
What to do if you expose a secret: How to stay calm and respond to an incident
Learn how to respond to a secret leak incident effectively. Follow our step-by-step guide to understand the impact, rotate secrets safely, and prevent future leaks.
Learn how to respond to a secret leak incident effectively. Follow our step-by-step guide to understand the impact, rotate secrets safely, and prevent future leaks.
A condensed recap of our hands-on runtime security webinar from September. Get the juiciest knowledge nuggets and pointers to more.
A new comprehensive study by researchers at RWTH Aachen University in Germany did a study on over 300,000 docker images finding that 8.5% contained API keys and private keys that malicious actors could exploit in the wild.
GitGuardian Honeytokens are potent tools in the cybersecurity toolkit, notifying you of any unauthorized activities in code repos, Jira, Slack, Linear, and more.
It is important to secure environments with intelligent solutions. GitGuardian Honeytoken can help protect your IaC and Config Management tools.
Manual code reviews provide a lot of value but are slow, error-prone, and don't scale. Automated testing can take a lot of pressure off review teams.
Secrets management is an art, and mastering it requires a deep understanding of security protocols, meticulous attention to detail, and a proactive approach to staying ahead of threats. In this blog, we present you with eight essential concepts to enhance your credential management strategy.
Learn how your secrets management can affect your DevOps performance, measured by DORA metrics, as well as increase your risk as an organization.
Following a breach by the Lapsus$ cyber gang, Jason Haddix, then CISO of UbiSoft called over 40 other CISOs to discuss strategies on how to be more resilient to attacks. Those conversations led him to create a 4 step guide to building a comprehensive secrets management program.
Is DevOps really dead? Learn about the rise of platform engineering and how it differs from DevOps in terms of self-service capabilities and automation. Discover how security fits into this new paradigm and the benefits of platform engineering for software development teams of various sizes.
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
Kondukto and GitGuardian have teamed up to provide an integration that brings together their knowledge in AppSec orchestration and automated secrets detection.