Discover how to enhance the security of your container registries using honeytokens. Learn the steps to secure Docker Registry, GitHub Container Registry, and GitLab Container Registry with honeytokens. Strengthen your DevOps pipeline and protect your valuable assets.
Build a developer portal from scratch with Backstage, an open platform. In this tutorial, learn how to create a secure-by-default software catalog for bootstrapping GitHub projects.
Discover how honeytokens, digital decoys designed to detect unauthorized access, can strengthen the security of your CI/CD pipelines. In this guide, we offer step-by-step instructions for integrating them into popular pipelines like Jenkins, GitLab, and AWS CodePipeline.
Protect your code and secure your repositories with honeytokens. Learn how to create and add these digital traps to your SCM repositories and how GitGuardian helps you stay alert to potential threats. Read on for best practices and tips to make the most out of honeytokens.
Is DevOps really dead? Learn about the rise of platform engineering and how it differs from DevOps in terms of self-service capabilities and automation. Discover how security fits into this new paradigm and the benefits of platform engineering for software development teams of various sizes.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!
In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.
![Best Practices for Scanning and Securing Infrastructure as Code (IaC)[cheat sheet included]](/content/images/size/w600/2023/04/23W15-blog-GitGuardian-IAC-Cheatsheet.png)
Discover the best practices and tools to scan and secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.
Master Terraform in the cloud: play with the console, know your infrastructure, avoid mistakes, separate infrastructure from configuration, make code declarative, and understand vendor lock-in.
In this blog post, we'll cover some best practices for managing AWS secrets when using the AWS SDK in Python.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
