Early Lessons from the Sisense Breach
Business intelligence company Sisense has seen secrets compromised in its GitLab repositories, leading to a siphoning of its customers' sensitive data ... Read More
The Open-Source Backdoor That Almost Compromised SSH
The open-source world narrowly escaped a sophisticated supply-chain attack that could have compromised countless systems. A stark reminder of the necessity of vigilant monitoring and rigorous vetting within the open-source ecosystem to maintain trust and security ... Read More
SOPS [Security Zines]
Enjoy the power of SOPS to secure your secrets with this new zine! ... Read More
The State of Secrets Sprawl 2024
The State of Secrets Sprawl 2024 report by GitGuardian uncovers a 28% increase in leaked secrets on GitHub, revealing an urgent need for significantly improved security practices ... Read More
Cybersecurity in Healthcare: Beyond the Myths
The healthcare industry, holding a treasure trove of valuable data, finds itself at a pivotal point in its fight against cyber threats. This sector, harassed by cybercriminals, has endured the highest average costs due to breaches for over a decade ... Read More
The Secret’s Out: How Stolen Okta Auth Tokens Led to Cloudflare Breach
Cloudflare experienced a security breach when its internal systems were compromised, leading to unauthorized access to sensitive data. Another incident highlights the importance of maintaining strict secrets security across the supply chain ... Read More
Leading Machine Learning Innovations at GitGuardian
Discover Arnault's journey as lead ML engineer at GitGuardian, tackling complex data science challenges and secrets management in cybersecurity ... Read More
Has My Secret Leaked? [Security Zines]
A new comic strip to better grasp the simple but effective way HasMySecretLeaked checks your secrets without asking you to reveal them! ... Read More
Understanding the Risks of Long-Lived Kubernetes Service Account Tokens
Kubernetes Service Account tokens are exploited in many attack chain scenarios. Learn how to mitigate these risks and secure your Kubernetes clusters effectively ... Read More
AI and Cybersecurity in 2024 – What’s Changing and Why It Matters
Tired of the AI hype? We get it. Our latest blog takes a no-nonsense look at AI in 2024's cybersecurity – just the facts and some thoughtful insights. No earth-shattering revelations, just a decent read for your coffee break ... Read More