Learn how GitGuardian supports NHI governance with a secrets-first model that improves visibility, reduces sprawl, and helps teams manage machine identity risk.
GitGuardian now supports more than 300 secrets detectors, available in both products: GitGuardian for Public GitHub Monitoring and GitGuardian for Internal Repositories Monitoring.
In this second episode, we will go through the NSA/CISA security recommendations and explain every piece of the guidelines.
The NSA and CISA recently released a guide on Kubernetes hardening. We'll cover this guide in a three part series. First, let's explore the Threat Model and how it maps to K8s components.
For the last installment of our Red Team Chronicles, Philippe Caturegli explains the different phases of a compromise and what should be a priority for security teams.
With 2.5 million monthly downloads, Bokeh has made a name for itself in the world of open-source interactive visualization libraries. Read on to learn how GitGuardian helps Bryan Van de Ven (co-creator and project lead) and contributors protect their repositories against secrets leaks.
We're happy to celebrate the 20th birthday of the Open Web Application Security Project, one of the major open-source resources helping developers better understand and practice web security.
Today, we’re introducing Validity Checks in GitGuardian for Internal Repositories Monitoring. For each incident, users will now be able to verify if the leaked credentials are still valid — bringing their attention to unresolved incidents.
In this episode, you’ll discover a perfect illustration of the security knowledge gap existing between organizations. Offensive security expert Philippe Caturegli comes across a way too common belief: “nobody will find my scripts or my data because they are very carefully hidden”.
Today, we’re introducing Presence Checks in GitGuardian for Internal Repositories Monitoring. For each incident in the dashboard, users will now be able to verify if the leaked secret is still present or if it was completely removed from the git history.
The National Institute of Standards and Technology (NIST) under Executive Order (EO) 14028 has launched an initiative to improve the United States Cybersecurity on May 12th, 2021.
Danny and his team have been using both GitGuardian Internal Monitoring and GitGuardian Public Monitoring as a safety net. IT Central Station has interviewed him and wrote an objective and detailed review.
In this article, we will explain why Docker images can contain sensitive information and give some examples of the type of secrets we found in public Docker images. Finally, we will compare our results to the ones we have with source code scanning.
GitGuardian is the code security platform for
the DevOps generation.
With automated secrets detection and
remediation, our platform enables Dev, Sec, and Ops to advance together
towards the Secure Software Development Lifecycle.
Subscribe to our newsletter to receive the latest content and updates from GitGuardian.
