DevOps Days Philadelphia 2025: Security As A Control Loop, Resilience, Runtime Risks, And How AI Is Changing It

DevOpsDays Philadelphia 2025 showed how AI governance, secrets security, runtime traces, and ablative resilience work together to reduce operational risk.

Security Lessons For All From GitHub's Hardened Package Publication For npm

GitHub is hardening npm publishing rules but the underlying lessons can be applied by all developers: WebAuthn for writes, OIDC, and short-lived least-privilege credentials.

OWASP AppSec Days France 2025: Learning To Defend The Global Supply Chain Together

OWASP AppSecDays France 2025 explored supply chain trust, CI/CD as the new perimeter and passkeys, showing how shared guardrails make secure delivery possible.

Dwayne McDaniel

26 Sep 2025 – 6 min read

Non-Human Identity

Who Governs Your NHIs? The Challenge of Defining Ownership in Modern Enterprise IT

Learn how to shift the conversation from "who’s to blame" to "who has context" in managing non-human identities across modern enterprise IT infrastructure.

DjangoCon US 2025: Security, Simplicity, and Community

At DjangoCon US 2025, speakers emphasized seasoned tech over hype, featuring secure GitOps workflows, simpler frontend alternatives, and sustainable open-source models.

Dwayne McDaniel

15 Sep 2025 – 7 min read

Non-Human Identity

Leveraging Credentials As Unique Identifiers: A Pragmatic Approach To NHI Inventories

Identity-based attacks are on the rise. Attacks in which malicious actors assume the identity of an entity to easily gain access to resources and sensitive data have been increasing in number and frequency over the last few years.

Dwayne McDaniel

12 Sep 2025 – 6 min read

Conferences

BlueTeamCon 2025: Finding new approaches to security that don’t let perfect stand in the way of better

BlueTeamCon 2025 showed why progress beats perfection in cybersecurity. Explore highlights on visibility, AI safety, collaboration, identity, and pragmatic defense.

Dwayne McDaniel

10 Sep 2025 – 7 min read

Non-Human Identity

Why the Principle of Least Privilege Is Critical for Non-Human Identities

Overprivileged non-human identities expose enterprises to massive risk. Enforcing least privilege with automation and visibility is critical for security.

Dwayne McDaniel

4 Sep 2025 – 9 min read

Conferences

Passwords, Resilience, And Being Human: Working Together For A Brighter Future At BSides Las Vegas 2025

Dive into insights from BSides Las Vegas 2025: how identity hygiene, human ecosystems, structural resilience, and unpredictability define modern defenses.

Dwayne McDaniel

8 Aug 2025 – 9 min read

Artificial Intelligence

Probably Secure: A Look At The Security Concerns Of Deterministic Vs Probabilistic Systems

Learn why deterministic security remains essential in an AI-driven world and how GitGuardian combines probability and proof for safe, auditable development.

Dwayne McDaniel

7 Aug 2025 – 11 min read

Conferences

When Infostealer Frontiers Meet Identity-Centric Defense: Lessons from BSides SATX 2025

From malware markets to IAM frameworks, BSides SATX 2025 showed why modern security must evolve from static protection to identity-centric, adaptive defense.

Dwayne McDaniel

27 Jun 2025 – 8 min read

Artificial Intelligence

Operationalizing the OWASP AI Testing Guide with GitGuardian: Building Secure AI Foundations Through NHI Governance

Align your AI pipelines with OWASP AI Testing principles using GitGuardian’s identity-based insights to monitor, enforce, and audit secrets and token usage.

Dwayne McDaniel

26 Jun 2025 – 6 min read