Best practices Security in Infrastructure as Code with Terraform — Everything You Need to Know With DevOps, we try to manage our infrastructure using pure code. Since all our infrastructure is managed by code, the security of the code that actually manages the infrastructure is crucial. This article looks at how we can keep our infrastructure as code secure.
Best practices Data Security — an Introduction to AWS KMS and HashiCorp Vault While Vault and KMS share some similarities, for example, they both support encryption, but in general, KMS is more on the app data encryption / infra encryption side, and Vault is more on the secrets management / identity-based access side.
DevSecOps A Comprehensive Application Security Program - What it should include Application security, known as AppSec, has become an extremely important part of the security program. This article looks at what makes a mature and comprehensive AppSec program.
Best practices How to safely open-source internal software - Some best practices On this post we’ll be focusing on a few essentials that should be done before making your project open-source.
Best practices File types that most commonly contain sensitive information As outlined in the State of Secrets Sprawl report, 5 million credentials and other secrets get leaked on Github every year. This is an in-depth look into what file extensions most commonly contain secrets.
Best practices How to scan local files for secrets in python using the GitGuardian API How to scan local files for secrets like API keys and security certificates in python using the GitGuardian API.
Cheat sheets Best practices for managing and storing secrets including API keys and other credentials [2020] Storing and managing secrets like API keys and other credentials can be challenging, even the most careful policies can sometimes be circumvented in exchange for convenience. We have compiled a
Best practices 8 free security tools every developer should know and use to Shift Left A list of 8 free must use security tools every developer should know about to help them secure their code and Shift Left.
Best practices 8 steps to keep remote development teams secure There is no doubt that the world's workforce is becoming more remote, particularly in tech as developers can now work from any location in the world. But there are a large number of new obstacles that come with this. The most pressing is security.
Best practices Exposing secrets on GitHub: What to do after leaking credentials and API keys If you have discovered that you have just exposed a sensitive file or secrets to a public git repository, there are some very important steps to follow.
![Best practices for managing and storing secrets including API keys and other credentials [2020]](/content/images/size/w600/2020/06/20W22-BLOG-Banner-BestPractices-Final@2x.png)
