GitGuardian added a tool that makes it possible for DevOps teams to search GitHub repos to determine if secrets have inadvertently found their way into other apps.
HashiCorp Streamlines Workflows to Improve Productivity
New HashiCorp tools address everything from streamlining how infrastructure is managed and apps are delivered to how secrets are kept.
Pulumi Previews Tool to Integrate Secrets and Infrastructure Management
Pulumi previewed a tool that enables DevOps teams to unify environments, secrets and configuration (ESC) management.
HashiCorp Acquires BluBracket to Extend Secrets Management Reach
HashiCorp this week acquired BluBracket to add a set of static secrets discovery tools to its portfolio.
GitGuardian Survey Surfaces Secrets Management Challenges
A survey of 507 IT decision-makers in the U.S. and the United Kingdom published today found 75% of respondents said a secret leaked from at least one application, with 60% noting that the leak caused issues for either the company, employees or both. Conducted by Sapio Research on behalf of GitGuardian, a provider of a […]
ReversingLabs Adds Ability to Detect Secrets in Application Binaries
ReversingLabs today announced it added an ability to detect secrets exposed in application binaries to its Software Supply Chain Security (SSCS) platform. Tomislav Peričin, chief software architect for ReversingLabs, said this addition will make it easier for DevSecOps teams to identify secrets that are inadvertently left in applications as plain text or that can be […]
GitGuardian: 10M Exposed Secrets on GitHub
GitGuardian published an analysis of more than one billion commits to GitHub repositories that found 10 million occurrences of secrets, with one out of 10 developers exposing a secret. Mackenzie Jackson, a developer advocate for GitGuardian, said more than 80% of all the secrets caught by live monitoring GitHub were exposed through personal repositories, with […]
The Secret to Secrets Management: Reduce Source Code Vulnerabilities
We are in the cyberattack age. From Microsoft to Crypto.com, no company is completely safe from malicious attackers, and it seems as if a new major cyberattack is announced weekly, if not more frequently. As more companies not only go digital but expand their digital offerings and initiatives, there are more opportunities for cyberattackers. Security […]
Resolving CI/CD Permissions Issues to Address Delivery Needs
Security concerns and DevOps process issues can stall CI/CD operations. DevOps teams are familiar with the frustrations plaguing their pipelines, whether regulatory or process-based. Operational hurdles are all too common in DevOps pipelines, leading to miscommunication between team members and the broader organization. One of the leading operational issues DevOps teams encounter is permission issues. […]
The Other Reasons for Password Management
I try not to write about ongoing work—if it is important enough to blog about then it is important enough to write about in the work product, and blog about something else. But every once in a great while, the need overrides my simple rule. After all, zealous adherence to rules is not really a […]








