Understanding the Risks of Long-Lived Kubernetes Service Account Tokens
Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.
AI and Cybersecurity in 2024 - What's Changing and Why It Matters
Tired of the AI hype? We get it. Our latest blog takes a no-nonsense look at AI in 2024's cybersecurity – just the facts and some thoughtful insights. No earth-shattering revelations, just a decent read for your coffee break.
Are the Fears about the EU Cyber Resilience Act Justified?
Discover the inner workings of the recently implemented Cyber Resilience Act (CRA) in the EU and explore why this framework has raised concerns about jeopardizing the open-source ecosystem. Join us in our latest blog post to delve into this important topic.
How to Secure Your Secrets Manager with GitGuardian Honeytoken
Learn how to enhance secrets manager security with GitGuardian Honeytoken. Strengthen your system's security and protect your critical assets effectively.
Yes, GitHub's Copilot can Leak (Real) Secrets
Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets.
Microsoft AI involuntarily exposed a secret giving access to 38TB of confidential data for 3 years
Discover how an overprovisioned SAS token exposed a massive 38TB trove of private data on GitHub for nearly three years. Learn about the misconfiguration, security risks, and mitigation strategies to protect your sensitive assets.
Wake-up call: why it's urgent to deal with your hardcoded secrets
The figures are precise: stolen credentials remain the most common cause of a data breach. So how are there still thousands of hardcoded secrets hiding in source code, CI/CD pipelines, or Docker images, and, more importantly, how should we deal with them?
![From Code to Cloud: Security for Developers [cheat sheet included]](/content/images/size/w600/2023/08/Snyk-GitGuardian-Cheat-sheet.png)
From Code to Cloud: Security for Developers [cheat sheet included]
In this cheat sheet, we will walk you through the different stages of the software development lifecycle and highlight key security considerations and tools that can help you mitigate risks and protect your code.
The Art of Protecting Secrets: Eight Essential Concepts for SecOps Practitioners
Secrets management is an art, and mastering it requires a deep understanding of security protocols, meticulous attention to detail, and a proactive approach to staying ahead of threats. In this blog, we present you with eight essential concepts to enhance your credential management strategy.
![8 Easy Steps to Set Up Multiple GitHub Accounts [cheat sheet included]](/content/images/size/w600/2021/10/21W43-Blog-Git-Accounts-Cheatsheet-Final.png)
8 Easy Steps to Set Up Multiple GitHub Accounts [cheat sheet included]
Any developer has to set up his Git config at least once. Our cheat sheet will help you make this process a breeze, ensuring that you never push with the wrong profile again!
Are Your Company Secrets Safe on GitHub? Here's Why You Need to Request a Complimentary Audit
With a large number of developers, it’s highly likely that your company’s secrets are publicly exposed without your knowledge. Request your audit today and take control of your GitHub security perimeter.
How to Create and Use Honeytokens: Step-by-Step Instructions
Learn how to create, test and deploy GitGuardian honeytokens to detect security breaches, strengthen supply chain security, and prevent code leakage. Find out where to place honeytokens to effectively deceive attackers and protect your assets.
