CVE of the month, CheckPoint Security Gateway exploit CVE-2024-24919
This month we dive into CheckPoints CVE-2024-24919 to explain what this vulnerability does and why we have seen it being used in the wild already!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Git
Streamlining CLI Authentication: Implementing OAuth Login in Python
When building an application that requires user authentication, implementing a secure login flow is critical. In this article, we'll walk through how we created a robust OAuth login flow for ggshield, our Python-based command line tool, to streamline the onboarding process for our users.
Securing your machine identities means better secrets management
Machine identities make up the majority of the over 12.7 million secrets GitGuardian discovered in public in 2024. Let's look at how we got here and how we fix this.
How GitGuardian Enhanced Vermeer's Software Development Security
In the rapidly evolving world of software development, maintaining robust security protocols is paramount. For Vermeer Corporation, a leading manufacturer of large agricultural and industrial machinery, embedding security into their software development lifecycle was a significant challenge. That is until they discovered GitGuardian. CJ May, a senior IT Security Analyst at Vermeer Corporation, shared his experience of integrating GitGuardian into their software development process. He described the tool as "invaluable for any security program.".
Why SAST + DAST can't be enough
Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their critical blind spots.
How GitGuardian Provides Peace of Mind for Kubefirst
In the world of software development, the security of your code is paramount. This is especially true for GitOps shops like Kubefirst, where secrets, tokens, and repositories are constantly being updated and shared. John Dietz, CEO and technical co-founder of Kubefirst, shared his experiences with GitGuardian and how it has become an essential tool in their operations.
Red Team Chronicles: Your trash my treasure
The Red Team Chronicles is a hacker comic that this month is looking at the endeavors of Jason Haddix and how he and his team got access to a bank via a shred bin using some thrifty techniques.
How to Handle Secrets in Jupyter Notebooks
From entering passwords with getpass to using secret managers like AWS Secrets Manager, this guide covers best practices for protecting sensitive information in your notebooks.
BSides Knoxville 2024: A Community Celebrating A Decade of Cybersecurity
Celebrate 10 years of BSides Knoxville, featuring discussions of AI in security, historical hacking, and holistic protection, fostering a dynamic cybersecurity community.
GitHub and JFrog Partner To Unify Code and Binaries for DevSecOps
As the volume of code continues to grow exponentially, software developers, DevOps engineers, operations teams, security specialists, and everyone else who touches code are increasingly spending their time in the weeds of securing, delivering, and scaling software. This bottles up creativity and ultimately slows software development for every organization.