When it Comes to Secrets, How Mature is Your Organization?
We're happy to present you our Secrets Management Maturity Model, a model to help your organization make sense of its actual posture and how to improve it.
Laying the Foundations for Growth
This month we had the pleasure to chat with Alexandre, Business Analyst in the Operations team.
Wake-up call: why it's urgent to deal with your hardcoded secrets
The figures are precise: stolen credentials remain the most common cause of a data breach. So how are there still thousands of hardcoded secrets hiding in source code, CI/CD pipelines, or Docker images, and, more importantly, how should we deal with them?
Announcing GitGuardian Labs - an interview with Eric, GitGuardian's CTO
On the occasion of the launch of the GitGuardian Labs innovation platform, we had the pleasure to discuss this initiative with Eric Fourrier, GitGuardian's CTO & co-founder.
Learn how to detect hardcoded secrets in your CircleCI CI/CD workflows
In this tutorial, you will learn how to add GitGuardian real-time monitoring to a CircleCI workflow to scan every new commit for secrets.
The Tao of Software Engineering
This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering
Canary Tokens [Security Zines]
Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!
Joining the GitGuardian Talent Acquisition Team
Curious about how technology is transforming our world? So is Alexandre, who told us about the path that led him to join one of the most interesting French scale-up.
ggshield, the GitGuardian CLI [Security Zines]
In his latest stroke of genius, Rohit shows us how gghsield fits into the development cycle to shield your code from leaking secrets.
4 Reasons MSPs Should Monitor Their GitHub Footprint
In recent years, resorting to MSPs has become very popular for companies wanting to accelerate the digitization of their businesses. With this surge in popularity, MSPs now face the question: how to ensure we can meet our cybersecurity responsibilities?
Security Chats - Jon-Erik Schneiderhan, Senior SRE at a tech company
As Senior SRE, Jon-Erik was aware that many secrets could be hidden in the repositories he supervises, and new ones leaked every day. He told Peerspot how and why he chose GitGuardian and the improvements his team received.
Security Chats - What Developers Say About Us
With more than 170k GitHub users and 4.3M (!) repositories under our shield, GitGuardian is proud to help the developers’ community code safer. Here is what you’ve been telling us lately.
GitHub Actions Security Best Practices [cheat sheet included]
GitHub Actions is an increasingly popular CI/CD platform. They offer powerful and easy-to-access features to build automation right into any GitHub repository. However, they also require special attention to avoid any compromise. Here are the best practices to secure them.
Carrying Ambition Through Passion
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.
Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]
He struck again! New Security Zine, this time focusing on how leaked Jenkins credentials can lead to a complete supply chain takeover...
DevSecOps and the AppSec Shared Responsibility Model
In their latest white paper, GitGuardian examines why implementing DevSecOps at scale to protect the modern software factory means evolving traditional AppSec. Read more to learn how the shared responsibility model adoption will unlock security in an agile world.
The State of Secrets Sprawl 2022
In its 2022 report, GitGuardian extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in corporate codebases.
Documentation as a Killer Feature
Julia recently joined GitGuardian to improve the product experience for Enterprise users. She explained to us how documentation could be an essential asset to achieve that objective and what drove her to become a Guardian in the first place.
From securing the battlespace to securing the codebase
This month we are pleased to welcome Daniel, an Account Executive with a passion for everything security.
10 Rules for Better Cloud Security
Cloud security is a shared responsibility and a big challenge. Here are the basic rules to have in mind to set up efficient guardrails.
Building an AppSec product at GitGuardian
Meet Alexandra, who shared with us her motivations to start her career as a full-stack developer at GitGuardian.
8 Easy Steps to Set Up Multiple GitHub Accounts [cheat sheet included]
Any developer has to set up his Git config at least once. Our cheat sheet will help you make this process a breeze, ensuring that you never push with the wrong profile again!
Happy 20th Birthday, OWASP!🎂
We're happy to celebrate the 20th birthday of the Open Web Application Security Project, one of the major open-source resources helping developers better understand and practice web security.
Security Chats - What Developers Say About Us
With more than 110k GitHub users and 2.5M (!) repositories under our shield, GitGuardian is proud to help the developers’ community code safer. Here is what you’ve been telling us lately.
Why SAST + DAST can't be enough
Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their critical blind spots.