Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

This month we dive into CheckPoints CVE-2024-24919 to explain what this vulnerability does and why we have seen it being used in the wild already!

When building an application that requires user authentication, implementing a secure login flow is critical. In this article, we'll walk through how we created a robust OAuth login flow for ggshield, our Python-based command line tool, to streamline the onboarding process for our users.

Machine identities make up the majority of the over 12.7 million secrets GitGuardian discovered in public in 2024. Let's look at how we got here and how we fix this.

Static and dynamic app testing are cornerstones for any comprehensive AppSec program, yet they rarely rise up to the challenges of fully securing modern software. Discover why secrets are one of their critical blind spots.

The Red Team Chronicles is a hacker comic that this month is looking at the endeavors of Jason Haddix and how he and his team got access to a bank via a shred bin using some thrifty techniques.

From entering passwords with getpass to using secret managers like AWS Secrets Manager, this guide covers best practices for protecting sensitive information in your notebooks.

Celebrate 10 years of BSides Knoxville, featuring discussions of AI in security, historical hacking, and holistic protection, fostering a dynamic cybersecurity community.

2024 marked the triumphant return of ShowMeCon, where cybersecurity experts shared their knowledge about distributed security, pentesting, and combating misinformation.

For those feeling code-conscious about shady dependencies lurking in their apps, Software Composition Analysis is the software security wellness check you need!

GitGuardian's Confidence Scorer, a machine-learning model, is being rolled out. Learn how it advances secret detection on GitHub and drives impactful developer alerts.