all tags
What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary

What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary

The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents.

Detection Engineering: A Case Study

Detection Engineering: A Case Study

In this blog post, we will explore the intricate world of detection engineering. We’ll start by examining the inputs and outputs of detection engineering, and then we’ll illustrate the detection engineering lifecycle.

How to Handle Secrets in Configuration Management Tools

How to Handle Secrets in Configuration Management Tools

Configuration management tools like Ansible, Chef, and Puppet offer various methods for handling secrets, each with inherent trade-offs. The article explores these approaches alongside modern OIDC-based solutions that enable short-lived authentication tokens for automated processes.

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data

On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Struggling with fragmented secrets management and inconsistent vault practices? GitGuardian new multi-vault integrations provide organizations with centralized secrets visibility, reduce blind spots, enforce vault usage and fight against vault sprawl.

How to Handle Secrets in CI/CD Pipelines

How to Handle Secrets in CI/CD Pipelines

Securely managing secrets within the CI/CD environment is super important. Mishandling secrets can expose sensitive information, potentially leading to unauthorized access, data breaches, and compromised systems.

Start your journey to secrets-free source code

And keep your secrets out of sight

arrow-down