Secrets Management

Secrets Management Best Practices: Secure Cloud-native Development Series

Sep 25, 2023 By Dustin Silveri In Veracode

Build secure cloud-native applications by avoiding the top five security pitfalls we lay out in our Secure Cloud-native Development Series. This blog is the fifth and final part of the series, and it will teach you to handle credentials and secrets management best practices for securing cloud-native applications. Every organization has their way of managing credentials. In the past, with legacy application architectures, this was a bit more manual and arduous.

Read Post

Veracode

Read more about Secrets Management Best Practices: Secure Cloud-native Development Series

Three Recent Examples of Why You Need to Know How Vulnerable Your Secrets Are

Sep 15, 2023 By Nicolas DANJON In GitGuardian

In today's digital landscape, the issue of compromised credentials has become a major concern. Discover how renowned companies like Microsoft, VMware, and Sourcegraph were recently confronted with the threats of secrets sprawling.

Read Post

GitGuardian

Read more about Three Recent Examples of Why You Need to Know How Vulnerable Your Secrets Are

Add Your Own Custom Secrets Detectors To GitGuardian

Sep 14, 2023 By GitGuardian In GitGuardian

Did you know you can add custom detectors to make GitGuardian Secrets Detection even more powerful? GitGuardian already looks for over 390 different types of specific secrets - from Adobe and AWS keys to Zoom and Zendesk Tokens. That's on top of looking for over a dozen generic patterns like Bearer tokens and JSON web tokens. Now, anyone on a Business plan or higher can request to extend GitGuardian's secrets detection engine to support detectors specific to their organization.

View Video

GitGuardian

Read more about Add Your Own Custom Secrets Detectors To GitGuardian

How to Handle Secrets with Google Cloud Secret Manager

Aug 29, 2023 By Guest Expert In GitGuardian

This tutorial provides an insightful introduction to GCP's Secret Manager and guides you in creating secrets and securing access to secrets within VMs and CI pipelines.

Read Post

GitGuardian

Read more about How to Handle Secrets with Google Cloud Secret Manager

How to Handle Secrets with Azure Key Vault

Aug 17, 2023 By Guest Expert In GitGuardian

This tutorial details how to manage secrets effectively using Azure Key Vault. You'll learn how to create secrets and access them in both virtual machines and Kubernetes clusters.

Read Post

GitGuardian

Read more about How to Handle Secrets with Azure Key Vault

Why you should look beyond source code for exposed secrets

Aug 7, 2023 By Ziad Ghalleb In GitGuardian

Learn more about the various sources of exposed secrets beyond source code repositories. From CI/CD systems to container images, runtime environments to project management tools, uncover the risks associated with storing secrets in these sources.

Read Post

GitGuardian

Read more about Why you should look beyond source code for exposed secrets

The Art of Protecting Secrets: Eight Essential Concepts for SecOps Practitioners

Jun 29, 2023 By Thomas Segura In GitGuardian

Secrets management is an art, and mastering it requires a deep understanding of security protocols, meticulous attention to detail, and a proactive approach to staying ahead of threats. In this blog, we present you with eight essential concepts to enhance your credential management strategy.

Read Post

GitGuardian

Read more about The Art of Protecting Secrets: Eight Essential Concepts for SecOps Practitioners

Prevent Credential Exposure in Code

Jun 28, 2023 By Paul Garden In JFrog

In today’s software development world, developers rely on numerous types of secrets (credentials), to facilitate seamless interaction between application components. As modern applications become more complex and require authentication for services and dependencies, the practice of hardcoding secrets during software development is on the rise.

Read Post

JFrog

Read more about Prevent Credential Exposure in Code

Is secrets management a solved problem? Panel discussion

Jun 20, 2023 By GitGuardian In GitGuardian

This video a panel of experts discuss why secrets sprawl is still such a difficult problem despite having the tools and technology that should make it a solved problem. This discussion is from a longer webinar around secrets management with: Mackenzie Jackson from GitGuardian James Governor, Co-founder & Analyst at RedMonk Andrei Predoiu, DevOps Engineer at Bestseller Mike Carey, Senior Product Manager at 1Password.

View Video