Every Laptop Is a Credential Store: Where Secrets Hide
Cloud keys, shell history, SSH keys, AI agent caches: a complete inventory of where credentials hide on a developer's machine, and why infostealers go looking there.
Cloud keys, shell history, SSH keys, AI agent caches: a complete inventory of where credentials hide on a developer's machine, and why infostealers go looking there.
Enhance your secure coding practices with GitGuardian’s Visual Studio Code extension. Detect secrets in real-time by embedding security into developers' workflows, boosting productivity and ensuring compliance.
Docker Zombie Layers are unreferenced image layers that continue to exist for weeks in registries, even after being removed from a manifest. In this hands-on deep dive, we explore how these layers can persist in registries and why ensuring the immediate revocation of exposed secrets is critical.
GitGuardian introduces European data hosting for its Secrets Detection Platform SaaS, ensuring data sovereignty and GDPR compliance. Discover how our new EU hosting options help enterprises meet regulatory requirements and protect sensitive data with ease.
Takeaways from OWASP Global AppSec SF 2024, covering security tools, AI risks, and strategies for improving application security while empowering developers.
Learn how GitGuardian can help you go from a world of secrets sprawl to a future with secrets-free machine identity frameworks by adopting SPIFFE/SPIRE.
Exciting news! Our first book, "Crafting Secure Software," is now available. Learn how to embed security throughout the SDLC, mitigate risks, and foster a security culture. Get your copy today and level up your software security game!
Discover how exposed your company is on public GitHub, anonymously and for free.
Buckle up, buttercup, because we're about to dive into the sticky-sweet world of honeytokens!
Discover ggshield's latest enhancements, allowing you to craft custom remediation messages, format scan results in SARIF, and help you better shift left for secrets security.
Learn the best practices for handling secrets in Go in the cloud-native ecosystem.
Key insights and defense strategies were shared at Blue Team Con 2024 in Chicago, where defenders gathered to advance their skills for fighting today’s toughest threats.
Credentials are prime targets for attackers, as they make it easy to access resources as legitimate users without discovering vulnerabilities or using technical exploits. Malware authors know how interesting these low-hanging fruits are and are coming after your secrets!