Learn about OWASP’s newest focus on Non-Human Identities and how to mitigate risks like secret leakage, overprivileged NHIs, and insecure authentication with GitGuardian.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Fourth case: secrets are stolen with a malicious GitHub action.
On October 7th, Toyota revealed a partial copy of their T-Connect source code had been accidentally exposed for 5 years, including access to data for over 290,000 customers.
This month we had the pleasure to chat with Alexandre, Business Analyst in the Operations team.
DevOpsDays Chicago returned as an in-person event in 2022. Read the highlights of this amazing DevOps event, including how many conversations revolved around security and containers.
![Secrets at the Command Line [cheat sheet included]](/content/images/size/w600/2022/10/22W40-blog-SecretsAtTheCommandLine-Cheatsheet.jpg)
Developers need to prevent credentials from being exposed while working on the command line. Learn how you might be at risk and what tools and methods to help you work more safely.
This year at DEFCON and Black Hat—the world's largest security and hacking conferences—many talks focused on how attackers target developers' accounts. Here are the key points.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Third case: Twitter API keys are used to pump an altcoin.
On Thursday, September 15th, Uber confirmed reports of an organization-wide cybersecurity breach. This is an evolving situation, but we will bring you here the latest information and commentary as we get it.
DevSecOps expert and GitHub Star Sonya Moisset shared with us her tips to improve your open-source repository's security in a few simple steps.
On the occasion of the launch of the GitGuardian Labs innovation platform, we had the pleasure to discuss this initiative with Eric Fourrier, GitGuardian's CTO & co-founder.
In this tutorial, you will learn how to add GitGuardian real-time monitoring to a CircleCI workflow to scan every new commit for secrets.
The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
