GitHub icon LinkedIn icon YouTube icon Twitter icon
GitGuardian Blog - Automated Secrets Detection
  • Blog
  • Visit website
  • Contact sales
  • DevSecOps Glossary
BFM Business interview with GitGuardian founder Jeremy Thomas
News

BFM Business interview with GitGuardian founder Jeremy Thomas

GitGuardian CEO Jeremy Thomas, recently had the privilege of being interviewed by BFM Business on national French television about winning the FIC start-up of the year award and the exciting road that is ahead for GitGuardian.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 24 Feb 2021 • 6 min read
GitGuardian receives FIC cybersecurity start-up of the year award
News

GitGuardian receives FIC cybersecurity start-up of the year award

GitGuardian is proud to be the 2021 winner of the FIC (International Cybersecurity Forum) Cybersecurity Start-up of the Year Award.

  • Mackenzie Jackson
    Mackenzie Jackson
  • Carole Winqwist
    Carole Winqwist
Mackenzie Jackson, Carole Winqwist 12 Feb 2021 • 3 min read
Reviewing the 2021 United Nations data breach
News

Reviewing the 2021 United Nations data breach

The ethical hacking group Sakura Samurai recently gained access to private United Nations (UN) employee data and systems in a significant data breach.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 10 Feb 2021 • 4 min read
CISO live - Anne Hardy from Talend
Customer Stories

CISO live - Anne Hardy from Talend

Talend is a global leader in data integration and data integrity solutions and a pioneer in the open source world. Talend was the first company to market open source data

  • Carole Winqwist
    Carole Winqwist
Carole Winqwist 6 Feb 2021 • 3 min read
Rewriting your git history, removing files permanently - cheatsheet & guide

Rewriting your git history, removing files permanently - cheatsheet & guide

You know that adding secrets to your git repository (even a private one) is a bad idea, because doing so risks exposing confidential information to the world. But mistakes were

  • Don Goodman-Wilson
    Don Goodman-Wilson
Don Goodman-Wilson 29 Jan 2021 • 10 min read
Secrets in source code (episode 3/3): Building reliable secrets detection
secrets in source code

Secrets in source code (episode 3/3): Building reliable secrets detection

In our last two posts, we took a deep dive into how secrets sprawl and why secrets inside git are such a problem. Both of those articles brought up automated

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 18 Dec 2020 • 9 min read
The threat of leaked secrets in git repositories - A discussion between security experts
secrets detection

The threat of leaked secrets in git repositories - A discussion between security experts

Secrets including API tokens, passwords and credentials are the keys to the kingdom. Yet storing secrets inside git including GitHub & GitLab is a problem. Security experts discuss why this is & how to solve this.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 17 Nov 2020 • 10 min read
GitOps - an extension of DevOps for modern infrastructure management
GitOps

GitOps - an extension of DevOps for modern infrastructure management

GitOps is an evolution of infrastructure as code, a framework that can drastically improve deployment speed and developer efficiency. Here we run through exactly what GitOps is and how to practically implement it.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 29 Oct 2020 • 9 min read
Building internal secrets detection solutions: a case study about how SAP scans git repos for secrets
secrets detection

Building internal secrets detection solutions: a case study about how SAP scans git repos for secrets

This article looks at how SAP built an internal secrets scanning solution to detect API keys and other credentials hardcoded in git repos and revoke them.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 8 Oct 2020 • 10 min read
Secrets in source code (episode 2/3). Why secrets in git are such a problem
secrets in source code

Secrets in source code (episode 2/3). Why secrets in git are such a problem

Despite secrets like API keys, OAuth tokens, certificates and passwords being extremely sensitive, it is common for these to leak into git repositories through source code. This article looks at why this is true and how we can prevent it.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 4 Sep 2020 • 6 min read
Mitigate Growing Application Security Risks with Automated Secrets Detection
White Papers

Mitigate Growing Application Security Risks with Automated Secrets Detection

Credential theft is already a well-known adversary technique but the risk expands much wider when introducing secrets such as API keys. This article looks at automated secrets detection, the challenges, and potential solutions.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 28 Aug 2020 • 3 min read
Secrets in source code (episode 1/3) - Secret sprawl and the attack surface
secrets in source code

Secrets in source code (episode 1/3) - Secret sprawl and the attack surface

The first in a series of articles that will take a deep dive into secrets within source code: In this article, we will look at the concept of secret sprawl, the unwanted distribution of secrets through multiple systems, and how we can prevent it.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 24 Jul 2020 • 6 min read
DevSecOps Glossary

DevSecOps Glossary

A helpful glossary of common terms and definitions used in DevSecOps explained with amusing comics. We are constantly adding comics and terms so if you have an idea, please be

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 10 Jul 2020 • 4 min read
How to scan local files for secrets in python using the GitGuardian API

How to scan local files for secrets in python using the GitGuardian API

How to scan local files for secrets like API keys and security certificates in python using the GitGuardian API.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 29 Jun 2020 • 9 min read
Best practices for managing and storing secrets including API keys and other credentials [2020]
cheat sheets

Best practices for managing and storing secrets including API keys and other credentials [2020]

Storing and managing secrets like API keys and other credentials can be challenging, even the most careful policies can sometimes be circumvented in exchange for convenience. We have compiled a

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 12 Jun 2020 • 8 min read
GitHub security: what does it take to protect your company from credentials leaking on GitHub?
GitHub Security

GitHub security: what does it take to protect your company from credentials leaking on GitHub?

An in depth guide intended for CISOs, application security and other security professionals who want to protect their organizations from credentials leaked on GitHub.

  • Jérémy Thomas
    Jérémy Thomas
Jérémy Thomas 20 May 2020 • 8 min read
8 free security tools every developer should know and use to Shift Left
Cyber Security Tools

8 free security tools every developer should know and use to Shift Left

A list of 8 free must use security tools every developer should know about to help them secure their code and Shift Left.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 15 May 2020 • 7 min read
Assessing model performance in secrets detection: accuracy, precision & recall explained
secrets detection

Assessing model performance in secrets detection: accuracy, precision & recall explained

Why precision and recall are such important metrics to consider when evaluating the performance of classification algorithms such as secrets detection.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 6 May 2020 • 5 min read
Git hooks - pre-commit, post-commit, post-receive and more.  Automated secrets detection in your software development lifecycle
GitHub Security

Git hooks - pre-commit, post-commit, post-receive and more. Automated secrets detection in your software development lifecycle

Develop fast, and secure things! Git hooks are extremely useful in the journey to replace as much of the human factor in the process of secure development as possible. In

  • Jérémy Thomas
    Jérémy Thomas
Jérémy Thomas 16 Apr 2020 • 5 min read
8 steps to keep remote development teams secure

8 steps to keep remote development teams secure

There is no doubt that the world's workforce is becoming more remote, particularly in tech as developers can now work from any location in the world. But there are a

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 7 Apr 2020 • 5 min read
Exposing secrets on GitHub: What to do after leaking credentials and API keys

Exposing secrets on GitHub: What to do after leaking credentials and API keys

If you have discovered that you have just exposed a sensitive file or secrets to a public git repository, there are some very important steps to follow.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 24 Mar 2020 • 6 min read
Product launch: automated secrets detection for your internal repositories, now widely available!
News

Product launch: automated secrets detection for your internal repositories, now widely available!

February 2020: despite being widely considered to be a very bad practice, secrets stored in internal Version Control Systems is the current state of the world. But why is that?

  • Jérémy Thomas
    Jérémy Thomas
Jérémy Thomas 19 Feb 2020 • 4 min read
GitGuardian CEO Jérémy Thomas talks with FrenchWeb about recent capital raise and automating secrets detection for Threat Intelligence and Data Loss Prevention

GitGuardian CEO Jérémy Thomas talks with FrenchWeb about recent capital raise and automating secrets detection for Threat Intelligence and Data Loss Prevention

GitGuardian, the French company specialized in cybersecurity, raised 12 million dollars with Balderton Capital. The company’s CEO, Jérémy Thomas, is with FrenchWeb to tell us more.

  • Mackenzie Jackson
    Mackenzie Jackson
Mackenzie Jackson 1 Feb 2020 • 6 min read
GitGuardian raises $12million!
News

GitGuardian raises $12million!

December 4, 2019: our Press Release!

  • Jérémy Thomas
    Jérémy Thomas
Jérémy Thomas 4 Dec 2019 • 5 min read
18 months scanning GitHub for sensitive data
Founders

18 months scanning GitHub for sensitive data

November 2018: Here is what we've learned, achieved, and what's coming next.

  • Jérémy Thomas
    Jérémy Thomas
Jérémy Thomas 8 Nov 2018 • 3 min read
GitGuardian Blog - Automated Secrets Detection
  • Blog
  • Visit website
  • Contact sales
  • DevSecOps Glossary
GitHub icon
  • Products
    Monitor public GitHubMonitor internal reposPricing
  • RESOURCES
    Learning Center White paper Wall of Fame Open Source API DocumentationBlog
  • Company
    Contact us Careers Legal terms