
The Hidden Breach: Secrets Leaked Outside the Codebase Pose a Serious Threat
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
Yves joins GitGuardian as an accomplished channel sales leader with 20 years of experience in Senior Channel leadership positions with SecurityScorecard, EclecticIQ, Balabit.
GitGuardian’s ggshield CLI tool can help you keep your secrets away from your repos and pipelines. Download our handy cheat sheet to quickly become proficient in our CLI tool.
Are you looking for ways to manage your developer team better? GitHub Orgs is a great way to keep track of repositories, branches, and collaborators all in one place. In this article, we'll share some best practices for managing developer teams in GitHub Orgs.
SecureWV 2022 was the largest gathering of security professionals in the Mountain State ever. Read the highlights, including an in-depth look at ransomware and malware organizations.
We’re introducing a new Role-based Access Management (RBAC) system with “Teams” in your GitGuardian Internal Monitoring workspace. Bring Dev, Sec, and Ops together and fix hardcoded credentials faster than you ever thought possible!
Learn more about what is a Software Bills Of Materials, why use it, what are the standards and how to automate it with Continuous Integration.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Fourth case: secrets are stolen with a malicious GitHub action.
On October 7th, Toyota revealed a partial copy of their T-Connect source code had been accidentally exposed for 5 years, including access to data for over 290,000 customers.
This month we had the pleasure to chat with Alexandre, Business Analyst in the Operations team.
DevOpsDays Chicago returned as an in-person event in 2022. Read the highlights of this amazing DevOps event, including how many conversations revolved around security and containers.
This year at DEFCON and Black Hat—the world's largest security and hacking conferences—many talks focused on how attackers target developers' accounts. Here are the key points.
How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Third case: Twitter API keys are used to pump an altcoin.