The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions tag hijack. What started as a compromise of trivy-action, setup-trivy, and the v0.69.4 release has expanded into malicious Docker Hub images.
Learn how to safely remove confidential information from your git repository. Whether you need to excise an entire file or edit a file without removing it, this tutorial will guide you through the process. Plus, get tips on preventing future headaches with GitGuardian!
If you need to reach PCI DSS 4.0 compliance, GitGuardian has solutions that can help.
Not only API authentication and authorization are the crucial aspects of API security when crafting secure software, but they also impact scalability and user experience.
Discover insights learned from CodeMash 2025 community on NHI governance, secrets security, and addressing vault sprawl challenges in enterprise environments.
Secrets buried in container registries pose a silent risk. Learn about their hidden vulnerabilities and what steps you can take to safeguard your infrastructure.
![How to Handle Secrets at the Command Line [cheat sheet included]](/content/images/size/w600/2022/10/22W40-blog-SecretsAtTheCommandLine-Cheatsheet.jpg)
Developers need to prevent credentials from being exposed while working on the command line. Learn how you might be at risk and what tools and methods to help you work more safely.
Protect hedge fund assets from secrets-related attacks. Learn how GitGuardian provides visibility and control over secrets and mitigates the risks of hardcoded secrets.
Building on EO 14028, EO 14144 advances U.S. cybersecurity with actionable steps for identity governance and secrets management. Learn what this means for you.
Learn how one of Europe's largest healthcare tech leaders transformed their Secrets Security with GitGuardian, cutting incidents by half without compromising developer productivity.
A look back at 2024: A year of breakthroughs, advancements, and unwavering commitment to elevating NHI and secrets security for organizations.
Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.
Everything you were too afraid to ask about Docker, containers, and their fundamental building blocks: layers. Understanding how layers work naturally leads to a more efficient method of packing images, ultimately speeding up your deployments.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
