Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.
Security as Code (SaC) is a term often used with DevSecOps, but what does it mean exactly? Learn best practices and key components for a more secure and efficient development process.
In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team.
Discover the roles and risks of honeypots and honeytokens in cybersecurity with this article. Understand how they work, the benefits they bring to your security strategy, and the precautions needed to avoid potential pitfalls.
Discover how Vermeer Corporation transformed its software development lifecycle to prioritize security. Learn about their journey from open-source tools to adopting GitGuardian for seamless, integrated secret scanning, enhancing DevSecOps with a 'Secure by Default' approach.
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials.
Typosquatting and dependency confusion are two common tactics used by hackers to exploit open-source package repositories. Understand how these attacks work and discover preventive measures to secure your infrastructure.
The article highlights the significance of securing CI/CD systems and offers three best practices. It introduces OpenID Connect (OIDC) as a means to employ short-lived tokens for improved security.
GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.
![Secure Code Review Best Practices [cheat sheet included]](/content/images/size/w600/2023/07/Secure-Code-Review-Cheat-Sheet.jpg)
Reducing vulnerabilities in your software means manual and automated secure code reviews. Download our handy cheat sheet to keep your review practice on track.
It is important to secure environments with intelligent solutions. GitGuardian Honeytoken can help protect your IaC and Config Management tools.
Enhance your portal's capabilities with backend plugins and unlock custom functionalities in the second part of our Backstage tour. Step-by-step instructions provided!
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
