Recent supply chain attacks stayed live for hours. Automation tools silently merged their malware in minutes. Read how upgrade bots and AI agents became the insider threat.
Discover the overlooked vulnerability lurking in every corner of the finance industry. Hardcoded credentials in source code are an easy target for hackers, yet so common they're rarely discussed. Learn what companies can do to protect themselves against costly breaches.
In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.
DevOps Midwest 2023 brought together experts in scale, availability, and security best practices. Read some of the highlights from this DevSecOps-focused event.
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
![Best Practices for Scanning and Securing Infrastructure as Code (IaC)[cheat sheet included]](https://storage.ghost.io/c/42/5d/425d266f-cf99-406e-9436-597a19bed011/content/images/size/w600/2023/04/23W15-blog-GitGuardian-IAC-Cheatsheet.png)
Discover the best practices and tools to scan and secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.
What if you could detect intrusions and code leaks in your software supply chain? Introducing GitGuardian Honeytoken, the solution that protects your software supply chain against potential intrusions on SCM systems, CI/CD pipelines, software artifact registries, and more.
This month we had the pleasure of chatting with Dhia, ProductOps manager and data analyst.
Master Terraform in the cloud: play with the console, know your infrastructure, avoid mistakes, separate infrastructure from configuration, make code declarative, and understand vendor lock-in.
GitGuardian's Q1 wrap-up highlights our progress in detecting secrets, introducing new secret detectors, and committing to code security. With six new detectors released in Q1, GitGuardian remains the go-to solution for developers looking to write more secure code.
Nearly 1500 cybersecurity professionals gathered in Milwaukee for Cpyphercon 6. Read the highlights from the largest hacker event in Wisconsin
Twitter's source code was recently leaked publicly on a GitHub repository. This blog post looks at exactly what happened and what security consequences could stem from this leak.
Kondukto and GitGuardian have teamed up to provide an integration that brings together their knowledge in AppSec orchestration and automated secrets detection.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
