Conferences
BSides Seattle 2025: Rebuilding Trust in Systems In The Age Of NHIs
The BSides Seattle 2025 speakers showed how security and IAM fail under stress and why usable security must consider human limits and machine-scale risk.
MOST POPULAR
all tags
other
Leading R&D in a tech company
Henri shared with us how, coming from a statistical background, he decided to join GitGuardian to build the best secrets detection engine.
Credential Access - Breaking down the MITRE ATT&CK framework
This article discusses the 15 credential access techniques as outlined in the MITRE ATT&CK framework and provides examples of how attackers have used these techniques as well as preventative measures that can be put in place.
How Adding Security into DevOps Accelerates the SDLC (Pt. 2)
Second part of our guided tour through the SDLC, focusing on the fundamental technology enabling DevOps: the CI pipeline. We will also touch on deployment orchestration, maintenance and incident response.
Red Team Chronicles Episode 3 - The illusion of the fortress
Building a fortress is a strategy from the past. Mobility, remote working, cloud and SaaS have made the delineation between internal and external networks almost impossible. This episode reviews how attackers use fortress against organizations.
How Adding Security into DevOps Accelerates the SDLC (Pt. 1)
Part one of a deep dive into SDLC and how it evolved to become what we call DevOps. Let's find out how adding security actually accelerates it.
Setting up a pre-commit git hook with ggshield, the GitGuardian CLI.
In this tutorial we are going to run through how to create a pre-commit git hook using GitGuardian Shield to detect secrets before they enter your repository.
Security in Infrastructure as Code with Terraform — Everything You Need to Know
With DevOps, we try to manage our infrastructure using pure code. Since all our infrastructure is managed by code, the security of the code that actually manages the infrastructure is crucial. This article looks at how we can keep our infrastructure as code secure.
Red Team Chronicles Episode 2 - There is no such thing as a “miracle solution”
In episode 2 of the Red Team Chronicles, we talk with Philippe about the one size fits all security claims some vendors make and how hackers use this to get into systems undetected.
Codecov supply chain breach - explained step by step
Codecov recently had a significant breach as attackers were able to put a backdoor into Codecov to get access to customers' sensitive data. This article reviews exactly what happened, how attackers gained access, how they used sensitive information and of course, what to do if you were affected.
Red Team Chronicles Episode 1 - Meet Philippe our offensive security expert
The Red Team Chronicles follows pentester and entrepreneur Philippe as we look into his hacking playbook. In episode one, we look at how Philippe started his journey to become a pentester.
CISO Live - Yury Koldobanov from Mirantis
Mirantis helps organizations ship code faster on public and private clouds. Director of IT Yury Koldobanov at Mirantis explains how GitGuardian helps them keep their code secure.
Initial Access Techniques - MITRE ATT&CK
This article discusses the 9 initial access techniques as outlined in the MITRE ATT&CK framework and provides examples of how attackers have used these techniques as well as preventative measures that can be put in place.
