Supply Chain Security

Three Mechanisms to Protect Your Git Repositories

...despite all intentions to follow best practices, they don't. When you automate enforcement of best practices, you can ensure those practices are followed...

Greg Bulmash

14 Mar 2024 – 4 min read

Secrets detection

The State of Secrets Sprawl 2024

The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices.

Thomas Segura

12 Mar 2024 – 3 min read

Breach explained

Nation-state hackers access Microsoft source code and steal secrets

Microsoft has been experienced a sustained attack by Russian-backed nation-state attacker Midnight Blizzard (also known as NOBELIUM). This blog examines all we know so far

Mackenzie Jackson

11 Mar 2024 – 3 min read

Honeytokens

How to Disseminate Honeytokens At Scale: Step-by-Step Guide to Deployment Jobs

Learn how GitGuardian Honeytoken's new feature, Deployment Jobs, revolutionizes early breach detection and code repository protection. Automate honeytoken deployment across multiple repositories with ease, ensuring ongoing security and peace of mind.

Soujanya Ain

8 Mar 2024 – 5 min read

GitGuardian

Guardian Goofs #3

Things we found while inspecting containers.

Greg Bulmash

4 Mar 2024

Frameworks & Regulations

SEC's Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule: What You Should Know

What you should know about the SEC's new rules on risk management and incident reporting

Greg Bulmash

1 Mar 2024 – 4 min read

GitGuardian

Guardian Profile: Aslan Pishdad

Meet Aslan Pishdad and learn about his commitment to his community and his customers as a Regional Sales Director for GitGuardian.

Greg Bulmash

29 Feb 2024 – 3 min read

A Guide to Cloud Security Posture Management (CSPM)

What is CSPM? Cloud Security Posture Management is about identifying and remediating security misconfigurations and risks to (IaaS) Infrastructure as a Service or (PaaS) Platform as a service environments.

Guest Expert

28 Feb 2024 – 7 min read

Secrets detection

GitHub's Default Push Protection: Enhancing Open-Source Security with Limitations to Consider

GitHub's Push Protection is now enabled by default for all public repositories, a big milestone for open-source security! Find out the key points you need to keep in mind before using it to safeguard your code repositories.

Thomas Segura

27 Feb 2024 – 7 min read

Conferences

Civo Navigate 2024: Scaling Community And Containers In Austin

Read highlights from Civo Navigate 2024's community event, featuring insights on scaling containers, cloud-native security challenges, and high-availability practices.

Dwayne McDaniel

27 Feb 2024 – 6 min read

Best practices

How to Handle Mobile App Secrets

Learn why storing secrets in mobile apps is a major security risk, how to manage user and developer secrets properly, and why client-side secrecy is impossible. Find out the best practices for securing mobile app secrets and protecting your data.

Guest Expert

23 Feb 2024 – 6 min read

Frameworks & Regulations

A Quick Overview of the Digital Operational Resilience Act (DORA)

Get insights into the EU's Digital Operational Resilience Act (DORA) and its impact on cybersecurity compliance for financial sector companies and their critical contractors.

Greg Bulmash

22 Feb 2024 – 4 min read