In the cloud-native era, Infrastructure as Code (IaC; read more about it in this blog here) has become the de-facto standard for managing cloud infrastructure, and more. While Terraform has been around for almost a decade, and it had been the one-and-only cloud-agnostic option for a couple of years before competitors emerged, now the landscape is a whole lot more diverse: we've got AWS CDK, CDK for Terraform, and there is a relatively new kid on the block: Pulumi.

Cloudflare experienced a security breach when its internal systems were compromised, leading to unauthorized access to sensitive data. Another incident highlights the importance of maintaining strict secrets security across the supply chain.

Discover GitGuardian's efficient POC-based approach to evaluating a secrets detection and remediation platform, simplifying the complex buying process for enterprises.

This article uses Kubernetes Secrets as a native Kubernetes component for handling sensitive data at container runtime and Vault as a trusted storage and maintenance solution for sensitive data.

CI/CD pipelines can be exploited in a number of ways and we're going to share a few with you.

A new comic strip to better grasp the simple but effective way HasMySecretLeaked checks your secrets without asking you to reveal them!

Discover how GitGuardian enhances Application Security Posture Management, ASPM, with top-notch code security and secrets detection and remediation coordination.

How can developers use AI securely in their tooling and processes, software, and in general? Is AI a friend or foe? Read on to find out.

Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively.

Using environment variables to store secrets instead of writing them directly into your code is one of the quickest and easiest ways to add a layer of protection to your projects.