GitGuardian Wins 2 Coveted Global InfoSec Awards during RSA Conference 2023
We are thrilled to announce that GitGuardian has been honored with two prestigious awards from Cyber Defense Magazine (CDM) during the RSA Conference 2023!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Git
How to Handle Secrets in Kubernetes
This blog post covers creating, storing, and using secrets in Kubernetes, encryption, RBAC, and auditing. It introduces Kubernetes External Secrets and best practices to enhance security. Let's dive in!
Introducing GitGuardian Honeytoken
We are proud to introduce you to the GitGuardian Honeytoken module. Honeytokens are decoy credentials that don't allow any real access but instead trigger alerts that reveal the IP address of whoever tried to use them. GitGuardian honeytokens can be used for intrusion detection in your own environments and tools. You can also plant our honeytokens in your SaaS vendors' systems to be alerted if a core vendor in the supply chain has been compromised. Placing honeytokens in your source code help you detect when your code has been leaked publicly, indicating a code leak.
Supply Chain Security: Secrets and Modern Security Frameworks (Part III)
In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.
What are Honeytokens or Canary tokens? Quick Explainer
Honeytokens or Canary tokens are decoy credentials that alert you when an intruder or hacker is trying to use them. This will alert you to their existence in your infrastructure! They are easy early warning systems. Here is a quick video explanation.
DevOps Midwest - A community event full of DevSecOps best practices.
DevOps Midwest 2023 brought together experts in scale, availability, and security best practices. Read some of the highlights from this DevSecOps-focused event.
The Lemontech story - GitGuardian customer stories
A few weeks ago, we had the pleasure of exchanging with Ezequiel Rabinovich, Lemontech's CTO, about how his teams use GitGuardian to protect their repositories. Lemontech is a company developing software for the legal industry based in Santiago, Chile. It serves more than 1,300 customers in Latin America. Ezequiel supervises a team of about 30 developers and 4 DevOps engineers for approximately 150 employees. They use GitHub for source control management, and their organization has 350 repos, 130 of which are active.
Why ChatGPT is a security concern for your organization (even if you don't use it)
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
Best Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]
Discover the best practices and tools to secure your infrastructure as code (IaC) throughout the DevOps software development lifecycle. From threat modeling to monitoring, this comprehensive guide offers valuable insights to improve the security, reliability, and consistency of your IaC.
Launching GitGuardian Honeytoken: your powerful ally to detect any breaches in the supply chain!
What if you could detect intrusion and code leakage early in your software supply chains? Introducing GitGuardian Honeytoken, the solution that protects your software supply chains against potential intrusions on SCM systems, CI/CD pipelines, software artifact registries, and more.