![Shai-Hulud 2.0 Exposes Over 33,000 Unique Secrets [Updated Nov, 27]](/content/images/size/w600/2025/11/shai-hulud--2--1.png)
On November 24, a new wave of the Shai-Hulud supply chain attack emerged. The threat actors exfiltrate stolen credentials directly to GitHub repositories created with compromised tokens.
With the expansion of the DevOps and DevSecOps models, the concept of “shift left” in the context of the development lifecycle has become quite popular. This article looks at practical ways organizations implement a Shift Left approach to development.
Application security, known as AppSec, has become an extremely important part of the security program. This article looks at what makes a mature and comprehensive AppSec program.
GitGuardian is releasing exciting new integrations for your favourite CI/CD and SIEM tools to help integrate GitGuardian into your SDLC seamlessly.
To give you some insights on how onboarding is done at GitGuardian we have asked one of our Account Executive, Alexis, to share his experience.
On this post we’ll be focusing on a few essentials that should be done before making your project open-source.
João is a data and software engineer who works as part of the internal monitoring product team at GitGuardian. João also leads GitGuardian’s API development and GitGuardian’s open-source tools.
The Indian government was breached in a significant attack launched by a white hat hacking group Sakura Samurai leading to a 34 page vulnerability report. Today we will analyze the attack play by play.
Sometimes the GitGuardian secrets detection engine can seem like a mysterious black box, but in reality, it is a huge collection of independent detectors that are being constantly maintained by our dedicated Secrets Team.
This article explains how our research team develops and refines detectors. To illustrate this article, we will take the case of MongoDB credentials.
GitGuardian has always been a developer-first company since its conception. Today GitGuardian has a large team of engineers with a wide range of skills and stories. This article is about one developer at GitGuardian and why he wanted to work on solving the issue of Secrets Sprawl.
As outlined in the State of Secrets Sprawl report, 5 million credentials and other secrets get leaked on Github every year. This is an in-depth look into what file extensions most commonly contain secrets.
Since the conception of GitGuardian, we have been working to help developers keep source code secure. This started with scanning public repositories on GitHub and our offering has been growing ever since. In 2020 we released: * our internal monitoring product to be able to
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
