Have you heard about SOPS? If you have already been in a situation where you needed to share sensitive information with your teammates, this is for you.
Have you heard about SOPS? If you have already been in a situation where you needed to share sensitive information with your teammates, this is for you.
On Thursday, September 15th, Uber confirmed reports of an organization-wide cybersecurity breach. This is an evolving situation, but we will bring you here the latest information and commentary as we get it.
The figures are clear: stolen credentials remain the most common cause of a data breach. So how come there are still thousands of secrets hiding in source code and, more importantly, how do we deal with them?
DevSecOps expert and GitHub Star Sonya Moisset shared with us her tips to improve your open-source repository's security in a few simple steps.
On the occasion of the launch of the GitGuardian Labs innovation platform, we had the pleasure to discuss this initiative with Eric Fourrier, GitGuardian's CTO & co-founder.
The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.
Missed out on Black Hat 2022 briefings or got stuck in the business hall? We have you covered.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Second case: an AWS secret is found in a private repository.
In this second part, you will learn how to centralize IAM for multiple AWS accounts, create and use EC2 instance profiles, and implement just-in-time access with Vault.
This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering
![Canary Tokens [Security Zines]](/content/images/size/w600/2022/08/blog-SecurityZines-CanaryTokens.jpg)
Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!
Gartner has acknowledged GitGuardian as a Sample Vendor in two reports this summer, the Gartner Hype Cycle™ for Application Security 2022 and the Gartner Hype Cycle™ for Agile and DevOps 2022.
We are happy to announce the release of our latest open-source project, ggcanary, the GitGuardian Canary Tokens, to help organizations detect intrusion in their developer and DevOps environments.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. First case: an RSA private key is found in a Docker image.
As announced in January when we became SOC 2 Type I compliant, we worked to complete the process and get the SOC 2 Type II compliance. This is now effective!
Philippe explains how the GitGuardian engineering team cleverly leveraged Postgres triggers to achieve better performance. Until cons outweighed pros.
Mark Bichon from Bearer, the SAST solution for mapping sensitive data flows, shares some essential tips to create security policies that don't feel like a development slowdown.
This article describes the approach followed by one of GitGuardian's enterprise customers to implement a secrets detection program and stop poor secrets management practices at the source.
Get started with IAM by using Terraform to create users, groups, and policies.
Curious about how technology is transforming our world? So is Alexandre, who told us about the path that led him to join one of the most interesting French scale-up.
Learn more about the challenges awaiting organizations of thousands of developers when deploying secrets detection and how we're addressing them with our latest feature releases.
Sofien, one of GitGuardian's Tech Leads, describes how pre-commit hooks are used to save time and also secure commits company-wide.
![ggshield, the GitGuardian CLI [Security Zines]](/content/images/size/w600/2022/06/202206-blog-securityzines-final.jpg)
In his latest stroke of genius, Rohit shows us how gghsield fits into the development cycle to shield your code from leaking secrets.
Developer experience or DX is a security issue. Find out how we're solving it at GitGuardian with ggshield, the secrets detection CLI built for developers.
Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
