How Honeytokens Can Detect and Stop Black Hat Computer Hackers
Detect & stop black hat hackers with honeytokens. Placed in datasets, these mimic real data, triggering alerts upon interaction. Bolster your cybersecurity now!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
December 2023
How to Become Great at API Key Rotation: Best Practices and Tips
Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation.
Wrapping up Q4 2023: new detectors, your favorite features, and what's coming next in GitGuardian
Unlock the latest secrets detectors, automate severity scoring, and dive into GitGuardian's unique dev & sec collaboration features!
Honeytokens For Peace Of Mind: Using Cyber Deception To Buy Time To Remediate At Scale
GitGuardian Honeytokens bring peace of mind that you are safe from leaks and attacks while tackling secrets sprawl, no matter how many repos or developers you have.
GitGuardian - Your code security platform
In an era where digital security is paramount, GitGuardian stands as your ultimate code security solution. Presented by Mackenzie Jackson, a Developer Advocate at GitGuardian, this video unveils the platform's cutting-edge features designed to bolster your software supply chain. GitGuardian is your comprehensive safeguard, exposing and protecting critical assets across your supply chain. From Secrets Detection to Infra as Code Security and the powerful Honeytoken, this platform equips you to proactively secure your code.
Check if your secrets have leaked on GitHub - Has My Secret Leaked Demo
Since 2017 GitGuardian has been monitoring all public activity on GitHub. Now in a new product called Has My Secret Leaked you can check if your secrets on GitHub. In this video, Mackenzie runs through how to use both the web interface and CLI tool GGShield to check if your secrets have ever been exposed on GitHub, regardless of if they have since been deleted. Has My Secret Leaked is a service that will first create a secure hash of your secret locally then match it to other hashes in the GitGuardian database.
Working To Eliminate Hardcoded Secrets? Coordinating and Prioritizing Remediation With The GitGuardian Platform
Learn how GitGuardian helps teams effectively prioritize and coordinate remediation by gathering the right data and making progress tracking and communication easy.
AI and Cybersecurity in 2024 - What's Changing and Why It Matters
Tired of the AI hype? We get it. Our latest blog takes a no-nonsense look at AI in 2024's cybersecurity – just the facts and some thoughtful insights. No earth-shattering revelations, just a decent read for your coffee break.
The New Frontier in Cybersecurity: Embracing Security as Code
Security as Code (SaC) is a term often used with DevSecOps, but what does it mean exactly? Learn best practices and key components for a more secure and efficient development process.
Ethical Hacking Q&A with Sonya Moisset
Join Mackenzie Jackson and Sonya Moisset for an eye-opening discussion about Ethical Hacking as Sonya answers questions from Mack and the webinar audience.
Ethical Hacking Q&A
Join Mackenzie Jackson and Sonya Moisset for the Q&A segment of their Ethical Hacking Webinar.
Developer Education - GitGuardian Supports Your Learning Style
Discover GitGuardian's diverse educational resources! From videos to podcasts and docs to hands-on learning, get a handle on secrets sprawl at your pace and style.
IP Allowlisting for GitGuardian Honeytoken Events!
Do you want to prevent specific IP addresses from triggering your GitGuardian Honeytokens? GitGuardian now lets you add IP ranges to an allow list, preventing those addresses from causing a new alert and helping you reduce false positives, while still protecting your code and environments.
Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions
In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team.
WEBINAR MOMENT: Do Not Push This To Production
A fun moment from GitGuardian's Ethical Hacking Webinar with Snyk's Sonya Moisset. Sonya finds code that shouldn't have been pushed to production.
WEBINAR MOMENT: Trying a Directory Traversal Hack
A clip from GitGuardian's webinar on Ethical Hacking. Special guest, Snyk's Sonya Moisset, uses a directory traversal hack to get much deeper into the app's source code than should ever be allowed.
GitGuardian Infra as Code Security Analytics
Are you working toward better security for your infrastructure as Code deployments? GitGuardian can now help you track your progress! With the new Analytics view built into GitGuardian's Infra as Code Security, you can quickly understand the health of your IaC practice from one dashboard.
"Do Not Push To Production" And Other Insecure Code, Demonstrated By An Ethical Hacker
Enjoy highlights from GitGuardian's ethical hacking webinar with a friend from Snyk.
Are the Fears about the EU Cyber Resilience Act Justified?
Discover the inner workings of the recently implemented Cyber Resilience Act (CRA) in the EU and explore why this framework has raised concerns about jeopardizing the open-source ecosystem. Join us in our latest blog post to delve into this important topic.
Have Your Secrets Leaked? It's time to find out!
We understand the struggle of securing sensitive data—API tokens, cloud credentials, and database URLs have a knack for slipping into the public eye, be it in code repositories, CI job logs, or unexpected corners like Jira tickets. We've been championing this cause since 2017, scouring over a billion public GitHub commits last year alone and uncovering a staggering 10 million in 2022. We've gone beyond reports, beyond thought leadership, to unveil a real solution: HasMySecretLeaked!