Latest Posts

What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary

Dec 31, 2024 By Guillaume Valadon In GitGuardian

The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents.

Read Post

GitGuardian

Read more about What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary

Detection Engineering: A Case Study

Dec 27, 2024 By C. J. May In GitGuardian

In this blog post, we will explore the intricate world of detection engineering. We’ll start by examining the inputs and outputs of detection engineering, and then we’ll illustrate the detection engineering lifecycle.

Read Post

GitGuardian

Read more about Detection Engineering: A Case Study

How to Handle Secrets in Configuration Management Tools

Dec 20, 2024 By C. J. May In GitGuardian

Configuration management tools like Ansible, Chef, and Puppet offer various methods for handling secrets, each with inherent trade-offs. The article explores these approaches alongside modern OIDC-based solutions that enable short-lived authentication tokens for automated processes.

Read Post

GitGuardian

Read more about How to Handle Secrets in Configuration Management Tools

Identities Do Not Exist in a Vacuum: A View on Understanding Non-Human Identities Governance

Dec 18, 2024 By Dwayne McDaniel In GitGuardian

The future of eliminating secrets sprawl means getting a handle on the lifecycles and interdependencies of the non-human identities that rely on secrets. Learn how to implement these NHI security measures at scale.

Read Post

GitGuardian

Read more about Identities Do Not Exist in a Vacuum: A View on Understanding Non-Human Identities Governance

Secrets Analyzer: The Missing Context for Overprivileged Secrets

Dec 17, 2024 By Ferdinand Boas In GitGuardian

Secrets with excessive permissions are a goldmine for attackers. GitGuardian Secrets Analyzer helps security teams identify overprivileged secrets, analyze permissions, and shrink the attack surface.

Read Post

GitGuardian

Read more about Secrets Analyzer: The Missing Context for Overprivileged Secrets

BSides Austin 2024: Balancing AI Safety and Real-World Risks

Dec 13, 2024 By Dwayne McDaniel In GitGuardian

At BSides Austin 2024, experts shared solutions for AI safety, cloud logging, systemic security planning, and effective executive collaboration strategies.

Read Post

GitGuardian

Read more about BSides Austin 2024: Balancing AI Safety and Real-World Risks

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian's Public Monitoring Data

Dec 11, 2024 By Guillaume Valadon In GitGuardian

On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks.

Read Post

GitGuardian

Read more about The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian's Public Monitoring Data

GitGuardian Launches Comprehensive Non-Human Identities Security Strategy

Dec 10, 2024 By GitGuardian In GitGuardian

By bringing order to fragmented secrets ecosystems, GitGuardian secures the lifecycles of Non-Human Identities across environments.

Read Post

GitGuardian

Read more about GitGuardian Launches Comprehensive Non-Human Identities Security Strategy

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Dec 10, 2024 By Ferdinand Boas In GitGuardian

Struggling with fragmented secrets management and inconsistent vault practices? GitGuardian new multi-vault integrations provide organizations with centralized secrets visibility, reduce blind spots, enforce vault usage and fight against vault sprawl.

Read Post

GitGuardian

Read more about Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Introducing The Next Step in GitGuardian's NHI Security Approach

Dec 10, 2024 By Soujanya Ain In GitGuardian

Discover how GitGuardian is redefining non-human identity (NHI) security with comprehensive secrets security and governance solutions to protect against modern threats.

Read Post

GitGuardian

Read more about Introducing The Next Step in GitGuardian's NHI Security Approach

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary

Detection Engineering: A Case Study

How to Handle Secrets in Configuration Management Tools

Identities Do Not Exist in a Vacuum: A View on Understanding Non-Human Identities Governance

Secrets Analyzer: The Missing Context for Overprivileged Secrets

BSides Austin 2024: Balancing AI Safety and Real-World Risks

The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian's Public Monitoring Data

GitGuardian Launches Comprehensive Non-Human Identities Security Strategy

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Introducing The Next Step in GitGuardian's NHI Security Approach

Monthly Archive

Follow Us