April 2023

What can we expect for security in 2023 - Joseph Carson Delinea

Apr 27, 2023 By GitGuardian In GitGuardian

What is the biggest security threat for 20233 and how can we combat it? This is the million dollar question security. GitGuardian developer advocate Mackenzie Jackson had the opportunity to ask Joseoh Carson from Delinea what he expected to come from 2023.

View Video

GitGuardian

Read more about What can we expect for security in 2023 - Joseph Carson Delinea

How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel

Apr 27, 2023 By Thomas Segura In GitGuardian

SaaS-Sentinel is a free monitoring platform that notifies users when their favorite tool might be under attack, helping them stay on top of supply chain risks. Here is the full story of this innovative project that seeks to democratize the use of honeytokens. Join the adventure today!

Read Post

GitGuardian

Read more about How We Built a Supply Chain Security Watchtower: Meet SaaS-Sentinel

Are you worried about the security of your software supply chain?

Apr 26, 2023 By GitGuardian In GitGuardian

GitGuardian Honeytoken has got you covered. You can deploy honeytokens at scale, monitor for unauthorized use, and detect intrusions in your supply chain before they can cause any damage to your assets. Honeytokens are unique, decoy credentials that can be placed across your software delivery pipeline, giving you the ability to track unauthorized access attempts in real time. They allow you to monitor when, where, and how attackers are trying to access your assets. This way, you can take proactive measures to prevent attacks before they happen.

View Video

GitGuardian

Read more about Are you worried about the security of your software supply chain?

GitGuardian Wins 2 Coveted Global InfoSec Awards during RSA Conference 2023

Apr 24, 2023 By Carole Winqwist In GitGuardian

We are thrilled to announce that GitGuardian has been honored with two prestigious awards from Cyber Defense Magazine (CDM) during the RSA Conference 2023!

Read Post

GitGuardian

Read more about GitGuardian Wins 2 Coveted Global InfoSec Awards during RSA Conference 2023

How to Handle Secrets in Kubernetes

Apr 21, 2023 By Guest Expert In GitGuardian

This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!

Read Post

GitGuardian

Read more about How to Handle Secrets in Kubernetes

Introducing GitGuardian Honeytoken

Apr 19, 2023 By GitGuardian In GitGuardian

We are proud to introduce you to the GitGuardian Honeytoken module. Honeytokens are decoy credentials that don't allow any real access but instead trigger alerts that reveal the IP address of whoever tried to use them. GitGuardian honeytokens can be used for intrusion detection in your own environments and tools. You can also plant our honeytokens in your SaaS vendors' systems to be alerted if a core vendor in the supply chain has been compromised. Placing honeytokens in your source code help you detect when your code has been leaked publicly, indicating a code leak.

View Video

GitGuardian

Read more about Introducing GitGuardian Honeytoken

Supply Chain Security: Secrets and Modern Security Frameworks (Part III)

Apr 19, 2023 By Guest Expert In GitGuardian

In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.

Read Post

GitGuardian

Read more about Supply Chain Security: Secrets and Modern Security Frameworks (Part III)

What are Honeytokens or Canary tokens? Quick Explainer

Apr 17, 2023 By GitGuardian In GitGuardian

Honeytokens or Canary tokens are decoy credentials that alert you when an intruder or hacker is trying to use them. This will alert you to their existence in your infrastructure! They are easy early warning systems. Here is a quick video explanation.

View Video

GitGuardian

Read more about What are Honeytokens or Canary tokens? Quick Explainer

DevOps Midwest - A community event full of DevSecOps best practices.

Apr 17, 2023 By Dwayne McDaniel In GitGuardian

DevOps Midwest 2023 brought together experts in scale, availability, and security best practices. Read some of the highlights from this DevSecOps-focused event.

Read Post

GitGuardian

Read more about DevOps Midwest - A community event full of DevSecOps best practices.

The Lemontech story - GitGuardian customer stories

Apr 16, 2023 By GitGuardian In GitGuardian

A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their repositories. Lemontech is a company developing software for the legal industry based in Santiago, Chile. It serves more than 1,300 customers in Latin America. Ezequiel supervises a team of about 30 developers and 4 DevOps engineers for approximately 150 employees. They use GitHub for source control management, and their organization has 350 repos, 130 of which are active.

View Video

GitGuardian

Read more about The Lemontech story - GitGuardian customer stories

Why ChatGPT is a security concern for your organization (even if you don't use it)

Apr 14, 2023 By Mackenzie Jackson In GitGuardian

ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.

Read Post

GitGuardian

Read more about Why ChatGPT is a security concern for your organization (even if you don't use it)

Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Apr 13, 2023 By Guest Expert In GitGuardian

Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.

Read Post

GitGuardian

Read more about Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]

Launching GitGuardian Honeytoken: your powerful ally to detect any breaches in the supply chain!

Apr 11, 2023 By Soujanya Ain In GitGuardian

What if you could detect intrusion and code leakage early in your software supply chains? Introducing GitGuardian Honeytoken, the solution that protects your software supply chains against potential intrusions on SCM systems, CI/CD pipelines, software artifact registries, and more.

Read Post

GitGuardian

Read more about Launching GitGuardian Honeytoken: your powerful ally to detect any breaches in the supply chain!

GitGuardian Secrets Detectors Q1 2023 Wrap-Up

Apr 4, 2023 By Soujanya Ain In GitGuardian

GitGuardian's Q1 wrap-up highlights our progress in detecting secrets, introducing new secret detectors, and committing to code security. With six new detectors released in Q1, GitGuardian remains the go-to solution for developers looking to write more secure code.

Read Post