Security Research
A Mini Shai-Hulud Targeting the SAP Ecosystem
7 stolen GitHub tokens. 971 repositories. A self-replicating supply chain attack targeting SAP's Node.js packages — and it's still active. Here's what GitGuardian found.
MOST POPULAR
all tags
other
Platform Engineering and Security: A Very Short Introduction
Is DevOps really dead? Learn about the rise of platform engineering and how it differs from DevOps in terms of self-service capabilities and automation. Discover how security fits into this new paradigm and the benefits of platform engineering for software development teams of various sizes.
cdCon + GitOpsCon - Co-evolving Open Source DevOps Communities In One Conference
The CD Foundation and OpenGitOps communities joined forces in Vancouver to create cdCon + GitOpsCon for a conference about the future of DevOps tools and best practices.
We’re Teaming Up With Snyk to Strengthen Developer Security!
The new partnership enables Snyk and GitGuardian to build, integrate, and grow together to help development and security teams scale their security programs and significantly reduce their applications' attack surface at every stage of the code-to-cloud lifecycle.
BSidesAustin 2023: CyberSecurity In The Texas Tech Capital
Austin, Texas, is home to many cybersecurity communities. Read the highlights from when they got together BSides Austin 2023 and shared best practices to help keep us all safe.
How to Create and Use Honeytokens: Step-by-Step Instructions
Learn how to create, test and deploy GitGuardian honeytokens to detect security breaches, strengthen supply chain security, and prevent code leakage. Find out where to place honeytokens to effectively deceive attackers and protect your assets.
Voice of Practitioners: The State of Secrets in AppSec
Our latest report gathered answers from 507 IT and security decision-makers to study awareness about the risks posed by secrets sprawl and operational maturity in large enterprises.
GitGuardian at AppSec Village: Honeytokens for the blue team
GitGuardian was part of AppSec Sandbox at RSA, put on by AppSec Village. Learn about our blue team exercise that used honeytokens to find and boot an attacker.
Quality Assurance Engineering at GitGuardian
Learn about the day-to-day life of a QA engineer and the different techniques and processes used by the QA engineering team at GitGuardian to ensure high-quality products.
RSA Conference 2023: DevSecOps and The Future Of Security
The RSA Conference in San Francisco drew 40,000 participants over 4 extremely busy days. Read just a few of the highlights from this legendary event.
BSides San Francisco - A Two-Day Community Celebration
Read the highlights from BSidesSF, a community event that brought together speakers, workshops, and villages to help us all learn to be safer.
How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel
SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of honeytokens. Join the adventure today!
How to Handle Secrets in Kubernetes
This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!
