DevSecOps
OIDC for Developers: Reasons Your Auth Integration Could Be Broken
Why outsourcing auth doesn't mean outsourcing risk.
MOST POPULAR
all tags
other
The Role of AI and Compliance in Modern Risk Management: ShowMeCon 2025
The speakers at ShowMeCon 2025 explored why policy isn't protection without validation. AI, identity, and threat detection must align to reduce operational risk.
GitGuardian Partners with GuidePoint Security to Strengthen Application Security Offerings
GitGuardian and GuidePoint Security have partnered to deliver enhanced secrets detection and non-human identity security solutions to North American customers, offering tools to combat secrets sprawl and mismanaged identities.
Securing Your Machine Identities Means Better Secrets Management
Machine identities make up the majority of the over 24 million secrets GitGuardian discovered in public in 2025. Let's look at how we got here and how we fix this.
Automated Guard Rails for Vibe Coding
Vibe coding might sound like a trendy term, but it's really just developing software without automated checks and quality gates. Traditional engineering disciplines have always relied on safety measures and quality controls, so vibe coding should be no different in my honest opinion.
Identiverse 2025: Trust, Delegation, and the Era of Continuous Identity
Identiverse 2025 exposed the urgent need for NHI governance. From AI agents to orphaned credentials, NHIs and their sprawling secrets are today’s most overlooked risks.
How GitGuardian and Akeyless Secure Machine Identities Across Environments
See how GitGuardian's deep discovery, combined with Akeyless's automation, delivers full secrets lifecycle control.
Why Most Exposed Secrets Never Get Fixed
Our latest State of Secrets Sprawl 2025 research reveals a troubling reality: the majority of leaked corporate secrets found in public code repositories continue to provide access to systems for years after their discovery.
Security Isn’t A Solo Sport: Community, Burnout, and Identity at BSides312
At BSides312 in Chicago, experts showed that defending systems requires defending people, with trust, inclusion, and communication as key controls. Defense is deeply human.
Security Starts With Developer Enablement: Lessons From PHP TEK 2025
PHP TEK 2025 revealed how empowering developers through clear, embedded security practices strengthens defenses without adding operational friction.
Building a Secure LLM Gateway (and an MCP Server) with GitGuardian & AWS Lambda
How I wrapped large-language-model power in a safety blanket of secrets-detection, chunking, and serverless scale.
Navigating the New Frontiers of Identity: Insights from KuppingerCole EIC Summit 2025
Discover why machine identities are the new security frontier from KuppingerCole EIC 2025. Learn about secrets sprawl, AI agents, and why traditional IAM fails to protect NHIs in this GitGuardian recap.
Standards for a Machine‑First Future: SPICE, WIMSE, and SCITT
Discover how SPICE, WIMSE, and SCITT are redefining workload identity, digital trust, and software supply chain integrity in modern machine-first environments.
