Pulumi VS Terraform: The Definitive Guide to Choosing Your IaC Tool
In this blog, we do a deep dive into Pulumi V.S. Terraform (and slightly touch the mechanism of AWS CDK/CDK for Terraform, for that matter) ... Read More
Terraform Project for Managing Vault Secrets in a Kubernetes Cluster
This article uses Kubernetes Secrets as a native Kubernetes component for handling sensitive data at container runtime and Vault as a trusted storage and maintenance solution for sensitive data ... Read More
Application Security Posture Management with GitGuardian and ArmorCode
Managing GitGuardian Findings as Part of a Complete Risk-Based Software Security Program with ArmorCode ASPM ... Read More
How Honeytokens Can Detect and Stop Black Hat Computer Hackers
Detect & stop black hat hackers with honeytokens. Placed in datasets, these mimic real data, triggering alerts upon interaction. Bolster your cybersecurity now! ... Read More
How to Become Great at API Key Rotation: Best Practices and Tips
Secret management can be a complex challenge, especially when you are trying to do it in a way that is right for security. Key rotation is a big piece of that puzzle. In this article, we will take you from zero to hero on key rotation ... Read More
The New Frontier in Cybersecurity: Embracing Security as Code
Security as Code (SaC) is a term often used with DevSecOps, but what does it mean exactly? Learn best practices and key components for a more secure and efficient development process ... Read More
Dynamic Application Security Testing: Benefits, Pitfalls, and Top Open-Source Solutions
In code security, not everything is "shift left." Dynamic testing is as important to help developers build and ship secure applications on the right-hand side of the SDLC. Let's explore the benefits, pitfalls, and popular open-source DAST tools in this blog post from the Escape team ... Read More
The Significance of Honeypots and the Rise of Honeytokens
Discover the roles and risks of honeypots and honeytokens in cybersecurity with this article. Understand how they work, the benefits they bring to your security strategy, and the precautions needed to avoid potential pitfalls ... Read More
Secure by Default: Integrating GitGuardian in Vermeer’s Software Development Lifecycle
Discover how Vermeer Corporation transformed its software development lifecycle to prioritize security. Learn about their journey from open-source tools to adopting GitGuardian for seamless, integrated secret scanning, enhancing DevSecOps with a 'Secure by Default' approach ... Read More
Uncovering thousands of unique secrets in PyPI packages
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials ... Read More
