The Trivy story is moving quickly, and the latest reporting makes one thing clear: this is no longer just a GitHub Actions tag hijack. What started as a compromise of trivy-action, setup-trivy, and the v0.69.4 release has expanded into malicious Docker Hub images.
GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.
![Using GitGuardian Honeytoken [cheat sheet included]](/content/images/size/w600/2023/07/Using-GitGuardian-Honeytoken-Cheat-Sheet-article.png)
Our cheat sheet makes it easy for anyone to master the use of GitGuardian Honeytoken quickly so you keep on top of code leaks and manage intrusion detection.
With topics ranging from OSS contribution to getting along with your coworkers to using Azure Key Vault at scale, there was a lot of knowledge shared at Nebraska.Code() 2023.
![Secure Code Review Best Practices [cheat sheet included]](/content/images/size/w600/2023/07/Secure-Code-Review-Cheat-Sheet.jpg)
Reducing vulnerabilities in your software means manual and automated secure code reviews. Download our handy cheat sheet to keep your review practice on track.
In GitGuardian's first digital conference, CodeSecDays, security leaders from multiple leading companies like Snyk, Chainguard, Doppler, RedMonk, and more came together to share the latest in code and application security. As the CEO and founder of GitGuardian, Eric Fourrier said, “No organizations
It is important to secure environments with intelligent solutions. GitGuardian Honeytoken can help protect your IaC and Config Management tools.
Manual code reviews provide a lot of value but are slow, error-prone, and don't scale. Automated testing can take a lot of pressure off review teams.
Enhance your portal's capabilities with backend plugins and unlock custom functionalities in the second part of our Backstage tour. Step-by-step instructions provided!
Join security engineer Kayssar on a captivating journey as he delves into the achievements and challenges encountered by GitGuardian's security team throughout the year. And distills invaluable insights on fostering a culture of security awareness and openness within a rapidly expanding scale-up.
Discover how to enhance the security of your container registries using honeytokens. Learn the steps to secure Docker Registry, GitHub Container Registry, and GitLab Container Registry with honeytokens. Strengthen your DevOps pipeline and protect your valuable assets.
Using environment variables to store secrets has long been considered a good practice. But in this article, we will explore different opinions as to why using env vars might be either good or bad for security
Secrets management is an art, and mastering it requires a deep understanding of security protocols, meticulous attention to detail, and a proactive approach to staying ahead of threats. In this blog, we present you with eight essential concepts to enhance your credential management strategy.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
