Understanding the Risks of Long-Lived Kubernetes Service Account Tokens
Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.
Secure Your Secrets with .env
Using environment variables to store secrets instead of writing them directly into your code is one of the quickest and easiest ways to add a layer of protection to your projects.
How to Become Great at API Key Rotation: Best Practices and Tips
Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.
Working To Eliminate Hardcoded Secrets? Coordinating and Prioritizing Remediation With The GitGuardian Platform
Learn how GitGuardian helps teams effectively prioritize and coordinate remediation by gathering the right data and making progress tracking and communication easy.
Developer Education - GitGuardian Supports Your Learning Style
Discover GitGuardian's diverse educational resources! From videos to podcasts and docs to hands-on learning, get a handle on secrets sprawl at your pace and style.
![What to do if you expose a secret: How to stay calm and respond to an incident [cheat sheet included]](/content/images/size/w600/2023/11/Remediation-post.png)
What to do if you expose a secret: How to stay calm and respond to an incident [cheat sheet included]
Learn how to respond to a secret leak incident effectively. Follow our step-by-step guide to understand the impact, rotate secrets safely, and prevent future leaks.
Webinar Recap: Hands-on guide to Runtime Security for CI/CD Pipelines with StepSecurity
A condensed recap of our hands-on runtime security webinar from September. Get the juiciest knowledge nuggets and pointers to more.
Secrets management takes more than just tools
Can you just purchase a tool to give you good security posture? Discover how People, Processes, and Tools elevate code security to protect against data breaches.
Defending your castle: Raising walls versus detecting intruders
Defend your digital assets in 2023 with modern strategies. From IaC scanning to secrets detection to honeytokens, strengthen your castle against evolving threats.
Hardcoded secret at the heart of the Dell Compellent VMware vulnerability
Dell disclosed a Compellent vulnerability affecting VMware users. Let's take a closer look to learn to safeguard your data, prevent coding mishaps, and ensure online security
![From Code to Cloud: Security for Developers [cheat sheet included]](/content/images/size/w600/2023/08/Snyk-GitGuardian-Cheat-sheet.png)
From Code to Cloud: Security for Developers [cheat sheet included]
In this cheat sheet, we will walk you through the different stages of the software development lifecycle and highlight key security considerations and tools that can help you mitigate risks and protect your code.
Securing your CI/CD: an OIDC Tutorial
The article highlights the significance of securing CI/CD systems and offers three best practices. It introduces OpenID Connect (OIDC) as a means to employ short-lived tokens for improved security.
