Secrets Management
HMAC Secrets Explained: Authentication You Can Actually Implement
A developer-first guide to implementing HMAC signatures correctly.
MOST POPULAR
all tags
other
What’s new in the 2021 OWASP Top10?
The famous list of the top 10 web applications vulnerabilities just got updated for the first time since 2017. Let's find out what the most surprising changes are.
Supply Chain Attacks: 6 Steps to protect your software supply chain
This article looks at software supply chain attacks, exactly what they are and 6 steps you can follow to protect your software supply chain and limit the impact of a supply chain attack.
Secrets Detection – Tools for reproducible, detailed, and meaningful benchmarks
New series focusing on performance at GitGuardian. Learn how we built the tools to produce meaningful benchmarks and track our improvements in speed over the year.
GitHub Universe 2021 Overview – What you missed from the GitHub conference
Missed the GitHub Universe 2021? Here are the key takeaways from the conference including key features and what we can expect in the future from GitHub.
Improving the Nation's Cybersecurity — Minimum Testing Standards for Software Vendors (part 2)
Continuing our coverage of the Executive Order on Cybersecurity, let's figure out what are the minimum testing standards for software vendors as depicted by the NIST.
300. That's how many secrets detectors GitGuardian now runs.
GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.
Hardening Your Kubernetes Cluster - Guidelines (Pt. 2)
In this second episode, we will go through the NSA/CISA security recommendations and explain every piece of the guidelines.
Hardening Your Kubernetes Cluster - Threat Model (Pt. 1)
The NSA and CISA recently released a guide on Kubernetes hardening. We'll cover this guide in a three part series. First, let's explore the Threat Model and how it maps to K8s components.
Red Team Chronicles Episode 5 - Alert to Avoid Serious Compromise
For the last installment of our Red Team Chronicles, Philippe Caturegli explains the different phases of a compromise and what should be a priority for security teams.
How does Bokeh, the Python Interactive Visualization Library, Secure its Open-Source Repositories?
With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.
Happy 20th Birthday, OWASP!🎂
We're happy to celebrate the 20th birthday of the Open Web Application Security Project, one of the major open-source resources helping developers better understand and practice web security.
You can’t remember if you revoked that secret? We’ll help you verify with Validity Checks.
Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.
