|
By Dwayne McDaniel
At BSides Orlando 2024, security experts and students explored the future of cybersecurity, from AI failures to security assessments to efficient log management.
|
By Dwayne McDaniel
The latest OWASP Top 10 For Mobile list ranks credential mismanagement as the largest concern our applications face. Let's work to solve this secrets problem together.
|
By Ferdinand Boas
Learn how GitGuardian’s latest updates safeguard your code and infrastructure from evolving threats with cutting-edge tools tailored for enterprises.
|
By Dwayne McDaniel
Uncover lessons from Agile + DevOpsDays Des Moines 2024, featuring talks on DevEx automation, incident response, and building safer, more productive development teams.
|
By Guest Expert
Learn how to automate Helm deployments with GitOps, using Argo CD for continuous delivery. Seamlessly handle secrets, pod auto-restart, and version propagation in Kubernetes with this production-ready integration.
|
By Dwayne McDaniel
At CornCon 2024, experts debunk myths, explore SaaS vulnerabilities, and highlight how human connections shape the future of cybersecurity innovation.
|
By Ferdinand Boas
Enhance your secure coding practices with GitGuardian’s Visual Studio Code extension. Detect secrets in real-time by embedding security into developers' workflows, boosting productivity and ensuring compliance.
|
By Guillaume Valadon
Docker Zombie Layers are unreferenced image layers that continue to exist for weeks in registries, even after being removed from a manifest. In this hands-on deep dive, we explore how these layers can persist in registries and why ensuring the immediate revocation of exposed secrets is critical.
|
By Ferdinand Boas
GitGuardian introduces European data hosting for its Secrets Detection Platform SaaS, ensuring data sovereignty and GDPR compliance. Discover how our new EU hosting options help enterprises meet regulatory requirements and protect sensitive data with ease.
|
By Dwayne McDaniel
Takeaways from OWASP Global AppSec SF 2024, covering security tools, AI risks, and strategies for improving application security while empowering developers.
|
By GitGuardian
We are very proud to announce that you can now easily provide your own custom remediation messages in ggshield, the GitGuardian CLI. Earlier versions of ggshield offered the same general remediation advice to all users if a secret was detected when using git hooks for automated scanning.
|
By GitGuardian
Do you hate false positives in your secrets scan results? We do too. GitGuardian has introduced a whole new approach to eliminating false positives, eliminating them by around 50% so far. And we are just getting started! GitGuardian's Machine Learning experts and Secret Detection team have created "FP Remover", a new in-house machine learning model that significantly reduces false positives by understanding code context and semantics while enforcing security and privacy best practices.
|
By GitGuardian
GitGuardian SCA makes it easier than ever to build and group your SBOMs while staying up to date with any changes. Our Software Composition Analysis tool, better known as GitGuardian SCA, lets you instantly download up-to-date Software Bills of Material with the touch of a button. No more guessing if things have changed between the last version someone else generated and now. You'll never need to ask your developers to generate a fresh SBOM again.
|
By GitGuardian
Supply chain security can be a struggle. The GitGuardian Source Composition Analysis module scans your project's dependencies, comparing them against public repos. If it finds any matches between your internal packages and public ones, it flags them as potential dependency confusion risks.
|
By GitGuardian
Get better insight into your third-party licenses and easily stay on top of any changes with GitGuardian Software Composition Analysis (SCA), you can now get a thorough view of all the licenses used by your applications' dependencies from a single view. In your dashboard under the SCA Dependencies view you can easily filter by each particular license used by the components in your applications. Easily check for any unexpected entries from the convenience of the GitGuardian workspace.
|
By GitGuardian
Introducing GitGuardian Software Composition Analysis, further expanding the capabilities of our code security platform. You have long known GitGuardian for secrets detection and remediation, honeytokens, and IaC scanning. Now, with GitGuardian SCA, you can effortlessly scan your applications to detect known vulnerabilities introduced through both Direct & Transitive dependencies. The platform will automatically prioritize incidents depending on their context and help developers find the best path to remediating any issues.
|
By GitGuardian
MacOS users can now opt to install ggshield using our new signed packages. Installing ggshield, the GitGuardian CLI is a very quick process, but traditionally has required use of python's pip or homebrew on a macOS system. With the release of ggshield 1.27.0 we are now proud to offer signed DOT P G K files, making it possible to easily distribute ggshield to your team and leverage the official Mac Installer. Since it is officially signed, once downloaded, it just takes a couple of clicks to get it installed.
|
By GitGuardian
GitGuardian can now help you find and remediate secrets exposed in your Microsoft Teams channels. We have extended the real-time detection capability of our secrets detection platform to include the popular communications tooling to help teams better fight secrets sprawl throughout their organizations Once integrated, whenever a plaintext credential is accidentally posted to Teams messages, GitGuardian will create an alert and the incident will appear in your GitGuardian dashboard, allowing you to remediate it like any other leaked secret.
|
By GitGuardian
The current state of application security often leaves us reacting to data breaches and unauthorized disclosures well after they have occurred. How do we change this reactive reality? In this webinar, we’ll discuss this and other questions: By adopting these principles, development teams can shift from a reactive to a proactive stance, ensuring their software products are robust, trustworthy, and aligned with the highest security standards.
|
By GitGuardian
Join us for a comprehensive webinar on self-hosted solutions, featuring industry experts Romain Jouhannet from GitGuardian, Adrian Mouat from Chainguard and Chuck D'Antonio from Replicated.
|
By GitGuardian
This white paper outlines our Secrets Management Maturity Model, a model to help your organization make sense of its actual posture and how to improve it.
|
By GitGuardian
In this report from Forrester, you will learn how to get better at using Application Security Testing to heighten your developers' security senses.
|
By GitGuardian
Discover Application Security solutions to further secure the SDLC by implementing automated secrets detection in the DevOps pipeline.
|
By GitGuardian
In this document, we go beyond classical definitions of DevSecOps to express our vision of an emerging collaboration between Developers, AppSec, and Ops teams: the AppSec Shared Responsibility Model.
- October 2024 (10)
- September 2024 (18)
- August 2024 (11)
- July 2024 (18)
- June 2024 (16)
- May 2024 (15)
- April 2024 (17)
- March 2024 (22)
- February 2024 (18)
- January 2024 (18)
- December 2023 (20)
- November 2023 (12)
- October 2023 (14)
- September 2023 (13)
- August 2023 (20)
- July 2023 (14)
- June 2023 (22)
- May 2023 (21)
- April 2023 (15)
- March 2023 (23)
- February 2023 (14)
- January 2023 (13)
- December 2022 (11)
- November 2022 (3)
- October 2022 (5)
- August 2022 (2)
- July 2022 (1)
GitGuardian is the code security platform for the DevOps generation. With automated secrets detection and remediation, our platform enables Dev, Sec, and Ops to advance together towards the Secure Software Development Lifecycle.
Secure your software development lifecycle with enterprise-grade secrets detection. Eliminate blind spots with our automated, battle-tested detection engine:
- There’s no secret we can’t find: With hundreds of built-in secret detectors scanning thousands of git repositories, GitGuardian brings everything to light. Build custom detectors to enhance your scans for secrets unique to your organization.
- Precise, real-time detection without the hassle: High-efficiency detection proven by billions of commits. GitGuardian is fast, robust, and battle-tested — we’ve scanned over 3 billion commits pushed to public GitHub repositories since 2018.
- Remediation in hours, not days: GitGuardian unites developer and security teams with cross-functional data for in-depth investigation and remediation. Enable shift-left testing using your existing systems, teams, and processes.
Keep secrets out of your source code.