
The Hidden Breach: Secrets Leaked Outside the Codebase Pose a Serious Threat
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
Austin, Texas, is home to many cybersecurity communities. Read the highlights from when they got together BSides Austin 2023 and shared best practices to help keep us all safe.
Learn how to create, test and deploy GitGuardian honeytokens to detect security breaches, strengthen supply chain security, and prevent code leakage. Find out where to place honeytokens to effectively deceive attackers and protect your assets.
Our latest report gathered answers from 507 IT and security decision-makers to study awareness about the risks posed by secrets sprawl and operational maturity in large enterprises.
GitGuardian was part of AppSec Sandbox at RSA, put on by AppSec Village. Learn about our blue team exercise that used honeytokens to find and boot an attacker.
Learn about the day-to-day life of a QA engineer and the different techniques and processes used by the QA engineering team at GitGuardian to ensure high-quality products.
The RSA Conference in San Francisco drew 40,000 participants over 4 extremely busy days. Read just a few of the highlights from this legendary event.
Read the highlights from BSidesSF, a community event that brought together speakers, workshops, and villages to help us all learn to be safer.
SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of honeytokens. Join the adventure today!
This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!
Discover the overlooked vulnerability lurking in every corner of the finance industry. Hardcoded credentials in source code are an easy target for hackers, yet so common they're rarely discussed. Learn what companies can do to protect themselves against costly breaches.
In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.