all tags
Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.

Managing AWS IAM with Terraform - Part 2

Managing AWS IAM with Terraform - Part 2

In this second part, you will learn how to centralize IAM for multiple AWS accounts, create and use EC2 instance profiles, and implement just-in-time access with Vault.

The Tao of Software Engineering

The Tao of Software Engineering

This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering

Canary Tokens [Security Zines]

Canary Tokens [Security Zines]

Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!

Love, Death & Triggers

Love, Death & Triggers

Philippe explains how the GitGuardian engineering team cleverly leveraged Postgres triggers to achieve better performance. Until cons outweighed pros.

How to make security policies a team effort

How to make security policies a team effort

Mark Bichon from Bearer, the SAST solution for mapping sensitive data flows, shares some essential tips to create security policies that don't feel like a development slowdown.

Life is Too Short to Review Spaces

Life is Too Short to Review Spaces

Sofien, one of GitGuardian's Tech Leads, describes how pre-commit hooks are used to save time and also secure commits company-wide.

AWS IAM Security Best Practices

AWS IAM Security Best Practices

Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.

arrow-down