Are Your Company Secrets Safe on GitHub? Here's Why You Need to Request a Complimentary Audit
With a large number of developers, it’s highly likely that your company’s secrets are publicly exposed without your knowledge. Request your audit today and take control of your GitHub security perimeter.
Voice of Practitioners: The State of Secrets in AppSec
Our latest report gathered answers from 507 IT and security decision-makers to study awareness about the risks posed by secrets sprawl and operational maturity in large enterprises.
How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel
SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of honeytokens. Join the adventure today!
The Secret Vulnerability Finance Execs are Missing
Discover the overlooked vulnerability lurking in every corner of the finance industry. Hardcoded credentials in source code are an easy target for hackers, yet so common they're rarely discussed. Learn what companies can do to protect themselves against costly breaches.
GitHub Actions Security Best Practices [cheat sheet included]
Learn how to secure your GitHub Actions with these best practices! From controlling credentials to using specific action version tags, this cheat sheet will help you protect against supply-chain attacks. Don't let a malicious actor inject code into your repository - read now!
Innovating at the Intersection of Ops and Product
This month we had the pleasure of chatting with Dhia, ProductOps manager and data analyst.
How Lemontech Protects its Secrets with GitGuardian
A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their secrets.
The State of Secrets Sprawl 2023
The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.
Top 10 Practices for Secure Software Development
Developer security practices are about adding security at each software development stage. Here’s a list of top developer security practices to follow.
Infrastructure as Code Security [Security Zines]
With great power comes great responsibility - and that's not just for superheroes. It's also true for your code!
Docker Security Best Practices [cheat sheet included]
Containers are no security devices. That's why we've curated a set of easily actionable recommendations to improve your Docker containers security. Check out the one-page cheat sheet.
Growing as an engineer at GitGuardian
Hi Laurent! Can you tell us about your role at GitGuardian?
Hi! I've been working at GitGuardian for four years now, making me the person
with the longest tenure! For a few months, I have been a Staff Engineer, meaning
I'm an expert on
When it Comes to Secrets, How Mature is Your Organization?
We're happy to present you our Secrets Management Maturity Model, a model to help your organization make sense of its actual posture and how to improve it.
Laying the Foundations for Growth
This month we had the pleasure to chat with Alexandre, Business Analyst in the Operations team.
Wake-up call: why it's urgent to deal with your hardcoded secrets
The figures are precise: stolen credentials remain the most common cause of a data breach. So how are there still thousands of hardcoded secrets hiding in source code, CI/CD pipelines, or Docker images, and, more importantly, how should we deal with them?
Announcing GitGuardian Labs - an interview with Eric, GitGuardian's CTO
On the occasion of the launch of the GitGuardian Labs innovation platform, we had the pleasure to discuss this initiative with Eric Fourrier, GitGuardian's CTO & co-founder.
Learn how to detect hardcoded secrets in your CircleCI CI/CD workflows
In this tutorial, you will learn how to add GitGuardian real-time monitoring to a CircleCI workflow to scan every new commit for secrets.
The Tao of Software Engineering
This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering
Canary Tokens [Security Zines]
Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!
Joining the GitGuardian Talent Acquisition Team
Curious about how technology is transforming our world? So is Alexandre, who told us about the path that led him to join one of the most interesting French scale-up.
ggshield, the GitGuardian CLI [Security Zines]
In his latest stroke of genius, Rohit shows us how gghsield fits into the development cycle to shield your code from leaking secrets.
4 Reasons MSPs Should Monitor Their GitHub Footprint
In recent years, resorting to MSPs has become very popular for companies wanting to accelerate the digitization of their businesses. With this surge in popularity, MSPs now face the question: how to ensure we can meet our cybersecurity responsibilities?
Security Chats - Jon-Erik Schneiderhan, Senior SRE at a tech company
As Senior SRE, Jon-Erik was aware that many secrets could be hidden in the repositories he supervises, and new ones leaked every day. He told Peerspot how and why he chose GitGuardian and the improvements his team received.
Security Chats - What Developers Say About Us
With more than 170k GitHub users and 4.3M (!) repositories under our shield, GitGuardian is proud to help the developers’ community code safer. Here is what you’ve been telling us lately.
Carrying Ambition Through Passion
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.