Researcher finds GitHub admin credentials of car company thanks to misconfiguration
Take a closer look at a security researcher's tale of hacking a car company via their bug bounty program. Learn how to better protect your apps and your org.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Introducing Infra as Code Security in The GitGuardian Platform
We are proud to introduce Infra as Code Security in The GitGuardian Platform. GitGuardian can now automatically scan connected GitHub or GitLab repositories for IaC template files like Terraform and CloudFormation and alert you about any misconfigurations affecting your AWS, Azure, and GCP deployments, your Kubernetes clusters, and Docker containers.
Unveiling Infra as Code Security in the GitGuardian Platform
Discover how GitGuardian's new Infra as Code Security capabilities empower cloud engineers and security professionals to detect, manage, and resolve IaC vulnerabilities precisely.
GitGuardian Incident Validity and Presence Checks
Two of the first questions typically asked when you are experiencing a secret leak are:"Is the credential still valid?" and"Has the secret been removed from the git repo?" GitGuardian makes it simple to understand the state of your leaked secrets with our automatic validity and presence checks.
DEF CON 31: A hot time in the Las Vegas heat and some cool days in AppSec Village
DEF CON 31 was a unique experience. Read highlights from GitGuardian's time in Las Vegas, AppSec Village, the Hunt the Hacker CTF, insightful talks, and hacker fun.
Customize Your Automated Incident Severity Scoring Rules In GitGuardian
GitGuardian has always made it easy to triage secret leak incidents, Now with custom severity rules, you can automate how GitGuardian labels the criticality of each incident. Fine-tune the pre-built scoring definitions and add your own custom rules that help your team with your particular requirements.
How to Handle Secrets with Azure Key Vault
This tutorial details how to manage secrets effectively using Azure Key Vault. You'll learn how to create secrets and access them in both virtual machines and Kubernetes clusters.
BSidesLV: The big event before the biggest security event in Las Vegas
BSides Las Vegas 2023 united security experts and devs. Highlights include PasswordsCon, medical device security, MFA challenges, and CISA's role in cybersecurity.
Submit Your Incident Feedback Directly In The GitGuardian Dashboard
GitGuardian is making it easier and safer than ever to gather feedback about secret leakage incidents. We have added a feedback form directly to the GitGuardian dashboard incident detail view, allowing your team to provide more info about the incident, including confirming if it's an actual secret, if it gives access to any sensitive info, if it has been revoked, as well as any other relevant details.
From Code to Cloud: Security for Developers [cheat sheet included]
In this cheat sheet, we will walk you through the different stages of the software development lifecycle and highlight key security considerations and tools that can help you mitigate risks and protect your code.