Why Understanding Your Secrets is the Key to Faster Remediation

Up to 27 days to fix a leaked secret? We feel your pain. Explore how contextual secrets management helps you take control, cut remediation time, and strengthen your security posture. Don't just detect, understand your secrets.

Soujanya Ain

6 Mar 2025 – 5 min read

Tiexin Guo

27 Jan 2025 – 10 min read

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

30 Sep 2024 – 7 min read

EDITOR’S PICK

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Ferdinand Boas

27 Feb 2025 – 6 min read

Protecting the Backbone of Modern Development: Scanning Secrets in Container Registries

Ferdinand Boas

23 Jan 2025 – 5 min read

all tags

Conferences

Poisoning the source – How and why attackers are targeting developer accounts

This year at DEFCON and Black Hat—the world's largest security and hacking conferences—many talks focused on how attackers target developers' accounts. Here are the key points.

Mackenzie Jackson

30 Sep 2022 – 8 min read

Thinking Like a Hacker

Thinking Like a Hacker: Commanding a Bot Army of Compromised Twitter Accounts

How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Third case: Twitter API keys are used to pump an altcoin.

Guest Expert

26 Sep 2022 – 5 min read

Breach explained

Uber Breach 2022 – Everything You Need to Know

On Thursday, September 15th, Uber confirmed reports of an organization-wide cybersecurity breach. This is an evolving situation, but we will bring you here the latest information and commentary as we get it.

Mackenzie Jackson

16 Sep 2022 – 6 min read

Best practices

GitHub Security 101: Best Practices for Securing your Repository

DevSecOps expert and GitHub Star Sonya Moisset shared with us her tips to improve your open-source repository's security in a few simple steps.

Guest Expert

2 Sep 2022 – 10 min read

Announcing GitGuardian Labs - an interview with Eric, GitGuardian's CTO

On the occasion of the launch of the GitGuardian Labs innovation platform, we had the pleasure to discuss this initiative with Eric Fourrier, GitGuardian's CTO & co-founder.

Thomas Segura

31 Aug 2022 – 3 min read

Tutorials

Learn how to detect hardcoded secrets in your CircleCI CI/CD workflows

In this tutorial, you will learn how to add GitGuardian real-time monitoring to a CircleCI workflow to scan every new commit for secrets.

Thomas Segura

27 Aug 2022 – 7 min read

Conferences

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.

Mackenzie Jackson

23 Aug 2022 – 5 min read

Conferences

Black Hat 25 – What you need to know

Missed out on Black Hat 2022 briefings or got stuck in the business hall? We have you covered.

Mackenzie Jackson

22 Aug 2022 – 8 min read

Thinking Like a Hacker

Thinking Like a Hacker: AWS Keys in Private Repos

How can an attacker exploit leaked credentials? In this new series, we try to answer this question by imagining plausible attack scenarios. Second case: an AWS secret is found in a private repository.

Guest Expert

12 Aug 2022 – 5 min read

Tutorials

Managing AWS IAM with Terraform - Part 2

In this second part, you will learn how to centralize IAM for multiple AWS accounts, create and use EC2 instance profiles, and implement just-in-time access with Vault.

Guest Expert

10 Aug 2022 – 10 min read

The Tao of Software Engineering

This month we had the opportunity to chat with Mehdi about his background, what he and his team are cooking at GitGuardian, and the benefits of martial arts applied to software engineering

Thomas Segura

8 Aug 2022 – 5 min read

Security Zines

Canary Tokens [Security Zines]

Security Zines are back, this time to illustrate the concept and usage behind canary tokens, a powerful intrusion detection trick. Check it out, we've got something for you!

Thomas Segura

4 Aug 2022 – 3 min read

Why Understanding Your Secrets is the Key to Faster Remediation

Soujanya Ain

MOST POPULAR

Authentication and Authorization Best Practices

Tiexin Guo

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Dwayne McDaniel

EDITOR’S PICK

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Ferdinand Boas

Protecting the Backbone of Modern Development: Scanning Secrets in Container Registries

Ferdinand Boas

Poisoning the source – How and why attackers are targeting developer accounts

Mackenzie Jackson

Thinking Like a Hacker: Commanding a Bot Army of Compromised Twitter Accounts

Guest Expert

Uber Breach 2022 – Everything You Need to Know

Mackenzie Jackson

GitHub Security 101: Best Practices for Securing your Repository

Guest Expert

Announcing GitGuardian Labs - an interview with Eric, GitGuardian's CTO

Thomas Segura

Learn how to detect hardcoded secrets in your CircleCI CI/CD workflows

Thomas Segura

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

Mackenzie Jackson

Black Hat 25 – What you need to know

Mackenzie Jackson

Thinking Like a Hacker: AWS Keys in Private Repos

Guest Expert

Managing AWS IAM with Terraform - Part 2

Guest Expert

The Tao of Software Engineering

Thomas Segura

Canary Tokens [Security Zines]

Thomas Segura

Start your journey to secrets-free source code