all tags
Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault

The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.

From Confidence to Competence: The Reality of Secrets Management

From Confidence to Competence: The Reality of Secrets Management

The confidence gap in secrets management is real: 75% of organizations feel secure while only 44% of developers follow best practices. Discover what security experts reveal about remediation challenges, responsibility issues, and practical solutions for protecting your most sensitive credentials.

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Solving Secrets Management Challenges for NHIs: GitGuardian Integration with HashiCorp Vault

Struggling with vault sprawl and NHI secrets? GitGuardian’s new HashiCorp Vault integration helps cybersecurity teams centralize secrets management, reduce blind spots, and strengthen security for today’s intricate infrastructures.

The Challenges of Identity Lifecycle Management for NHIs

The Challenges of Identity Lifecycle Management for NHIs

Identity lifecycle management is one of the most underestimated security risks in many organizations. You may have structured IAM processes that handle the lifecycle of human identities, but what about your non-human identities (NHIs)?

Security First, Transparency Always: Inside GitGuardian’s Responsible Disclosure Process

Security First, Transparency Always: Inside GitGuardian’s Responsible Disclosure Process

In the past 6 months, our security research team disclosed 24 critical vulnerabilities. Most have been successfully remediated. Our team's contributions to cybersecurity have been formally recognized, with our researchers being listed in both Bayer's and Oracle's Security Researcher Hall of Fame.

The Secret to Your Artifactory: Inside The Attacker Kill-Chain

The Secret to Your Artifactory: Inside The Attacker Kill-Chain

Artifactory token leaks are not the most common, but they pose significant risks, exposing sensitive assets and enabling supply chain attacks. This article explores the dangers of leaked tokens and proposes mitigation strategies, including token scoping and implementing least privilege policies.

Start your journey to secrets-free source code

And keep your secrets out of sight