Conferences
SREday SF 2025: Human Centered SRE In An AI World
SRE Day SF shows why dashboards alone do not defend anything. Explore paths to better telemetry, progressive delivery, and resilience that customers can feel.
MOST POPULAR
all tags
other
What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary
The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents.
Detection Engineering: A Case Study
In this blog post, we will explore the intricate world of detection engineering. We’ll start by examining the inputs and outputs of detection engineering, and then we’ll illustrate the detection engineering lifecycle.
How to Handle Secrets in Configuration Management Tools
Configuration management tools like Ansible, Chef, and Puppet offer various methods for handling secrets, each with inherent trade-offs. The article explores these approaches alongside modern OIDC-based solutions that enable short-lived authentication tokens for automated processes.
Identities Do Not Exist in a Vacuum: A View on Understanding Non-Human Identities Governance
The future of eliminating secrets sprawl means getting a handle on the lifecycles and interdependencies of the non-human identities that rely on secrets. Learn how to implement these NHI security measures at scale.
Secrets Analyzer: The Missing Context for Overprivileged Secrets
Secrets with excessive permissions are a goldmine for attackers. GitGuardian Secrets Analyzer helps security teams identify overprivileged secrets, analyze permissions, and shrink the attack surface.
BSides Austin 2024: Balancing AI Safety and Real-World Risks
At BSides Austin 2024, experts shared solutions for AI safety, cloud logging, systemic security planning, and effective executive collaboration strategies.
The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data
On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.
Introducing The Next Step in GitGuardian’s NHI Security Approach
Discover how GitGuardian is redefining non-human identity (NHI) security with comprehensive secrets security and governance solutions to protect against modern threats.
Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations
Struggling with fragmented secrets management and inconsistent vault practices? GitGuardian new multi-vault integrations provide organizations with centralized secrets visibility, reduce blind spots, enforce vault usage and fight against vault sprawl.
How to Handle Secrets in CI/CD Pipelines
Securely managing secrets within the CI/CD environment is super important. Mishandling secrets can expose sensitive information, potentially leading to unauthorized access, data breaches, and compromised systems.
A Deep Dive into Celery Task Resilience, Beyond Basic Retries
How to make your Celery tasks more resilient with best practices to prevent workflow interruptions and handle various failure scenarios.
