How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Second case: an AWS secret is found in a private repository.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Second case: an AWS secret is found in a private repository.
In this second part, you will learn how to centralize IAM for multiple AWS accounts, create and use EC2 instance profiles, and implement just-in-time access with Vault.
This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering
![Canary Tokens [Security Zines]](/content/images/size/w600/2022/08/blog-SecurityZines-CanaryTokens.jpg)
Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!
Gartner has acknowledged GitGuardian as a Sample Vendor in two reports this summer, the Gartner Hype Cycle™ for Application Security 2022 and the Gartner Hype Cycle™ for Agile and DevOps 2022.
We are happy to announce the release of our latest open-source project, ggcanary, the GitGuardian Canary Tokens, to help organizations detect intrusion in their developer and DevOps environments.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. First case: an RSA private key is found in a Docker image.
As announced in January when we became SOC 2 Type I compliant, we worked to complete the process and get the SOC 2 Type II compliance. This is now effective!
Philippe explains how the GitGuardian engineering team cleverly leveraged Postgres triggers to achieve better performance. Until cons outweighed pros.
Mark Bichon from Bearer, the SAST solution for mapping sensitive data flows, shares some essential tips to create security policies that don't feel like a development slowdown.
This article describes the approach followed by one of GitGuardian's enterprise customers to implement a secrets detection program and stop poor secrets management practices at the source.
Get started with IAM by using Terraform to create users, groups, and policies.
Curious about how technology is transforming our world? So is Alexandre, who told us about the path that led him to join one of the most interesting French scale-up.
Learn more about the challenges awaiting organizations of thousands of developers when deploying secrets detection and how we're addressing them with our latest feature releases.
Sofien, one of GitGuardian's Tech Leads, describes how pre-commit hooks are used to save time and also secure commits company-wide.
![ggshield, the GitGuardian CLI [Security Zines]](/content/images/size/w600/2022/06/202206-blog-securityzines-final.jpg)
In his latest stroke of genius, Rohit shows us how gghsield fits into the development cycle to shield your code from leaking secrets.
Developer experience or DX is a security issue. Find out how we're solving it at GitGuardian with ggshield, the secrets detection CLI built for developers.
Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.
The State of Application Security 2022 from Forrester is out and we’re happy to provide our readers with a copy, courtesy of GitGuardian.
In this article, we’ll be going over the 1.1 revision of The Secure Software Development Framework that was published earlier this year.
In recent years, resorting to MSPs has become very popular for companies wanting to accelerate the digitization of their businesses. With this surge in popularity, MSPs now face the question: how to ensure we can meet our cybersecurity responsibilities?
As Senior SRE, Jon-Erik was aware that many secrets could be hidden in the repositories he supervises, and new ones leaked every day. He told Peerspot how and why he chose GitGuardian and the improvements his team received.
Learn more about the DMCA law and how it applies to digital artifacts like source code.
In this post, we are going to break down the SDLC and look at how we can add security at each stage with helpful resources.
With more than 170k GitHub users and 4.3M (!) repositories under our shield, GitGuardian is proud to help the developers’ community code safer. Here is what you’ve been telling us lately.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
