How to Handle Secrets in Kubernetes
This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Supply Chain Security: Secrets and Modern Security Frameworks (Part III)
In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.
DevOps Midwest - A community event full of DevSecOps best practices.
DevOps Midwest 2023 brought together experts in scale, availability, and security best practices. Read some of the highlights from this DevSecOps-focused event.
Why ChatGPT is a security concern for your organization (even if you don't use it)
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]
Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.
Launching GitGuardian Honeytoken: your powerful ally to detect any breaches in the supply chain!
What if you could detect intrusion and code leakage early in your software supply chains? Introducing GitGuardian Honeytoken, the solution that protects your software supply chains against potential intrusions on SCM systems, CI/CD pipelines, software artifact registries, and more.
Cyphercon 6
Nearly 1500 cybersecurity professionals gathered in Milwaukee for Cpyphercon 6. Read the highlights from the largest hacker event in Wisconson
GitGuardian Secrets Detectors Q1 2023 Wrap-Up
GitGuardian's Q1 wrap-up highlights our progress in detecting secrets, introducing new secret detectors, and committing to code security. With six new detectors released in Q1, GitGuardian remains the go-to solution for developers looking to write more secure code.
Twitter's leak illustrates why source code should never be sensitive
Twitter's source code was recently leaked publically on a GitHub repository. This blog post looks at exactly what happened and what security consequences could stem from this leak.
Review your hardcoded secrets incidents in Kondukto's AppSec orchestration platform
Kondukto and GitGuardian have teamed up to provide an integration that brings together their knowledge in AppSec orchestration and automated secrets detection.