Customer Stories CISO Live - Yury Koldobanov from Mirantis Mirantis helps organizations ship code faster on public and private clouds. Director of IT Yury Koldobanov at Mirantis explains how GitGuardian has helps them keep their code secure.
DevSecOps Initial Access Techniques - MITRE ATT&CK This article discusses the 9 initial access techniques as outlined in the MITRE ATT&CK framework and provides examples of how attackers have used these techniques as well as preventative measures that can be put in place.
Guardians The journey to becoming a backend engineer at GitGuardian Samuel is a backend engineer working on expanding PII detection within GitGuardian's secrets team. Samuel studied software engineering at EISTI in Paris specializing in cybersecurity and shared with us the journey he took to work at GitGuardian.
Best practices Talking about Data Security — an Introduction to AWS KMS and HashiCorp Vault While Vault and KMS share some similarities, for example, they both support encryption, but in general, KMS is more on the app data encryption / infra encryption side, and Vault is more on the secrets management / identity-based access side.
Conferences Highlights from the 2021 RSA conference - The modern day bank heists The modern day bank heists illustrates high-level concepts around security and promotes a change in how we think about security, build defense systems and react to active threats.
Conferences Highlights from the 2021 RSA conference - Attack and defend a unique approach to exploiting credentials Software has seen a radical shift away from stand alone applications and one that embraces the ability to include a distributed architecture of external services. Some of these risks were
Product News Making developers part of security with GitGuardian’s new Dev in the loop feature GitGuardians “Dev in the loop” is another step towards bringing this into reality with a practical feature that improves the workflow of remediating a secret incident between developers and security teams.
DevSecOps An Introduction to DevSecOps - Tackling Security with DevOps & Why It Accelerates Your SDLC This article introduces DevSecOps, making security part of the entire software development process. It outlines why having a DevSecops approach not only makes the software more secure but also why it can speed up the development process.
DevSecOps Shift Left - Moving security to the development phase - the case of secrets detection in code repositories With the expansion of the DevOps and DevSecOps models, the concept of “shift left” in the context of the development lifecycle has become quite popular. This article looks at practical ways organizations implement a Shift Left approach to development.
DevSecOps A Comprehensive Application Security Program - What it should include Application security, known as AppSec, has become an extremely important part of the security program. This article looks at what makes a mature and comprehensive AppSec program.
Product News GitGuardian Internal Monitoring - New and improved integrations with your favorite CI/CD and SIEM tools GitGuardian is releasing exciting new integrations for your favourite CI/CD and SIEM tools to help integrate GitGuardian into your SDLC seamlessly.
Guardians GitGuardian onboarding experience. Feedback from an Account Executive! To give you some insights on how onboarding is done at GitGuardian we have asked one of our Account Executive, Alexis, to share his experience.
Best practices How to safely open-source internal software - Some best practices On this post we’ll be focusing on a few essentials that should be done before making your project open-source.
Guardians Working as a backend developer at GitGuardian João is a data and software engineer who works as part of the internal monitoring product team at GitGuardian. João also leads GitGuardian’s API development and GitGuardian’s open-source
Breach explained Analyzing how hackers breached the Indian government - play by play The Indian government was breached in a significant attack launched by a white hat hacking group Sakura Samurai leading to a 34 page vulnerability report. Today we will analyze the attack play by play.
Product News GitGuardian Secrets Detection Q1 2021 Update Sometimes the GitGuardian secrets detection engine can seem like a mysterious black box, but in reality, it is a huge collection of independent detectors that are being constantly maintained by
Secrets detection Implementing a detector at GitGuardian : a use case with MongoDB credentials This article explains how our research team develops and refines detectors. To illustrate this article, we will take the case of MongoDB credentials.
Guardians Working in data science at GitGuardian GitGuardian has always been a developer-first company since its conception. Today GitGuardian has a large team of engineers with a wide range of skills and stories. This article is about one developer at GitGuardian and why he wanted to work on solving the issue of Secrets Sprawl.
Best practices File types that most commonly contain sensitive information As outlined in the State of Secrets Sprawl report, 5 million credentials and other secrets get leaked on Github every year. This is an in-depth look into what file extensions most commonly contain secrets.
Product News Native Bitbucket Integration with GitGuardian Since the conception of GitGuardian, we have been working to help developers keep source code secure. This started with scanning public repositories on GitHub and our offering has been growing
Secrets detection State of Secrets Sprawl on GitHub - 2021 GitGuardian has been scanning every single public commit made on GitHub for secrets since 2017, now we are releasing our findings in the most comprehensive study on secrets sprawl ever conducted.
Company News BFM Business interview with GitGuardian founder Jeremy Thomas GitGuardian CEO Jeremy Thomas, recently had the privilege of being interviewed by BFM Business on national French television about winning the FIC start-up of the year award and the exciting road that is ahead for GitGuardian.
Company News GitGuardian receives FIC cybersecurity start-up of the year award GitGuardian is proud to be the 2021 winner of the FIC (International Cybersecurity Forum) Cybersecurity Start-up of the Year Award.
Breach explained Reviewing the 2021 United Nations data breach The ethical hacking group Sakura Samurai recently gained access to private United Nations (UN) employee data and systems in a significant data breach.
Customer Stories CISO live - Anne Hardy from Talend Talend is a global leader in data integration and data integrity solutions and a pioneer in the open source world. Talend was the first company to market open source data
