Voice of Practitioners: The State of Secrets in AppSec
Our latest report gathered answers from 507 IT and security decision-makers to study awareness about the risks posed by secrets sprawl and operational maturity in large enterprises.
How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel
SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of honeytokens. Join the adventure today!
The Secret Vulnerability Finance Execs are Missing
Discover the overlooked vulnerability lurking in every corner of the finance industry. Hardcoded credentials in source code are an easy target for hackers, yet so common they're rarely discussed. Learn what companies can do to protect themselves against costly breaches.
![GitHub Actions Security Best Practices [cheat sheet included]](/content/images/size/w600/2022/05/22W18-blog-GitHubActionsSecurityCheatSheet.png)
GitHub Actions Security Best Practices [cheat sheet included]
Learn how to secure your GitHub Actions with these best practices! From controlling credentials to using specific action version tags, this cheat sheet will help you protect against supply-chain attacks. Don't let a malicious actor inject code into your repository - read now!
Innovating at the Intersection of Ops and Product
This month we had the pleasure of chatting with Dhia, ProductOps manager and data analyst.
How Lemontech Protects its Secrets with GitGuardian
A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their secrets.
The State of Secrets Sprawl 2023
The report reveals an unprecedented number of hard-coded secrets in new GitHub commits over the year 2022. And much more.
Top 10 Practices for Secure Software Development
Developer security practices are about adding security at each software development stage. Here’s a list of top developer security practices to follow.
![Infrastructure as Code Security [Security Zines]](/content/images/size/w600/2022/12/blog-SecurityZines-iac-security.png)
Infrastructure as Code Security [Security Zines]
With great power comes great responsibility - and that's not just for superheroes. It's also true for your code!
Growing as an engineer at GitGuardian
Hi Laurent! Can you tell us about your role at GitGuardian? Hi! I've been working at GitGuardian for four years now, making me the person with the longest tenure! For a few months, I have been a Staff Engineer, meaning I'
When it Comes to Secrets, How Mature is Your Organization?
We're happy to present you our Secrets Management Maturity Model, a model to help your organization make sense of its actual posture and how to improve it.
Laying the Foundations for Growth
This month we had the pleasure to chat with Alexandre, Business Analyst in the Operations team.
