Getting To AWS IAM Outbound Identity Federation With GitGuardian
Secure all your non-human identities across providers and without secrets. Explore how AWS and GitGuardian can help organizations migrate to short-lived tokens.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
OIDC for Developers: Reasons Your Auth Integration Could Be Broken
Why outsourcing auth doesn't mean outsourcing risk.
How To Use ggshield To Avoid Hardcoded Secrets [cheat sheet included]
ggshield, GitGuardian’s CLI, can help you keep your secrets out of your repos, pipelines, and much more. Download our handy cheat sheet to help you make the most out of our CLI.
A Deep Dive Into ggshield, The GitGuardian CLI
In this in-depth walkthrough, we will show you how to turn ggshield, the GitGuardian CLI, into a practical guardrail for keeping secrets out of your code and CI pipelines. You’ll see exactly how to install and authenticate ggshield, then use it to scan repositories, local paths, archives, Docker images, PyPI packages, and CI environments for hardcoded credentials. We’ll also walk through configuring Git hooks with ggshield install.
From Detection to Defense: How Push-to-Vault Supercharges Secrets Management for DevSecOps
Secrets don’t belong in plaintext. GitGuardian's Push-to-Vault automates vaulting exposed secrets, helping security teams scale governance and reduce incident fatigue.
Quick Start Guide for ggshield, the GitGuardian CLI
Get up and running with ggshield, the GitGuardian CLI, in just a few minutes by installing it, authenticating, and running your first secrets scan. This quick-start video shows you how to scan individual files and entire projects, then lock in protection with a pre-commit Git hook to keep secrets out of your commits.
Shai-Hulud 2.0: What did the hackers learn from the previous attack?
Watch our security researcher Guillaume Valadon break down the sophisticated ShaiHulud 2.0 attack where malware exfiltrates secrets directly to GitHub using stolen developer credentials.
The Hacker Was Testing Shai-Hulud 2.0 Attack - 3 Days Before It Hit
We discovered hackers were testing Shai-Hulud 2.0 three days before the attack. Our researcher Guillaume Valadon explains how GitGuardian's data helped us warn hundreds of companies who didn't even know they were compromised.
Lessons in Testing, Performance, and Legacy Systems from /dev/mtl 2025
Montreal's recent community event revealed how feature flags, observability, and lifecycle discipline help teams manage complexity without compromising security or stability.
Mutual TLS (mTLS) Authentication - A Complete Guide
mTLS, or mutual Transport Layer Security, is a mechanism that establishes two-way authentication between two parties, ensuring they are who they claim to be.