivery possible.
Secure your secrets with GitGuardian's new one-click revocation. Instantly neutralize exposed secrets to close the attack window and automate your incident response.
Learn how to shift the conversation from "who’s to blame" to "who has context" in managing non-human identities across modern enterprise IT infrastructure.
Discover how to automatically detect secrets in GitLab CI logs using ggshield and GitGuardian's Bring Your Own Source initiative. Learn to set up real-time scanning to prevent credential leaks, enhance compliance, and secure your entire CI/CD pipeline from hidden risks.
On September 15, a new supply chain attack was identified that targeted the @ctrl/tinycolor and 150 other NPM packages. The attack scenario was similar to the one used in the s1ngularity and GhostActions campaigns. The threat actors combined a local environment secrets extraction
At DjangoCon US 2025, speakers emphasized seasoned tech over hype, featuring secure GitOps workflows, simpler frontend alternatives, and sustainable open-source models.
Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few years.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
