Hardcoded secret at the heart of the Dell Compellent VMware vulnerability
Dell disclosed a Compellent vulnerability affecting VMware users. Let's take a closer look to learn to safeguard your data, prevent coding mishaps, and ensure online security
![From Code to Cloud: Security for Developers [cheat sheet included]](/content/images/size/w600/2023/08/Snyk-GitGuardian-Cheat-sheet.png)
From Code to Cloud: Security for Developers [cheat sheet included]
In this cheat sheet, we will walk you through the different stages of the software development lifecycle and highlight key security considerations and tools that can help you mitigate risks and protect your code.
Securing your CI/CD: an OIDC Tutorial
The article highlights the significance of securing CI/CD systems and offers three best practices. It introduces OpenID Connect (OIDC) as a means to employ short-lived tokens for improved security.
Why you should look beyond source code for exposed secrets
Learn more about the various sources of exposed secrets beyond source code repositories. From CI/CD systems to container images, runtime environments to project management tools, uncover the risks associated with storing secrets in these sources.
Protect Your Keys - Lessons from the Azure Key Breach
Learn how to better protect your organization from attacks by looking at how attackers compromised a Microsoft signing key. Secure your keys and actively monitor code and logs.
How to Secure Your Productivity Tools with GitGuardian Honeytoken
GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.
How to Secure Your IaC and Configuration Management Tools with GitGuardian’s Honeytoken
It is important to secure environments with intelligent solutions. GitGuardian Honeytoken can help protect your IaC and Config Management tools.
Code Security: Manual Code Reviews Ain't Enough
Manual code reviews provide a lot of value but are slow, error-prone, and don't scale. Automated testing can take a lot of pressure off review teams.
The Art of Protecting Secrets: Eight Essential Concepts for SecOps Practitioners
Secrets management is an art, and mastering it requires a deep understanding of security protocols, meticulous attention to detail, and a proactive approach to staying ahead of threats. In this blog, we present you with eight essential concepts to enhance your credential management strategy.
External Attack Surface Management. What are you missing out on?
Discover the importance of including public GitHub monitoring in your external attack surface management strategy to mitigate the risk of sensitive information exposure. Learn the steps to protect your organization from potential breaches in this blog post.
Lessons from Lapsus - CISO on Building a comprehensive secrets management program
Following a breach by the Lapsus$ cyber gang, Jason Haddix, then CISO of UbiSoft called over 40 other CISOs to discuss strategies on how to be more resilient to attacks. Those conversations led him to create a 4 step guide to building a comprehensive secrets management program.
How to Handle Secrets in Terraform
DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.
