Tag: secrets management
Shift Left to the Developer’s Machine: Building Local Git Security GatesÂ
Arun Sanna | | CI/CD security, code security, Credential Leakage, Defense in Depth, developer experience, Developer Security, devsecops, Git Hooks, Git Security, GitLeaks, Open Source Security Tools, Pre-Commit Hooks, secret detection, secrets management, shift left security, Software Supply Chain, static analysis, supply chain security, vulnerability scanningShift left to the developer's machine. The principle is what matters: Stop secrets before they ship. The tooling is a means to that end. ...
1Password Allies With OpenAI to Secure Codex AI Coding Tool
Mike Vizard | | AI coding tools, credential security, devsecops, just-in-time credentials, MCP Server, Model Context Protocol, secrets management, Software Supply ChainDevSecOps teams can now manage coding agents as a tenant rather than another vault where secrets might be stored, ensuring credentials are never exposed to an AI agent or LLM as plain ...
Why AI-Generated Code Is Raising the Stakes for Secrets Management
Following a $50 million funding round, GitGuardian CEO Eric Fourrier discusses why secrets security is becoming a much bigger problem in the age of AI-generated code and autonomous agents. As more organizations ...
Tool Fragmentation is Breaking Delivery Context — Here’s What Teams are LearningÂ
Arul Watson | | access control, application security, automation, CI/CD pipelines, Cloud Security, credential exposure, Cybersecurity, devsecops, incident response, risk management, secrets management, security best practices, supply chain security, token managementExplore the emerging crisis in application delivery caused by tool fragmentation in modern software development. This article discusses the need for semantic interoperability, context preservation, and a shift from linear pipelines to ...
Secrets Management Failures in CI/CD PipelinesÂ
Johnbosco Ejiofor | | access control, application security, automation, CI/CD pipelines, Cloud Security, credential exposure, Cybersecurity, devsecops, incident response, risk management, secrets management, security best practices, supply chain security, token managementExplore the critical role of secrets management in CI/CD pipelines and its impact on cybersecurity. This article highlights the risks of credential exposure, the importance of implementing strong security practices, and how ...
Common IaC Security Issues and How to Fix Them
Durojaye Olusegun | | audit logging, automated compliance, CI/CD pipeline security, cloud infrastructure, cloud misconfiguration, cloud security incidents, CloudFormation, configuration drift, devsecops, drift detection, hardcoded secrets, IaC automation, IaC best practices, IaC governance, IaC security, IaC vulnerabilities, infrastructure as code, least privilege access, policy as code, secrets managementLearn the top five Infrastructure as Code (IaC) security vulnerabilities, their fixes, and best practices to prevent misconfigurations, drifts, and breaches ...
HashiCorp Embraces Agentic AI to Streamline Management of IT
Mike Vizard | | HashiCorp Cloud Platform HCP, Infrastructure as Code (IaC), IT infrastructure lifecycle management, Model Context Protocol MCP server, Project infragraph, secrets management, Vault Enterprise 1.21, zero trust automationHashiCorp today added a slew of updates to its platform for managing and securing IT infrastructure, including integration with multiple automation frameworks and a preview of an ability to use artificial intelligence ...
Analysis of GitHub Repositories Surfaces Nearly 23M Secrets
An analysis of public GitHub repositories published today finds 22.8 million hardcoded secrets, representing a 25% increase since a similar study was done a year ago ...
GitGuardian Allies With CyberArk to Better Protect App Secrets
GitGuardian has allied with CyberArk to streamline secrets detection and management by making it easier to share insights ...
Legit Security Applies AI to Detect Vulnerable Application Secrets
Mike Vizard | | ai, application security, artificial intelligence, code scanning, Legit Security, secrets managementLegit Security expanded the scope of its ASPM platform to make use of AI to discover vulnerable application secrets more accurately ...
Sonar Adds Secrets Detection to Code Analysis Portfolio
Sonar has added a secrets detection capability to its portfolio of tools for analyzing code and DevOps workflows ...
GitGuardian Adds Tool for Discovering Secrets in Public Repositories
Mike Vizard | | code repositories, GitGuardian, Secrets, secrets management, Software Supply Chain SecurityGitGuardian added a tool that makes it possible for DevOps teams to search GitHub repos to determine if secrets have inadvertently found their way into other apps ...
