Conferences
Queen City Con 0x3: Hacking And Embracing Resiliency
Queen City Con 2025 highlighted identity, cloud risk, and detection gaps. Learn why defaults and identity sprawl, not zero-days, are still the greatest security threat.
MOST POPULAR
all tags
other
How to Handle Secrets in Docker
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
From Alert to Action: Best Practices to Handle Responsible Disclosure
Responsible disclosure is an often overlooked but critical component of cybersecurity alerting processes. Explore key best practices that can enhance communication and collaboration with researchers, turning potential security threats into opportunities for stronger defense.
BSides San Diego 2025: Shifting the Risk Conversation By The Sea Shore
Discover how BSidesSD 2025 challenged traditional GRC, spotlighted data poisoning, and promoted human-driven security insights. Read our highlights from this community event.
The Hidden Breach: Secrets Leaked Outside the Codebase Pose a Serious Threat
Secrets aren't just in code. GitGuardian’s 2025 report shows major leaks in collaboration tools like Slack, Jira, and Confluence. Here’s what security teams need to know.
SnowFROC 2025: A Chilly Reminder That OWASP Matters and Exploring Secure Coding Practices with AI Coding Bots
At Denver's SnowFROC, security pros tackled the importance of OWASP’s evolving Top 10 and exposed the current shortcomings of AI-generated code for production systems.
GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices
Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization while leveraging AI.
Yes, GitHub's Copilot can Leak (Real) Secrets
Researchers successfully extracted valid hard-coded secrets from Copilot and CodeWhisperer, shedding light on a novel security risk associated with the proliferation of secrets.
GitGuardian's Secret Risk Assessment: Know Your True Exposure For Free
Get a comprehensive GitHub secret risk assessment with GitGuardian. Identify hidden exposures and strengthen your security posture. Start your free scan now!
Keeping Secrets Out of Logs: Strategies That Work
tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.
A Peek on Cloud Security: JSSI 2025
At JSSI 2025, French IT security experts discussed the cloud's impact on security. Presentations covered strategy and technical analysis. GitGuardian’s researchers shared insights on detecting secrets in the cloud and responsibly disclosing them to companies.
Compromised tj-actions/changed-files GitHub Action: A look at publicly leaked secrets
On March 14, 2025, the popular GitHub action tj-actions/changed-files was compromised, exposing secrets in CI logs. GitGuardian's analysis identified leaked secrets like GitHub tokens, AWS keys, and more.
Addressing The Growing Challenge of Generic Secrets: Beyond GitHub's Push Protection
Generic secrets are hard to detect and are getting leaked more often. See how GitGuardian offers advanced protection where GitHub's push protection falls short.
