Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their critical blind spots.
![Software Composition Analysis [Security Zines]](/content/images/size/w600/2024/05/SOPS-Security-Zine--1-.png)
For those feeling code-conscious about shady dependencies lurking in their apps, Software Composition Analysis is the software security wellness check you need!
![Docker Security Best Practices [cheat sheet included]](/content/images/size/w600/2021/07/21W30-Blog-Docker-Security-Cheatsheet-Final.jpg)
Discover essential Docker Security Best Practices for DevOps engineers and security professionals. Cheat sheet included for quick implementation!
Business intelligence company Sisense has seen secrets compromised in its GitLab repositories, leading to a siphoning of its customers' sensitive data.
The open-source world narrowly escaped a sophisticated supply-chain attack that could have compromised countless systems. A stark reminder of the necessity of vigilant monitoring and rigorous vetting within the open-source ecosystem to maintain trust and security.
![SOPS [Security Zines]](/content/images/size/w600/2024/03/SOPS-Security-Zine.png)
The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices.
GitHub's Push Protection is now enabled by default for all public repositories, a big milestone for open-source security! Find out the key points you need to keep in mind before using it to safeguard your code repositories.
The healthcare industry, holding a treasure trove of valuable data, finds itself at a pivotal point in its fight against cyber threats. This sector, harassed by cybercriminals, has endured the highest average costs due to breaches for over a decade.
Cloudflare experienced a security breach when its internal systems were compromised, leading to unauthorized access to sensitive data. Another incident highlights the importance of maintaining strict secrets security across the supply chain.
Discover Arnault's journey as lead ML engineer at GitGuardian, tackling complex data science challenges and secrets management in cybersecurity.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
