Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

BlueTeamCon 2025 showed why progress beats perfection in cybersecurity. Explore highlights on visibility, AI safety, collaboration, identity, and pragmatic defense.

On September 5, 2025, GitGuardian discovered GhostAction, a massive supply chain attack affecting 327 GitHub users across 817 repositories. Attackers injected malicious workflows that exfiltrated 3,325 secrets, including PyPI, npm, and DockerHub tokens via HTTP POST requests to a remote endpoint.

Overprivileged non-human identities expose enterprises to massive risk. Enforcing least privilege with automation and visibility is critical for security.

The Salesloft Drift breach affected hundreds of organizations through Salesforce, including Cloudflare, Palo Alto Networks, and Zscaler. Google now explicitly recommends running secrets scanning tools across Salesforce data—here's your complete guide.

I'm going to show you how to build a Lambda Runtime API extension that automatically scans and redacts sensitive information from your function responses, without touching a single line of your existing function code.

Managed identities offer a paradigm shift from "what fo you have"to "who you are" authentication, providing automated, short-lived credentials that eliminate credential sprawl across multicloud environments.

On August 26, 2025, Nx, the popular build platform with millions of weekly downloads, was compromised with credential-harvesting malware. Using GitGuardian's monitoring data, we analyzed the exfiltrated credentials and reconstructed a fuller scope of exposure.

Learn how GitGuardian and Delinea solve the growing problem of improper offboarding for Non-Human Identities (NHIs). Discover why orphaned secrets are a top security risk and how to automate their lifecycle management.

Discover how GitGuardian's "Bring Your Own Source" initiative enables security teams to extend secrets detection beyond code repositories, leveraging custom integrations to eliminate a significant hidden attack surface.

Discover EKS Pod Identity Association—the modern, secure way to grant AWS permissions without the operational overhead of OIDC providers. No more duplicated IAM roles across clusters, no more trust policy updates every time you scale.