Learn how GitGuardian supports NHI governance with a secrets-first model that improves visibility, reduces sprawl, and helps teams manage machine identity risk.
Keep secrets out of your source code. GitGuardian's automated secrets detection now supports Stripe webhook signing secrets.
In this tutorial, we will show how to integrate GitGuardian Shield to run on one of the most famous CI tools: Jenkins (with a cool bonus!).
Attackers have used stolen OAuth tokens issued to Travis CI and Heroku to gain access to private git repositories on GitHub. Here we take a look at exactly what happened, why it's significant, and how to mitigate the issue.
Edouard, GitGuardian's VP Product, is a seasoned cybersecurity specialist who joined GitGuardian to push our DevSecOps solutions to new heights. Find out more about his background and what excited him to become a Guardian.
![Compromising CI/CD Pipelines with Leaked Credentials [Security Zines]](/content/images/size/w600/2022/04/22W15-blog-SecurityZines-Compromising_CICD_pipelinesnal.jpg)
He struck again! New Security Zine, this time focusing on how leaked Jenkins credentials can lead to a complete supply chain takeover...
This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security feature for hardening containerized workloads.
Keep secrets out of your source code. GitGuardian's automated secrets detection supports Redis database credentials.
In their latest white paper, GitGuardian examines why implementing DevSecOps at scale to protect the modern software factory means evolving traditional AppSec. Read more to learn how the shared responsibility model adoption will unlock security in an agile world.
Lapsus$ has continued its prolific pace of breaches now leaking internal source code from 250 Microsoft projects. GitGuardian analyzed the code looking for secrets sprawl.
![Secrets in Git Repos [Security Zines]](/content/images/size/w600/2022/03/22W10-blog-securityzines-1-1.jpg)
Security Zines is a comic strip focused on raising awareness around code security topics. This first installment takes a look at the problem of storing secrets in Git repositories, and why it's such a bad idea...
Nearly 200GB of source code from Samsung and the source code from Nvidia's latest DLSS technology has been published online by The Lapsus$ hacking group. Internal source code being leaked online by adversaries is happening with alarming regularity in recent years. Only
In its 2022 report, GitGuardian extends its previous edition focused on public GitHub by depicting a realistic view of the state of secrets sprawl in corporate codebases.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
