Explore insights from CloudNativeSecurityCon 2024, including securing machine identities, digesting SLSA and GUAC, and the impact of quality documentation.

Container security is crucial in the age of microservices and DevOps. Learn about common container vulnerabilities, container security scanning, and popular tools to secure your containers in this comprehensive guide.

GitGuardian is pushing its secrets detection engine precision to new heights. We enhanced our detection capabilities with Machine Learning to cut the number of false positives by half. Security and engineering teams will spend significantly less time reviewing and dismissing false alerts.

Snyk is an excellent tool for spotting project vulnerabilities, including hardcoded secrets. In this blog, we'll show how you can use Snyk to locate hardcoded secrets and credentials and then refactor our code to use Doppler to store those secrets instead. We'll use the open source Snyk goof project as a reference Node.js boilerplate application, so feel free to follow along with us.

Improve workflows with collaborative incident management to minimize vulnerabilities and enhance productivity with GitGuardian while empowering developers via ggshield.

CodeSecDays provided an invaluable platform for the French AppSec community to come together, share insights, address challenges, and explore best practices for securing digital infrastructures. Here are the key highlights.

CVE-2024-32002 was published on May 15, 2024 and is affecting versions of Git SCM. The vulnerability exploits a bug where Git can be fooled into writing files into a.git/ directory instead of a submodule's worktree. To fully mitigate this vulnerability additional steps need to be taken beyond updates.

Discover insights from the latest BSides Boulder, focused on AI in cybersecurity, Git mysteries, and exploiting RCEs, along with many great community conversations.