Event-Driven Automation using New Custom Webhooks
New custom webhooks are now available to help you orchestrate your incident remediation workflows and processes outside of your GitGuardian Internal Monitoring workspace!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Git
Remediating Incidents with GitGuardian
Unfortunately, sometimes secrets get hard coded, committed, and pushed to your shared repositories. Do you know what to do when an incident occurs? In this high-level overview, we will walk you through the incident remediation process while leveraging the GitGuardian internal monitoring platform. This video covers: Definitions How to prioritize incidents How to investigate incidents and finally, an overview of the needed steps to remedy issues
Honeytokens - Protect Your Holy Grail
When protecting your SDLC, you must choose. But choose wisely. For as the True Grail will bring you life. The False Grail will take it from you.
GitGuardian Playbooks Overview
GitGuardian Playbooks allow you to quickly and easily automate your incident responses. GitGuardian is proud to offer 3 different playbooks designed to get your team involved in remediating incidents: We would be happy to work with you to create custom playbooks as well. Don't hesitate to reach out to us at contact@gitguardian.com.
2022 in Review: 4 Lessons We've Learned from 2022's Largest GitHub Breaches
2022 revealed that security challenges remain for organizations leveraging GitHub. Between supply chain attacks, API key leaks, and other security risks, there are plenty of lessons and takeaways from this year’s GitHub-related headlines. In this post, we’ve rounded up and categorized the year’s largest GitHub stories. Read on to learn more about the types of security risks occurring in GitHub and the lessons you’ll want to take with you into 2023 and beyond.
Thinking Like a Hacker: Finding Source Code Leaks on GitHub
Continuing our series about potential attack scenarios, learn how a very easy configuration mistake on GitHub can lead to a major security breach.
9 Things to Consider When Choosing an SCA Tool
Software composition analysis is an essential part of application security. Here are the important factors to consider when selecting an SCA scanner to be sure it is well-suited to your needs.
[Webinar] Taming Secrets Sprawl with Doppler and GitGuardian
With every hardcoded secret, the software supply chain attack surface grows larger, opening more avenues for the resourceful attacker. Remember Codecov? It all started with a hardcoded secret, ultimately leading to the downstream poisoning of 20,000+ CI pipelines and the exfiltration of more secrets than attackers could ever dream of. It’s time for us, developers and security pros, to take a hard look at our hardcoded secrets – or else, we accept living with the risks and consequences of secrets sprawl.
2 million .git directories exposed! Why .git folders are sensitive & how they are leaked publicly
In this video, we look through research by CyberNews and other independent researchers that exposes the huge problem of publicly accessible.git directories hosted on web servers. These folders contain all the metadata from a git repository including all the history, commit data and remote host information. These can contain lots of sensitive information that hackers can use to exploit your website and are often very sensitive. We look in detail at what.git directories are, what sensitive information they contain and how they become accidentally public.
GitGuardian Internal Monitoring demo - Secrets detection in source code repositories
GitGuardian's internal monitoring solution helps unite Dev. Sec. and Ops to fight hardcoded secrets. In this short demo, we show exactly how GitGuardian can help identify secrets inside your source, quickly and effectively remediate incidents and prevent secrets from being committed into source code repositories.