Secrets Management

Secrets Analyzer: The Missing Context for Overprivileged Secrets

Dec 17, 2024 By Ferdinand Boas In GitGuardian

Secrets with excessive permissions are a goldmine for attackers. GitGuardian Secrets Analyzer helps security teams identify overprivileged secrets, analyze permissions, and shrink the attack surface.

Read Post

GitGuardian

Read more about Secrets Analyzer: The Missing Context for Overprivileged Secrets

Introducing The GitGuardian Secret Analyzer

Dec 17, 2024 By GitGuardian In GitGuardian

Introducing The GitGuardian Secret Analyzer GitGuardian has always helped you find your leaked secrets, but now GitGuardian can also quickly reveal the permissions of your secrets. One of the first questions any security team needs to ask itself when a secret is leaked is "What exactly could an attacker do with it?" Does it grant read-only access or does it have permissions to write or delete data? At the same time, understanding the correct scope needed for replacing a credential can take a long time, as all too often, the permissions originally granted are poorly documented, if at all.

View Video

GitGuardian

Read more about Introducing The GitGuardian Secret Analyzer

Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

Dec 10, 2024 By Ferdinand Boas In GitGuardian

Struggling with fragmented secrets management and inconsistent vault practices? GitGuardian new multi-vault integrations provide organizations with centralized secrets visibility, reduce blind spots, enforce vault usage and fight against vault sprawl.

Read Post

GitGuardian

Read more about Solving Secrets Management Challenges for NHIs with GitGuardian Multi-Vault Integrations

The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn't a One-Click Solution

Dec 3, 2024 By Dwayne McDaniel In GitGuardian

Automating secrets rotation requires maturity and planning. Let's look at how to inventory, scope, and secure credentials without risking downtime or vulnerabilities.

Read Post

GitGuardian

Read more about The Hidden Challenges of Automating Secrets Rotation: Why Automatic Credential Rotation Isn't a One-Click Solution

From Confidence to Competence: Overcoming Secrets Management Challenges

Nov 22, 2024 By GitGuardian In GitGuardian

Check out this insightful discussion on the realities of secrets management, featuring Grace Law, Principal Security Engineer in Application Security at a large insurance company, and Chris Smith, Product Marketing Director for Machine Identities & DevSecOps at CyberArk. Together, they’ll share real-world experiences and strategies for overcoming the most pressing challenges in secrets management and security.

View Video

GitGuardian

Read more about From Confidence to Competence: Overcoming Secrets Management Challenges

Doomed Keys and Hidden Threats: The Scariest Secrets in Your Repositories

Oct 31, 2024 By Gaetan Ferry In GitGuardian

At GitGuardian we see things that no one should ever see. We detect and collect leaked secrets that are so hideous we could lose our sanity. Let us introduce you to some of the most terrifying leaks we saw this year. If you dare.

Read Post

GitGuardian

Read more about Doomed Keys and Hidden Threats: The Scariest Secrets in Your Repositories

Voice of Practitioners

Oct 30, 2024 By GitGuardian In GitGuardian

Joint GitGuardian and CyberArk Report Reveals Growing Concern and Increased Investment in Secrets Security.

Read Post

GitGuardian

Read more about Voice of Practitioners

Identify the secrets that make your cloud environment more vulnerable to an attack

Oct 30, 2024 By Mallory Mooney In Datadog

Compromised secrets, such as leaked API and SSH keys, credentials, and session tokens, are the leading cause of cloud security incidents. While attackers can directly compromise secrets through methods like phishing, they can also gain control by finding and taking advantage of simple misconfigurations in your environment.

Read Post

Datadog

Read more about Identify the secrets that make your cloud environment more vulnerable to an attack

How To Prevent Secrets Sprawl

Oct 28, 2024 By Isaac Madan In Nightfall

Where are your credentials and secrets, and how are you protecting them? These are fair questions, considering the pervasiveness of secrets sprawl. We recently conducted research over 12 months to determine where enterprises’ secrets were residing within their systems, like GitHub, Confluence, Zendesk and Slack. In addition to API keys and passwords, secrets like SSL certificates, usernames and others are spilling into enterprises’ cloud environments and increasing the risk of a breach.

Read Post