Automate your way out of code security incidents with GitGuardian’s playbooks
Learn more about GitGuardian’s no-code workflows and how they can help you enjoy some respite from the manual and grunt work no security engineer ever enjoys.
It Takes a Team to Solve Hardcoded Secrets
We’re introducing a new Role-based Access Management (RBAC) system with “Teams” in your GitGuardian Internal Monitoring workspace. Bring Dev, Sec, and Ops together and fix hardcoded credentials faster than you ever thought possible!
Gartner recognizes GitGuardian as a Sample Vendor in two Hype Cycle™ reports this summer
Gartner has acknowledged GitGuardian as a Sample Vendor in two reports this summer, the Gartner Hype Cycle™ for Application Security 2022 and the Gartner Hype Cycle™ for Agile and DevOps 2022.
From vulnerability to advantage: turn exposed secrets into your best allies to detect intrusion.
We are happy to announce the release of our latest open-source project, ggcanary, the GitGuardian Canary Tokens, to help organizations detect intrusion in their developer and DevOps environments.
Implementing a Secrets Detection Program for the Enterprise – a case study
This article describes the approach followed by one of GitGuardian's enterprise customers to implement a secrets detection program and stop poor secrets management practices at the source.
Q2 Product Roundup – Making secrets detection programs a reality for the enterprise
Learn more about the challenges awaiting organizations of thousands of developers when deploying secrets detection and how we're addressing them with our latest feature releases.
Developer experience is security, our answer.
Developer experience or DX is a security issue. Find out how we're solving it at GitGuardian with ggshield, the secrets detection CLI built for developers.
Forrester Research: The State of Application Security 2022
The State of Application Security 2022 from Forrester is out and we’re happy to provide our readers with a copy, courtesy of GitGuardian.
Automate security testing in your CI pipelines with GitGuardian and CircleCI
GitGuardian is now a verified CircleCI technological partner. Use the ggshield orb to run automated secrets detection and remediation in your CircleCI workflows.
Detector of The Month – Stripe webhook secret, April 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.
Investigating, prioritizing, and remediating thousands of hardcoded secrets incidents
This article aims to provide application security teams with a guide to effectively prioritize, investigate and remediate hardcoded secrets incidents at scale.
Detector of The Month – Redis, March 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Redis database credentials.
![Secrets in Git Repos [Security Zines]](/content/images/size/w600/2022/03/22W10-blog-securityzines-1-1.jpg)
Secrets in Git Repos [Security Zines]
Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...
Detector of The Month – PlanetScale, February 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection supports PlanetScale database passwords and tokens.
No stone left unturned: detecting custom patterns is now available in GitGuardian.
GitGuardian users can now extend the secrets detection engine and configure custom patterns to detect proprietary secrets and credentials.
Detector of The Month – Datadog, January 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Datadog API and Application keys.
AppSec 2022 Resolutions: find inspiration in this report from Gartner on mitigating software supply chain security threats
The software supply chain is under growing threatThere was no shortage of software supply chain security attacks this year. High-profile attacks such as the Codecov breach (read our play-by-play here) or more recently the Log4j vulnerability have revealed a gigantic blast radius with thousands
Detector of The Month – Okta, December 2021
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Okta API tokens and client secrets.
GitGuardian is now part of the PagerDuty Partner Program verified integrations
GitGuardian is now a verified PagerDuty integration, bringing the power of automated secrets detection to one of the leading platforms for real-time digital operations.
Detector of The Month – Supabase, November 2021
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Supabase JWT secrets and Service Role JWT secrets.
300. That's how many secrets detectors GitGuardian now runs.
GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.
How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?
With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.
You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.
Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.
Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring
Today, we’re introducing Presence Checks in GitGuardian for Internal Repositories Monitoring. For each incident in the dashboard, users will now be able to verify if the leaked secret is still present or if it was completely removed from the git history.
