Cloudflare hacked - How the Okta breach enabled hackers to breach cloudflare
Cloudflare is one of the largest networks in the world and had there internal systems breached due to stolen credentials from the October 2023 Okta breach.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
The Secret's Out: How Stolen Okta Auth Tokens Led to Cloudflare Breach
Cloudflare experienced a security breach when its internal systems were compromised, leading to unauthorized access to sensitive data. Another incident highlights the importance of maintaining strict secrets security across the supply chain.
Securing the Gateway - Mastering API Security in the Modern Web Landscape
APIs are the backbone of modern web applications, yet we rarely assess security beyond the traditional WAFs and Gateways. In fact, in a recent scan of over 1.5k GraphQL endpoints revealed a staggering 46,000+ security issues and sensitive data leaks—all accessible without authentication, with 10% classified as critical. Due to API’s being widely used by developers, they have now become a favored attack vector for threat actors.
GitGuardian Honeytoken For Peace Of Mind
GitGuardian Honeytokens can help you stay safe as you tackle secrets sprawl at scale. Deploying GitGuardian honeytokens into all of your repositories will give you an immediate warning system, letting you know when someone scans your repos or if they they get leaked onto the public internet. Dealing with a large number of incidents is already challenging enough, Use GitGuardian honeytokens to buy some peace of mind while you work to eliminate secrets sprawl.
Evaluating Secrets Detection Platforms Is Complex: GitGuardian is here to help you navigate the process
Discover GitGuardian's efficient POC-based approach to evaluating a secrets detection and remediation platform, simplifying the complex buying process for enterprises.
Terraform Project for Managing Vault Secrets in a Kubernetes Cluster
This article uses Kubernetes Secrets as a native Kubernetes component for handling sensitive data at container runtime and Vault as a trusted storage and maintenance solution for sensitive data.
What is SCA (Software Composition Analysis) software?
SCA or Software Composition Analysis is an important security tool that helps you understand how your application is made up. Our software is built from open-source components and these components can have vulnerabilities or simply be malicious. SCA scans our applications to identify these components and lets us know if there are vulnerabilities or issues within it. In this short video we explain what SCA tools are and how they work as well as there role in application and cyber security.
Five Ways Your CI/CD Pipeline Can Be Exploited
CI/CD pipelines can be exploited in a number of ways and we're going to share a few with you.
Store API keys and other secrets securely in python using env variables
In this Tech Tip Tuesday video we share how to securely store secrets like API keys or other credentials environment variables. To do this we use the python dotenv project to store secrets in a.env file and load them into local memory. Subscribe for more tech tips, on Tuesdays and other days.
Risks of source code leakage
Attackers are always after your source code! Source code is very leaky and often contains sensitive information like secrets (APi keys or credentials).