Secrets Management
HMAC Secrets Explained: Authentication You Can Actually Implement
A developer-first guide to implementing HMAC signatures correctly.
MOST POPULAR
all tags
other
Highlights from the 2021 RSA conference - Attack and defend a unique approach to exploiting credentials
Presentation of the talk at the RSA conference by Johannes Ullrich and Jason Lam: Attack & Defend: Protecting Modern Distributed Applications and Components.
Making developers part of security with GitGuardian’s new Dev in the loop feature
GitGuardians “Dev in the loop” is another step towards bringing this into reality with a practical feature that improves the workflow of remediating a secret incident between developers and security teams.
An Introduction to DevSecOps - Tackling Security with DevOps & Why It Accelerates Your SDLC
This article introduces DevSecOps, making security part of the entire software development process. It outlines why having a DevSecops approach not only makes the software more secure but also why it can speed up the development process.
Shift Left - Moving security to the development phase - the case of secrets detection in code repositories
With the expansion of the DevOps and DevSecOps models, the concept of “shift left” in the context of the development lifecycle has become quite popular. This article looks at practical ways organizations implement a Shift Left approach to development.
A Comprehensive Application Security Program - What should you include
Application security, known as AppSec, has become an extremely important part of the security program. This article looks at what makes a mature and comprehensive AppSec program.
GitGuardian Internal Monitoring - New and improved integrations with your favorite CI/CD and SIEM tools
GitGuardian is releasing exciting new integrations for your favourite CI/CD and SIEM tools to help integrate GitGuardian into your SDLC seamlessly.
GitGuardian onboarding experience. Feedback from an Account Executive!
To give you some insights on how onboarding is done at GitGuardian we have asked one of our Account Executive, Alexis, to share his experience.
How to safely open-source internal software — Some best practices
On this post we’ll be focusing on a few essentials that should be done before making your project open-source.
Working as a backend developer at GitGuardian
João is a data and software engineer who works as part of the internal monitoring product team at GitGuardian. João also leads GitGuardian’s API development and GitGuardian’s open-source tools.
Analyzing how hackers breached the Indian government - play by play
The Indian government was breached in a significant attack launched by a white hat hacking group Sakura Samurai leading to a 34 page vulnerability report. Today we will analyze the attack play by play.
GitGuardian Secrets Detection Q1 2021 Update
Sometimes the GitGuardian secrets detection engine can seem like a mysterious black box, but in reality, it is a huge collection of independent detectors that are being constantly maintained by our dedicated Secrets Team.
Implementing a detector at GitGuardian : a use case with MongoDB credentials
This article explains how our research team develops and refines detectors. To illustrate this article, we will take the case of MongoDB credentials.
