Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more
Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Git
Delivering Security on Your Terms: An Intro to Self-Hosted
Join us for a comprehensive webinar on self-hosted solutions, featuring industry experts Romain Jouhannet from GitGuardian, Adrian Mouat from Chainguard and Chuck D'Antonio from Replicated.
Securing Containers with Seccomp
In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called Seccomp-BPF.
Better Security and Performance For Free? Why PostgreSQL is Amazing
Upgrade your PostgreSQL instance to the newest version with confidence! In this benchmarking blog post, we show you the performance improvements you can expect when upgrading from PostgreSQL 13 to 16.
H1 SCA Roundup - Defending Users Against Constantly Evolving Cyber Threats
Learn more about GitGuardian SCA commitment and fast adaptation strategies to safeguard the software supply chain of its users.
CodeSecDays 2024: A Deep Dive in Software Supply Chain Security
Explore key insights from CodeSecDays 2024 on software supply chain security. Learn about AI in DevSecOps, SLSA frameworks, developer-security collaboration, and secrets management. Discover strategies for a more secure digital future.
Find And Remediate Secrets In Confluence Cloud With GitGuardian
Good news! GitGuardian can now help you find and remediate secrets exposed in Confluence Cloud. We have helped thousands of teams remediate plaintext secrets in their codebases and tools like Jira and Slack. Now, we have extended the real-time detection capability of our platform to cover this popular wiki, collaboration, and knowledge-sharing platform. Once integrated, GitGuardian will alert you about plaintext credentials is accidentally posted to Confluence Cloud spaces, pages, blogs, and comments.
Safeguarding Your Collaboration Tools: Tackling the New Favorite Targets of Attackers
Secrets in collaboration tools are becoming prime targets for attackers. Reduce your attack surface by extending GitGuardian automated secrets detection capabilities to Slack, Jira, Confluence, or Microsoft Teams. Ensure security wherever your teams collaborate!
Introducing GitGuardian's Remediation Location & Tracking
Remediation is one of the most challenging aspects of fighting secrets sprawl. Finding exactly the right code to address and then tracking when and how it was fixed can get cumbersome, Especially when dealing with multiple projects and teams. We are proud to Introduce Remediation Location and Tracking to your GitGuardian incidents detail view. With our new Pinpoint location within the Impacted Perimeter view, the platform will organize issues all fixable incidents into the new "Require code fixing" tab helping developers concentrate their efforts.
CVE-2024-6385: Critical Unauthorized Pipeline Job Vulnerability in GitLab
On July 10, 2024, GitLab issued an advisory regarding a critical vulnerability (CVE-2024-6385) in GitLab CE/EE that had been reported to them through a bug bounty program. This vulnerability allows a threat actor to trigger a GitLab pipeline as another user under certain circumstances. A GitLab pipeline is a collection of automated processes that run in stages to build, test, and deploy code.