![Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]](/content/images/size/w600/2025/11/shai-hulud--2--1.png)
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens.
GitGuardian has been awarded four new badges in G2’s Winter 2023 Report and has been named a leader by Sourceforge.
Attacks on software supply chains have been around for some time, but recently they have evolved into much more dangerous threats. Let's dive into the SLSA framework to understand where supply chain security is headed.
Honeytokens or Canary Tokens are credentials designed to alert you when an attacker is in your infrastructure. This is a complete tutorial how to create them using only open-source projects.
Learn more about the challenges awaiting organizations of hundreds to thousands of developers deploying secrets detection and how we're addressing them with our latest feature releases.
![IAM Best Practices [cheat sheet included]](/content/images/size/w600/2023/01/23W04-blog-IAM-CHEATSHEET.png)
Download our cheat sheet on IAM, Identity and Access Management, best practices. It will help you make your cloud environments more secure.
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
DevOps teams and developers can now bring the power of automated secrets detection and remediation to their Azure DevOps repositories.
Developer security practices are about adding security at each software development stage. Here’s a list of top developer security practices to follow.
Philippe is back, this time joined by Laurent, to reveal their best tips & tricks to make Django and Postgres the best friends in the world.
After CircleCI breach, it is a good moment for any team relying on CI/CD infrastructure to review their pipeline security as there are some steps they can take to be proactive.
This time, we will see how to get a deeper integration between OPA and Kubernetes with Gatekeeper and native CRD-based policies.
The GitGuardian team is still striving to provide the broadest secrets detection engine, helping you find and fix all sorts of hardcoded secrets! Learn more about the specific and generic detectors our team has released in 2022 in this post.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
