Tutorials
Managing AWS IAM with Terraform - Part 1
Get started with IAM by using Terraform to create users, groups, and policies.
MOST POPULAR
all tags
other
Managing AWS IAM with Terraform - Part 1
Get started with IAM by using Terraform to create users, groups, and policies.
Joining the GitGuardian Talent Acquisition Team
Curious about how technology is transforming our world? So is Alexandre, who told us about the path that led him to join one of the most interesting French scale-up.
Q2 Product Roundup – Making secrets detection programs a reality for the enterprise
Learn more about the challenges awaiting organizations of thousands of developers when deploying secrets detection and how we're addressing them with our latest feature releases.
Life is Too Short to Review Spaces
Sofien, one of GitGuardian's Tech Leads, describes how pre-commit hooks are used to save time and also secure commits company-wide.
![ggshield, the GitGuardian CLI [Security Zines]](/content/images/size/w600/2022/06/202206-blog-securityzines-final.jpg)
ggshield, the GitGuardian CLI [Security Zines]
In his latest stroke of genius, Rohit shows us how gghsield fits into the development cycle to shield your code from leaking secrets.
Developer experience is security, our answer.
Developer experience or DX is a security issue. Find out how we're solving it at GitGuardian with ggshield, the secrets detection CLI built for developers.
AWS IAM Security Best Practices
Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.
Forrester Research: The State of Application Security 2022
The State of Application Security 2022 from Forrester is out and we’re happy to provide our readers with a copy, courtesy of GitGuardian.
Key Highlights From the New NIST SSDF
In this article, we’ll be going over the 1.1 revision of The Secure Software Development Framework that was published earlier this year.
4 Reasons MSPs Should Monitor Their GitHub Footprint
In recent years, resorting to MSPs has become very popular for companies wanting to accelerate the digitization of their businesses. With this surge in popularity, MSPs now face the question: how to ensure we can meet our cybersecurity responsibilities?
Security Chats - Jon-Erik Schneiderhan, Senior SRE at a tech company
As Senior SRE, Jon-Erik was aware that many secrets could be hidden in the repositories he supervises, and new ones leaked every day. He told Peerspot how and why he chose GitGuardian and the improvements his team received.
A Brief History of the DMCA
Learn more about the DMCA law and how it applies to digital artifacts like source code.
Securing your SDLC (Software Development Life Cycle)
In this post, we are going to break down the SDLC and look at how we can add security at each stage with helpful resources.
Security Chats - What Developers Say About Us
With more than 170k GitHub users and 4.3M (!) repositories under our shield, GitGuardian is proud to help the developers’ community code safer. Here is what you’ve been telling us lately.
![GitHub Actions Security Best Practices [cheat sheet included]](/content/images/size/w600/2022/05/22W18-blog-GitHubActionsSecurityCheatSheet.png)
GitHub Actions Security Best Practices [cheat sheet included]
GitHub Actions is an increasingly popular CI/CD platform. They offer powerful and easy-to-access features to build automation right into any GitHub repository. However, they also require special attention to avoid any compromise. Here are the best practices to secure them.
GitGuardian’s New Nest
GitGuardian is moving! We are happy to share with you some pictures of our great new offices in Paris city center.
Automate security testing in your CI pipelines with GitGuardian and CircleCI
GitGuardian is now a verified CircleCI technological partner. Use the ggshield orb to run automated secrets detection and remediation in your CircleCI workflows.
Detector of The Month – Stripe webhook secret, April 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.
How To Setup Your Jenkins Pipeline with GitGuardian in Kubernetes
In this tutorial, we will show how to integrate GitGuardian Shield to run on one of the most famous CI tools: Jenkins (with a cool bonus!).
How Hackers Used Stolen GitHub Tokens to Access Private Source Code
Attackers have used stolen OAuth tokens issued to Travis CI and Heroku to gain access to private git repositories on GitHub. Here we take a look at exactly what happened, why it's significant, and how to mitigate the issue.
Carrying Ambition Through Passion
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.
Investigating, prioritizing, and remediating thousands of hardcoded secrets incidents
This article aims at providing application security teams with a guide to effectively prioritize, investigate and remediate hardcoded secrets incidents at scale.
![Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]](/content/images/size/w600/2022/04/22W15-blog-SecurityZines-Compromising_CICD_pipelinesnal.jpg)
Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]
He struck again! New Security Zine, this time focusing on how leaked Jenkins credentials can lead to a complete supply chain takeover...
9 Extraordinary Terraform Best Practices That Will Change Your Infra World
This "best practices" article aims to tell you something you haven't read a hundred times. This article won't give you the answer to everything because there isn't one right answer that fits all. It aims to make you think about your unique situation and make the best decisions in accordance.
Securing Containers with Seccomp: Part 2
This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.
