Product News
Who Actually Owns This Service Account?
When an NHI is compromised, who do you call? GitGuardian NHI ownership eliminates the guessing game with automatic accountability.
MOST POPULAR
all tags
other
Automate security testing in your CI pipelines with GitGuardian and CircleCI
GitGuardian is now a verified CircleCI technological partner. Use the ggshield orb to run automated secrets detection and remediation in your CircleCI workflows.
Detector of The Month – Stripe webhook secret, April 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.
How To Setup Your Jenkins Pipeline with GitGuardian in Kubernetes
In this tutorial, we will show how to integrate GitGuardian Shield to run on one of the most famous CI tools: Jenkins (with a cool bonus!).
How Hackers Used Stolen GitHub Tokens to Access Private Source Code
Attackers have used stolen OAuth tokens issued to Travis CI and Heroku to gain access to private git repositories on GitHub. Here we take a look at exactly what happened, why it's significant, and how to mitigate the issue.
Carrying Ambition Through Passion
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.
![Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]](/content/images/size/w600/2022/04/22W15-blog-SecurityZines-Compromising_CICD_pipelinesnal.jpg)
Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]
He struck again! New Security Zine, this time focusing on how leaked Jenkins credentials can lead to a complete supply chain takeover...
Securing Containers with Seccomp: Part 2
This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.
Detector of The Month – Redis, March 2022
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Redis database credentials.
DevSecOps and the AppSec Shared Responsibility Model
In their latest white paper, GitGuardian examines why implementing DevSecOps at scale to protect the modern software factory means evolving traditional AppSec. Read more to learn how the shared responsibility model adoption will unlock security in an agile world.
Latest from Lapsus$, Reviewing the Microsoft Breach
Lapsus$ has continued its prolific pace of breaches now leaking internal source code from 250 Microsoft projects. GitGuardian analyzed the code looking for secrets sprawl.
![Secrets in Git Repos [Security Zines]](/content/images/size/w600/2022/03/22W10-blog-securityzines-1-1.jpg)
Secrets in Git Repos [Security Zines]
Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...
Samsung and Nvidia are the latest companies to involuntarily go open-source leaking company secrets
Nearly 200GB of source code from Samsung and the source code from Nvidia's latest DLSS technology has been published online by The Lapsus$ hacking group. Internal source code being leaked online by adversaries is happening with alarming regularity in recent years. Only
