DevSecOps
Balancing Security and Velocity in Modern Software Development
Developers don’t want to become experts at security, and slowing down for anything is a tough proposition. Security isn’t a problem that will just go away, though.
MOST POPULAR
all tags
other
Balancing Security and Velocity in Modern Software Development
Developers don’t want to become experts at security, and slowing down for anything is a tough proposition. Security isn’t a problem that will just go away, though.
The Challenges of Identity Lifecycle Management for NHIs
Identity lifecycle management is one of the most underestimated security risks in many organizations. You may have structured IAM processes that handle the lifecycle of human identities, but what about your non-human identities (NHIs)?
Wild West Hackin' Fest @ Mile High 2025: Building a Stronger Security Community Together
The Denver edition of WWHF showcased security insights, from red teaming to DevSecOps. Learn key lessons on collaboration, Git security, and AWS policies
Non-Human Identity Security in the Age of AI
The rise of AI in enterprises has expanded the attack surface. Learn how GitGuardian can help you secure non-human identities and prevent unauthorized access.
The Critical Role of CISOs in Managing IAM - Including Non-Human Identities
NHIs outnumber human users in enterprises, yet many IAM strategies ignore them. Learn why CISOs must own NHI governance to prevent security breaches.
Security First, Transparency Always: Inside GitGuardian’s Responsible Disclosure Process
In the past 6 months, our security research team disclosed 24 critical vulnerabilities. Most have been successfully remediated. Our team's contributions to cybersecurity have been formally recognized, with our researchers being listed in both Bayer's and Oracle's Security Researcher Hall of Fame.
The Secret to Your Artifactory: Inside The Attacker Kill-Chain
Artifactory token leaks are not the most common, but they pose significant risks, exposing sensitive assets and enabling supply chain attacks. This article explores the dangers of leaked tokens and proposes mitigation strategies, including token scoping and implementing least privilege policies.
Comparing Secrets Detection Solutions? Here’s Why You Should Use the F1 Score
Learn how the F1 score helps you choose the right tool to strengthen your security posture.
How GitGuardian Helps With PCI DSS 4.0's Password Requirements
If you need to reach PCI DSS 4.0 compliance, GitGuardian has solutions that can help.
Authentication and Authorization Best Practices
Not only API authentication and authorization are the crucial aspects of API security when crafting secure software, but they also impact scalability and user experience.
CodeMash 2025: A Community Conversation About NHI And Secrets Security
Discover insights learned from CodeMash 2025 community on NHI governance, secrets security, and addressing vault sprawl challenges in enterprise environments.
Protecting the Backbone of Modern Development: Scanning Secrets in Container Registries
Secrets buried in container registries pose a silent risk. Learn about their hidden vulnerabilities and what steps you can take to safeguard your infrastructure.
