Ziad Ghalleb

Ziad Ghalleb

22 posts
Twitter
Secrets in Git Repos [Security Zines]

Secrets in Git Repos [Security Zines]

Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...

AppSec 2022 Resolutions: find inspiration in this report from Gartner on mitigating software supply chain security threats

AppSec 2022 Resolutions: find inspiration in this report from Gartner on mitigating software supply chain security threats

The software supply chain is under growing threatThere was no shortage of software supply chain security attacks this year. High-profile attacks such as the Codecov breach (read our play-by-play here) or more recently the Log4j vulnerability have revealed a gigantic blast radius with thousands

How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?

How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?

With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.

You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.

You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.

Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.

Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring

Introducing Presence Checks in GitGuardian for Internal Repositories Monitoring

Today, we’re introducing Presence Checks in GitGuardian for Internal Repositories Monitoring. For each incident in the dashboard, users will now be able to verify if the leaked secret is still present or if it was completely removed from the git history.

arrow-down