Code
#security
platform for the
#DevOps
generation.
Enabling Dev, Sec, and Ops to advance together towards the Secure SDLC. 🏆
#1
Security App on GitHub.
🔒 Curious about the latest trends in secrets sprawl?
Register now to receive the exclusive State of Secrets Sprawl 2024 report directly in your mailbox upon release.
Stay ahead of the curve with valuable insights and analysis.
#Cybersecurity
Git secrets leaks simplified!
Get your hands on the latest comic strip by
@sec_r0
🧙♂️ We're happy to back the Security Zines project, expect more comic strips in the coming weeks!
#infosec
#appsec
#github
#cybersecurity
🚨
#GitHub
exposed a private SSH key, affecting RSA Git operations over SSH.
Learn from the incident: prevent leaks by not adding creds to version control, double-check remotes, rotate secrets often.
Full story:
#cybersecurity
#infosec
🎉 Today we are very excited to share with you our new white paper, the Secret Management Maturity Model!
🔐 The best way to take stock of your processes and tools, and how to improve them.
👇 Free download!
[Breach explained] Dropbox Suffers Data Breach From Phishing Attack, Exposing Customer and Employee Emails - Plain secrets present in the code.
#databreach
#cybersecurity
Dev, Sec, Ops: your Secrets Detection & Remediation handbook. Your cheatsheet about secret sprawl and associated threats, how to implement automated credential scanning in your devops pipeline, how to remediate leaked API keys, and much more!
Git secrets leaks simplified!
Get your hands on the latest comic strip by
@sec_r0
🧙♂️ We're happy to back the Security Zines project, expect more comic strips in the coming weeks!
#infosec
#appsec
#github
#cybersecurity
🚀 Ready to tackle application security in 2023? Check out
@Forrester
's report on the current state of
#AppSec
.
Discover key trends, challenges, and opportunities to help you stay ahead of threats. Make sure your strategy is future-proof!
💥 We are thrilled to share the news that we've raised a $44M Series B led by
@Eurazeo
and joined by
@SapphireVC
,
@Balderton
,
@BPIfrance
, and
@FlyVC
!
🦉 Read the full story:
Join the community of 200k developers securing their code with GitGuardian.
The 2022 State of Secrets Sprawl Report is out!! 📣
In Public GitHub, Docker Hub, Internal repositories, secrets are sprawling!
Learn where, how much and how
#cybersecurity
#CISO
#infosec
🚨 Major breaches at
#Microsoft
,
#VMWare
, and
#Sourcegraph
emphasize the escalating risks of exposed secrets in the digital realm.
Are your secrets truly safeguarded?
Dive into recent incidents and discover how GitGuardian is leading the defense
#infosec
🧩Do you know how to secure your software supply chain ?
💡Learn how secrets detection can help protect your organization using NIST SSDF, SLSA, and OSC&R frameworks.
Read now:
#infosec
#cybersecurity
📗
#Forrester
#Report
: The State of
#ApplicationSecurity
, 2022
Benchmark your application security and stay on top of emerging security tools in 2022.
Get your free copy ⬇️
Meet us at
#GitLabCommit
. . We will be talking about the State of Secrets Sprawl and automated secret detection in the SDLC. Thrilled to be a sponsor of this great
@gitlab
event!
🔒 Our recent study at GitGuardian shows that 94% of IT and security decision-makers intend to upgrade their secrets management practices within the next 12-18 months.
👇Check the full report and learn the best strategies about secrets management:
[THREAD 1/7]
Docker security is crucial to keep sensitive data like passwords, API keys, and credentials secure. Here are some best practices for managing secrets in Docker, including storing them securely and minimizing their exposure👇
#infosec
#DevOps
#Docker
We have
@eddiezane
from
@chainguard_dev
on stage for GitGuardian
#codesecdays
. If you are a Kubernetes power user, you probably know him as a co-chair
@kubernetes
sig-cli. You can still join us or watch the replay with this link:
Did you know, every day GitGuardian alerts 2,000
#GitHub
users who have accidentally exposed secrets like API keys, credentials and security certificates? Implement free automated secrets detection now
#cybersecurity
#databreach
🚨Uber reportedly has suffered another massive security incident, which is likely more extensive than its 2016 data breach.
👇 Find out the latest information and our analysis in this article
#uberhack
#breach
#infosec
#cybersec
#appsec
#cloudsec
Meet us tomorrow at
#GitLabCommit
. . We will be talking about the State of Secrets Sprawl and automated secret detection in the SDLC. Thrilled to be a sponsor of this great
@gitlab
event!
“How was the external attack carried out?”, software vulnerabilities, supply chain breaches, and web app exploits came out on top of vectors like phishing, malware spam, and others.
Learn more in Forrester State of Application Security 2022
#appsec
Dive into the world of code signing and supply chain security with Billy Lynch from
@chainguard_dev
With years of experience at Google, Billy brings unique insights into securing our digital ecosystems.
Don't miss this episode:
#SupplyChainSecurity
Hope you are having a good day.
We think today is a good day to review some CI/CD pipeline security best practices.
Here are a few thoughts on how to stay safe out there 👇
#infosec
#appsec
#CyberSecurity
Discover a new approach to building containers with Eddie Zaneski from
@chainguard_dev
at
#CodeSecDays
.
🐺Step into the world of Wolfi OS, a stripped-down Linux distro designed for the cloud-native era, and explore the art of declarative container building.
Learn how to
Thank you to
@ZeinaZakhour
@Atos
and all members of the
@FIC_eu
jury to have awarded us the cybersecurity start-up of the year prize. Our constant objective is to deliver innovation to secure the application development lifecycle.
#infosec
#cybersecurity
We are all set at
#RSAC22
! Come say hello to the friendly team.
@advocatemack
is here at our booth in the Early Stage Expo (ESE-25) - Moscone South level 2
Secrets leakage is a growing problem affecting companies of all sizes: including
#GitHub
.
Read about the latest incident and see if you are affected. as well how to stay safe using some
#cybersecurity
#BestPractices
.
🎙️ Check out the latest episode of The Security Repo podcast with
@McDwayne
and
@advocatemack
. We discuss intent-based access control with Uri Sarid
@TheOtterize
Explore the concept of limiting access to just what is intended.
📺Watch now on YouTube:
At GitGuardian, we understand the importance of software supply chain security in protecting against potential risks and vulnerabilities. That's why we're thrilled to share this informative thread with you about the power of Sigstore! 👇 1/5
#sigstore
#infosec
#devops
Developers are no security experts.
BUT
Secure coding practices can be promoted with guardrails, just-in-time training, and 'security champions' programs.
Learn more in this Forrester report 👇
#appsec
#sast
#sca
#devsecops
#devops
#serverless
Comic of the week:
#ShiftLeft
is a term commonly used in
#DevOps
, DevSecOps &
#CyberSecurity
.
Shift-left is an approach to software development where testing occurs earlier in the SDLC. It is the first half of the maxim Test early & often. Discover more
🍯Honeytokens are not just about catching intruders but to learn from the incident & strengthen your defenses.
👇Sign up for GitGuardian and start deploying Honeytokens in your CI/CD pipelines today.
#CyberSecurity
#DevOps
10/10
On the one cardinal rule to enable secure development, this is what
@cloudzillion
has to say 👇
"Adapt your security testing and practices to the development workflow, not the other way around, because that is when you can get buy-in from developers"
#GitLabCommit
#devops
💥 𝗖𝗶𝗿𝗰𝗹𝗲𝗖𝗜 𝗱𝗶𝘀𝗰𝗹𝗼𝘀𝗲𝗱 𝗮 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝗻𝗰𝗶𝗱𝗲𝗻𝘁 𝘆𝗲𝘀𝘁𝗲𝗿𝗱𝗮𝘆
The CI/CD platform, is investigating a security incident possibly involving the exfiltration of secrets. Learn more about what to do here 👇
A handy guide to follow when handling secrets like API keys & credentials to ensure these don’t fall into the wrong hands
#cybersecurity
#devsecops
#infosec
GitGuardian looks forward to seeing you at
#SnowFroc
2023!
Our developer advocate, Dwayne McDaniel was chosen to speak at the event, with the presentation; App Security Does Not Need To Be Fun: Ignoring OWASP To Have A Terrible Time 🎤
#owasp
#appsecurity
#Snowfroc23
🐳 Docker images can be a security blind spot of developers and organizations. In our latest video we explore how secrets are leaked in
#Docker
images, how we can detect them and of course how we can protect ourselves.
#appsec
#devsecops
#cybersecurity
#GitOps
is the latest evolution of infrastructure as a code and
#DevOps
, it allows us to move from version controlling our code to version controlling our entire system!
Learn about GitOps and how to implement it in our latest blog post.
📝 Billy Lynch from
@chainguard_dev
challenged us to rethink our trust in signed commits in git.
Through his session on Gitsign, he explored why and how we need to ensure the integrity of our code in the face of escalating supply chain security issues. 5/7
Exciting news to come in 2022! Did you know GitGuardian was born on the mats inside a Judo Dojo in Paris where our founders first met?
Our little owl has gone from a Dojo in Paris to.......
😂 Comic of the week:CI/CD
Continuous integration, a practice where developers merge code changes to a central repository.
Continuous delivery, a practice where code changes are automatically built, tested, & prepared.
#DevSecOps
&
#CyberSecurity
Glossary
We’re Teaming Up With
@Snyk
to Strengthen Developer Security!
The new partnership enables Snyk and GitGuardian to build, integrate and go to market together to help development and security teams scale their security programs and significantly reduce their applications' attack
💡"Let Go of Ownership" - An idea that sparked a lot of thought at
@phptek
2023.
This year's keynote by
@tjlytle
was about stewardship in coding and community.
Learn more in our latest article:
#phptek2023
#PHP
"Secrets management reflects in a very nice way how mature the security of your organization is"
#OWASP
#WrongSecrets
founder
@commjoenie
talks about his awesome project and gives a demo on how NOT to store secrets with
@advocatemack
Full Video:
#appsec
Where to safely eat the best French fries?... 🍟
...definitely now in
@lillefrance
, where the International Cybersecurity Forum is taking place.
@GitGuardian
team has been spotted pitching its break-through automated secret detection solution!
#FIC2020
#FIC
#cybersecurity