SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in real-world environments.
Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.
DevSecOps Engineer Gene Gotimer explains why constant software dependency updates are crucial for security in DevSecOps practices.
Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.
The last mile in secrets security is securing secrets in workloads. Discover a new way to securely deliver encrypted secrets in your infrastructure with innovative open-source tools, and say goodbye to plaintext secrets.
Get started with IAM by using Terraform to create users, groups, and policies.
Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide.
Last episode of C.J. May's series on implementing a DevSecOps program: how to harden your software delivery pipelines to maintain robust security measures.
Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post.
In this new series, CJ May shares his expertise in implementing secure-by-design software processes. The second part of his DevSecOps program is all about implementing secure-by-design software pipelines.
In this new series, CJ May shares his expertise in implementing secure-by-design software processes that empower engineering teams. The first stage of his DevSecOps program: vulnerability management.
Learn how to effectively respond to an AWS key honeytoken trigger with this step-by-step guide. Investigate the incident, identify the leak source, secure your environment, and leverage OSINT techniques to protect your AWS infrastructure.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
