
How to Handle Secrets in Python
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
This time, we will see how to get a deeper integration between OPA and Kubernetes with Gatekeeper and native CRD-based policies.
Let's get our hands dirty with policy as code and write our first OPA policies for a Kubernetes environment.
Continuing our series about potential attack scenarios, learn how a very easy configuration mistake on GitHub can lead to a major security breach.
Software composition analysis is an essential part of application security. Here are the important factors to consider when selecting an SCA scanner to be sure it is well-suited to your needs.
Learn the benefits of policy as code and start testing your policies for cloud-native environments.
In such a fast-developing world, it becomes more and more important to make sure the source code and its metadata are backed up in case of an emergency. Learn everything you need to know about how to backup a GitHub repository.
Are you looking for ways to manage your developer team better? GitHub Orgs is a great way to keep track of repositories, branches, and collaborators all in one place. In this article, we'll share some best practices for managing developer teams in GitHub Orgs.
Learn more about what is a Software Bills Of Materials, why use it, what are the standards and how to automate it with Continuous Integration.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Fourth case: secrets are stolen with a malicious GitHub action.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Third case: Twitter API keys are used to pump an altcoin.
Have you heard about SOPS? If you have already been in a situation where you needed to share sensitive information with your teammates, this is for you.
DevSecOps expert and GitHub Star Sonya Moisset shared with us her tips to improve your open-source repository's security in a few simple steps.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Second case: an AWS secret is found in a private repository.
In this second part, you will learn how to centralize IAM for multiple AWS accounts, create and use EC2 instance profiles, and implement just-in-time access with Vault.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. First case: an RSA private key is found in a Docker image.
Mark Bichon from Bearer, the SAST solution for mapping sensitive data flows, shares some essential tips to create security policies that don't feel like a development slowdown.
Get started with IAM by using Terraform to create users, groups, and policies.
Identity and access management is a pillar of security. With the advent of the cloud, it got a lot more complicated. Here is a recap of the best practices to put in place to secure AWS IAM.
In this article, we’ll be going over the 1.1 revision of The Secure Software Development Framework that was published earlier this year.
Learn more about the DMCA law and how it applies to digital artifacts like source code.
In this tutorial, we will show how to integrate GitGuardian Shield to run on one of the most famous CI tools: Jenkins (with a cool bonus!).
This "best practices" article aims to tell you something you haven't read a hundred times. This article won't give you the answer to everything because there isn't one right answer that fits all. It aims to make you think about your unique situation and make the best decisions in accordance.
This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.
In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.