GitGuardian

Intrusion Detection Through Cyber Deception: Disrupting Attacks With An Active Defense

Feb 17, 2023 By Dwayne McDaniel In GitGuardian

Misleading attackers to trigger alarms can stop them in their tracks and keep damage to a minimum. Honeytokens, like the ones you can make with GitGuardian's ggcanary, let you easily set such traps.

Read Post

GitGuardian

Read more about Intrusion Detection Through Cyber Deception: Disrupting Attacks With An Active Defense

How to Handle Secrets in Docker

Feb 15, 2023 By Guest Expert In GitGuardian

DevOps engineers must handle secrets with care. In this series, we summarize best practices for leveraging secrets with your everyday tools.

Read Post

GitGuardian

Read more about How to Handle Secrets in Docker

GitGuardian Infra as Code Security Overview

Feb 10, 2023 By GitGuardian In GitGuardian

Software has eaten the world, including our infrastructure. While there are a lot of advantages to Infrastructure as Code, IaC, there are new dangers as well. An unnoticed misconfiguration or security issue in one file can quickly replicate issues throughout all of your environments.

View Video

GitGuardian

Read more about GitGuardian Infra as Code Security Overview

CloudNativeSecurityCon 2023: A Unique Community Event Focused On The Future Of Open Source and Cloud Native Security

Feb 8, 2023 By Dwayne McDaniel In GitGuardian

Read some of the highlights from CloudNativeSecurityCon 2023, the first-of-its-kind in-person event, grown from the conversations of the community on the front lines of open source security.

Read Post

GitGuardian

Read more about CloudNativeSecurityCon 2023: A Unique Community Event Focused On The Future Of Open Source and Cloud Native Security

GitGuardian Named Leader in G2 and Sourceforge Winter 2023 Reports

Feb 6, 2023 By Carole Winqwist In GitGuardian

GitGuardian has been awarded four new badges in G2’s Winter 2023 Report and has been named a leader by Sourceforge.

Read Post

GitGuardian

Read more about GitGuardian Named Leader in G2 and Sourceforge Winter 2023 Reports

Supply Chain Security: What is SLSA? (Part I)

Feb 3, 2023 By Guest Expert In GitGuardian

Attacks on software supply chains have been around for some time, but recently they have evolved into much more dangerous threats. Let's dive into the SLSA framework to understand where supply chain security is headed.

Read Post

GitGuardian

Read more about Supply Chain Security: What is SLSA? (Part I)

How to Bake Security into your CI/CD Pipeline

Feb 1, 2023 By GitGuardian In GitGuardian

According to IBM Security's "The Cost of a Data Breach Report", the global cost of data breaches in 2022 increased by 2.6% compared to previous year, reaching $4.35 million. The source code of major companies like Nvidia, Microsoft, Uber, Slack, Toyota was leaked, often caused by usage of hardcoded secrets (you can see more details in the infographics below). In those cases, lateral movements were compromising software supply chain security. In their report Gartner claims about 45% of companies should expect to become targets of supply chain attacks by 2025.

Read Post

GitGuardian

Read more about How to Bake Security into your CI/CD Pipeline

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Feb 1, 2023 By GitGuardian In GitGuardian

In 2021, GitGuardian scanned over 1 billion data points on GitHub.com, and the results were stunning. More than 6 million secrets – think API keys, database connection strings, and private certificates – were exposed on the platform! Even more striking is the share of secrets and sensitive data exposed on the personal repositories of developers or open-source projects, of which SecOps teams lack visibility and control.

View Video

GitGuardian

Read more about Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Creating a Honeytoken - Complete Tutorial

Feb 1, 2023 By Mackenzie Jackson In GitGuardian

Honey Tokens or Canary Tokens are credentials designed to alert you when an attacker is in your infrastructure. This is a complete tutorial how to create them using only open-source projects.

Read Post

GitGuardian

Read more about Creating a Honeytoken - Complete Tutorial

Q4 2022 Product Roundup - find and fix hardcoded secrets

Jan 30, 2023 By Ziad Ghalleb In GitGuardian

Learn more about the challenges awaiting organizations of hundreds to thousands of developers deploying secrets detection and how we're addressing them with our latest feature releases.

Read Post

GitGuardian

Read more about Q4 2022 Product Roundup - find and fix hardcoded secrets

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

GitGuardian

Intrusion Detection Through Cyber Deception: Disrupting Attacks With An Active Defense

How to Handle Secrets in Docker

GitGuardian Infra as Code Security Overview

CloudNativeSecurityCon 2023: A Unique Community Event Focused On The Future Of Open Source and Cloud Native Security

GitGuardian Named Leader in G2 and Sourceforge Winter 2023 Reports

Supply Chain Security: What is SLSA? (Part I)

How to Bake Security into your CI/CD Pipeline

Take GitHub threats seriously: The largest code-sharing platform is extending your attack surface

Creating a Honeytoken - Complete Tutorial

Q4 2022 Product Roundup - find and fix hardcoded secrets

Monthly Archive

Follow Us