Ziad Ghalleb

Ziad Ghalleb

16 posts
Twitter
Automate security testing in your CI pipelines with GitGuardian and CircleCI

Automate security testing in your CI pipelines with GitGuardian and CircleCI

GitGuardian is now a verified CircleCI technological partner. Use the ggshield orb to run automated secrets detection and remediation in your CircleCI workflows.

Detector of The Month – Stripe webhook secret, April 2022

Detector of The Month – Stripe webhook secret, April 2022

Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.

Investigating, prioritizing, and remediating thousands of hardcoded secrets incidents

Investigating, prioritizing, and remediating thousands of hardcoded secrets incidents

This article aims at providing application security teams with a guide to effectively prioritize, investigate and remediate hardcoded secrets incidents at scale.

Detector of The Month – Redis, March 2022

Detector of The Month – Redis, March 2022

Keep secrets out of your source code. GitGuardian's automated secrets detection supports Redis database credentials.

Secrets in Git Repos [Security Zines]

Secrets in Git Repos [Security Zines]

Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...

Detector of The Month – PlanetScale, February 2022

Detector of The Month – PlanetScale, February 2022

Keep secrets out of your source code. GitGuardian's automated secrets detection supports PlanetScale database passwords and tokens.

No stone left unturned: detecting custom patterns is now available in GitGuardian.

No stone left unturned: detecting custom patterns is now available in GitGuardian.

GitGuardian users can now extend the secrets detection engine and configure custom patterns to detect proprietary secrets and credentials.

Detector of The Month – Datadog, January 2022

Detector of The Month – Datadog, January 2022

Keep secrets out of your source code. GitGuardian's automated secrets detection supports Datadog API and Application keys.

AppSec 2022 Resolutions: find inspiration in this report from Gartner on mitigating software supply chain security threats

AppSec 2022 Resolutions: find inspiration in this report from Gartner on mitigating software supply chain security threats

The software supply chain is under growing threatThere was no shortage of software supply chain security attacks this year. High-profile attacks such as the Codecov breach (read our play-by-play here) or more recently the Log4j vulnerability have revealed a gigantic blast radius with thousands

Detector of The Month – Okta, December 2021

Detector of The Month – Okta, December 2021

Keep secrets out of your source code. GitGuardian's automated secrets detection supports Okta API tokens and client secrets.

GitGuardian is now part of the PagerDuty Partner Program verified integrations

GitGuardian is now part of the PagerDuty Partner Program verified integrations

GitGuardian is now a verified PagerDuty integration, bringing the power of automated secrets detection to one of the leading platforms for real-time digital operations.

Detector of The Month – Supabase, November 2021

Detector of The Month – Supabase, November 2021

Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Supabase JWT secrets and Service Role JWT secrets.

300. That's how many secrets detectors GitGuardian now runs.

300. That's how many secrets detectors GitGuardian now runs.

GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.

How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?

How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?

With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.

You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.

You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.

Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.

Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring

Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring

Today, we’re introducing Presence Checks in GitGuardian for Internal Repositories Monitoring. For each incident in the dashboard, users will now be able to verify if the leaked secret is still present or if it was completely removed from the git history.

arrow-down