DevSecOps

A collection of 71 posts

Lessons from Lapsus - CISO on Building a comprehensive secrets management program

Lessons from Lapsus - CISO on Building a comprehensive secrets management program

Following a breach by the Lapsus$ cyber gang, Jason Haddix, then CISO of UbiSoft called over 40 other CISOs to discuss strategies on how to be more resilient to attacks. Those conversations led him to create a 4 step guide to building a comprehensive secrets management program.

Platform Engineering and Security: A Very Short Introduction

Platform Engineering and Security: A Very Short Introduction

Is DevOps really dead? Learn about the rise of platform engineering and how it differs from DevOps in terms of self-service capabilities and automation. Discover how security fits into this new paradigm and the benefits of platform engineering for software development teams of various sizes.

Securing The New Frontier in Developer Environments: Cloud IDEs

Securing The New Frontier in Developer Environments: Cloud IDEs

You might already be using a Cloud IDE for certain projects. This exciting evolution of the local dev environment has a lot of advantages but also brings some new risks. This article will help you stay safe as you embrace the cloud for your coding needs.

It Takes a Team to Solve Hardcoded Secrets

It Takes a Team to Solve Hardcoded Secrets

We’re introducing a new Role-based Access Management (RBAC) system with “Teams” in your GitGuardian Internal Monitoring workspace. Bring Dev, Sec, and Ops together and fix hardcoded credentials faster than you ever thought possible!