Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitGuardian

What is IaC? Infrastructure as code explained in 60 seconds

IaC or infrastructure as code is the codifying of our infrastructure. it takes the manual tasks that a sys admin would have done and it makes it repeatable and scalable. IaC can be declarative or descriptive and uses lots of different tools like Terraform Ansible and Puppet to name a few. This video explains what IaC is and how it works in 60 seconds.

Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool

In the cloud-native era, Infrastructure as Code (IaC; read more about it in this blog here) has become the de-facto standard for managing cloud infrastructure, and more. While Terraform has been around for almost a decade, and it had been the one-and-only cloud-agnostic option for a couple of years before competitors emerged, now the landscape is a whole lot more diverse: we've got AWS CDK, CDK for Terraform, and there is a relatively new kid on the block: Pulumi.

Cloudflare breach - How the Okta attack led to Cloudflare systems getting hacked: Breach Breakdown

In this video, we drill down into the recent breach of Cloudflare systems including how attackers were able to use stolen credentials from the Okta attack to move laterally and hack the Cloudflare internal Atlassian server. The security incident shows the dangers of secrets sprawl not only in internal systems but also in the supply chain leading to potential data leaks.

Securing the Gateway - Mastering API Security in the Modern Web Landscape

APIs are the backbone of modern web applications, yet we rarely assess security beyond the traditional WAFs and Gateways. In fact, in a recent scan of over 1.5k GraphQL endpoints revealed a staggering 46,000+ security issues and sensitive data leaks—all accessible without authentication, with 10% classified as critical. Due to API’s being widely used by developers, they have now become a favored attack vector for threat actors.

GitGuardian Honeytoken For Peace Of Mind

GitGuardian Honeytokens can help you stay safe as you tackle secrets sprawl at scale. Deploying GitGuardian honeytokens into all of your repositories will give you an immediate warning system, letting you know when someone scans your repos or if they they get leaked onto the public internet. Dealing with a large number of incidents is already challenging enough, Use GitGuardian honeytokens to buy some peace of mind while you work to eliminate secrets sprawl.

What is SCA (Software Composition Analysis) software?

SCA or Software Composition Analysis is an important security tool that helps you understand how your application is made up. Our software is built from open-source components and these components can have vulnerabilities or simply be malicious. SCA scans our applications to identify these components and lets us know if there are vulnerabilities or issues within it. In this short video we explain what SCA tools are and how they work as well as there role in application and cyber security.