Git

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Aug 30, 2024 By Dwayne McDaniel In GitGuardian

Worried about GitHub Copilot’s security and privacy concerns? Learn about potential risks and best practices to protect yourself and your organization while leveraging AI.

Read Post

GitGuardian

Read more about GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Designing Secure and Private Software by Default with Chris Romeo from devici

Aug 30, 2024 By GitGuardian In GitGuardian

The current state of application security often leaves us reacting to data breaches and unauthorized disclosures well after they have occurred. How do we change this reactive reality? In this webinar, we’ll discuss this and other questions: By adopting these principles, development teams can shift from a reactive to a proactive stance, ensuring their software products are robust, trustworthy, and aligned with the highest security standards.

View Video

GitGuardian

Read more about Designing Secure and Private Software by Default with Chris Romeo from devici

Elevating your secrets security hygiene: H1 roundup of our product innovations

Aug 29, 2024 By Soujanya Ain In GitGuardian

Discover how GitGuardian's latest product innovations enhance your secrets security, streamline remediation, and improve incident management for better protection of your software supply chain.

Read Post

GitGuardian

Read more about Elevating your secrets security hygiene: H1 roundup of our product innovations

Drupal GovCon 2024: Securing The Government's Open-Source Web Applications

Aug 27, 2024 By Dwayne McDaniel In GitGuardian

Read our key takeaways from Drupal GovCon 2024, where Drupal experts explored secure open-source solutions for U.S. government websites and collaborative tools.

Read Post

GitGuardian

Read more about Drupal GovCon 2024: Securing The Government's Open-Source Web Applications

Getting Started With SPIFFE For Multi-Cloud Secure Workload Authentication

Aug 26, 2024 By Guest Expert In GitGuardian

SPIFFE stands for Secure Production Identity Framework for Everyone, and aims to replace single-factor access credentials with a highly scalable identity solution. This blog post provides some practical applications of SPIFFE in real-world environments.

Read Post

GitGuardian

Read more about Getting Started With SPIFFE For Multi-Cloud Secure Workload Authentication

DEF CON 32: What We Learned About Secrets Security at AppSec Village

Aug 22, 2024 By Dwayne McDaniel In GitGuardian

At DEF CON 32's AppSec Village, we explored secrets security challenges, answered common questions, and shared how to detect and handle hidden credentials effectively.

Read Post

GitGuardian

Read more about DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-6800: Critical Authentication Bypass Vulnerability Affecting GitHub Enterprise Server

Aug 21, 2024 By Andres Ramos In Arctic Wolf

On August 20, 2024, GitHub released security fixes for a critical authentication bypass vulnerability in GitHub Enterprise Server, identified as CVE-2024-6800. GitHub Enterprise Server is a self-hosted version of GitHub, designed for organizations to manage and collaborate on code securely within their own infrastructure. This vulnerability affects instances using SAML single sign-on (SSO) with certain identity providers (IdPs) that publicly expose signed federation metadata XML.

Read Post

Arctic Wolf

Read more about CVE-2024-6800: Critical Authentication Bypass Vulnerability Affecting GitHub Enterprise Server

From False Positives to Potential Breaches: The Risks of Prematurely Closing Incidents

Aug 20, 2024 By Ferdinand Boas In GitGuardian

Ignoring low-risk secrets in GitGuardian? This could be a costly mistake. Learn how to avoid the hidden dangers of prematurely closing incidents.

Read Post

GitGuardian

Read more about From False Positives to Potential Breaches: The Risks of Prematurely Closing Incidents

CISOs at the forefront of DevOps Security - top 10 data protection traps

Aug 19, 2024 By GitProtect In GitProtect

Shared Responsibility Models, NIS2, DORA, or SOC 2 & ISO audits, accidental deletions, and the evolving threat landscape in SaaS apps confirms that DevOps Security becomes a priority. CISOs and DevOps teams need to meet halfway to secure data processed across GitHub, GitLab, and Atlassian, without compromising agility and efficiency. However, finding this middle ground is not an easy task.

View Video

GitProtect

Read more about CISOs at the forefront of DevOps Security - top 10 data protection traps

Dependency Confusion Attacks and Prevention: Register Your Private Package Names

Aug 15, 2024 By Guest Expert In GitGuardian

Dependency confusion attacks exploit gaps in your software supply chain. Dive into modern dependency management and learn how to defend your systems with best practices.

Read Post

GitGuardian

Read more about Dependency Confusion Attacks and Prevention: Register Your Private Package Names

Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Git

GitHub Copilot Security and Privacy Concerns: Understanding the Risks and Best Practices

Designing Secure and Private Software by Default with Chris Romeo from devici

Elevating your secrets security hygiene: H1 roundup of our product innovations

Drupal GovCon 2024: Securing The Government's Open-Source Web Applications

Getting Started With SPIFFE For Multi-Cloud Secure Workload Authentication

DEF CON 32: What We Learned About Secrets Security at AppSec Village

CVE-2024-6800: Critical Authentication Bypass Vulnerability Affecting GitHub Enterprise Server

From False Positives to Potential Breaches: The Risks of Prematurely Closing Incidents

CISOs at the forefront of DevOps Security - top 10 data protection traps

Dependency Confusion Attacks and Prevention: Register Your Private Package Names

Monthly Archive

Follow Us