Git

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Feb 1, 2023 By GitGuardian In GitGuardian

In 2021, GitGuardian scanned over 1 billion data points on GitHub.com, and the results were stunning. More than 6 million secrets – think API keys, database connection strings, and private certificates – were exposed on the platform! Even more striking is the share of secrets and sensitive data exposed on the personal repositories of developers or open-source projects, of which SecOps teams lack visibility and control.

View Video

GitGuardian

Read more about Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Creating a Honeytoken - Complete Tutorial

Feb 1, 2023 By Mackenzie Jackson In GitGuardian

Honey Tokens or Canary Tokens are credentials designed to alert you when an attacker is in your infrastructure. This is a complete tutorial how to create them using only open-source projects.

Read Post

GitGuardian

Read more about Creating a Honeytoken - Complete Tutorial

Q4 2022 Product Roundup - find and fix hardcoded secrets

Jan 30, 2023 By Ziad Ghalleb In GitGuardian

Learn more about the challenges awaiting organizations of hundreds to thousands of developers deploying secrets detection and how we're addressing them with our latest feature releases.

Read Post

GitGuardian

Read more about Q4 2022 Product Roundup - find and fix hardcoded secrets

IAM Best Practices [cheat sheet included]

Jan 27, 2023 By Dwayne McDaniel In GitGuardian

Download our cheat sheet on IAM, Identity and Access Management, best practices. It will help you make your cloud environments more secure.

Read Post

GitGuardian

Read more about IAM Best Practices [cheat sheet included]

How to Handle Secrets in Python

Jan 25, 2023 By Guest Expert In GitGuardian

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

Read Post

GitGuardian

Read more about How to Handle Secrets in Python

[Webinar] How You Should Not Remediate Your Hardcoded Secrets

Jan 23, 2023 By GitGuardian In GitGuardian

If you have ever run a secrets scanner against your entire codebase, it has likely raised hundreds if not thousands of findings, leaving you wondering, "Where should I start?" Unlike other vulnerabilities, hardcoded secrets represent a threat by themselves whether your code is running or not. Attackers with access to a repository will scan it inside out for secrets, turning every occurrence into a risk you cannot ignore. Still, this does not mean that you should treat all incidents equally!

View Video

GitGuardian

Read more about [Webinar] How You Should Not Remediate Your Hardcoded Secrets

Azure repos native integration with GitGuardian

Jan 20, 2023 By Soujanya Ain In GitGuardian

DevOps teams and developers can now bring the power of automated secrets detection and remediation to their Azure DevOps repositories.

Read Post

GitGuardian

Read more about Azure repos native integration with GitGuardian

Top 10 Practices for Secure Software Development

Jan 18, 2023 By Thomas Segura In GitGuardian

Developer security practices are about adding security at each software development stage. Here’s a list of top developer security practices to follow.

Read Post

GitGuardian

Read more about Top 10 Practices for Secure Software Development

Forrester Research: Show, Don't Tell, Your Developers How To Write Secure Code

Jan 16, 2023 By Ziad Ghalleb In GitGuardian

If you’re a CISO, VP of Security, or a Staff Security Engineer and still wondering whether your developers own the keys to application security, this Forrester report is for you. Get your complimentary copy now, courtesy of GitGuardian.

Read Post

GitGuardian

Read more about Forrester Research: Show, Don't Tell, Your Developers How To Write Secure Code

GitHub Repository Code Stealing Continues: Reported By Slack

Jan 13, 2023 By Harshit Agarwal In Appknox

Slack is a very popular corporate messaging app with 20 million daily active users. They recently announced suffering from a data breach on their code repository on Github. Ever since layoff has become a trend or a harsh reality, the world of cybercrime has become proactive as a company experiencing a layoff may have less resources to devote to cybersecurity, making it a more vulnerable target for cybercriminals.

Read Post

Appknox

Read more about GitHub Repository Code Stealing Continues: Reported By Slack

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Git

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Creating a Honeytoken - Complete Tutorial

Q4 2022 Product Roundup - find and fix hardcoded secrets

IAM Best Practices [cheat sheet included]

How to Handle Secrets in Python

[Webinar] How You Should Not Remediate Your Hardcoded Secrets

Azure repos native integration with GitGuardian

Top 10 Practices for Secure Software Development

Forrester Research: Show, Don't Tell, Your Developers How To Write Secure Code

GitHub Repository Code Stealing Continues: Reported By Slack

Monthly Archive

Follow Us