Secrets Management stories

GitHub Action compromise affects over 23,000 repositories
Last month
#
open source
#
software development
#
security vulnerabilities
A malicious commit in the tj-actions/changed-files GitHub Action, used in over 23,000 repositories, threatens software security across numerous CI pipelines.

Venafi launches SaaS machine identity products in Australia
Last month
#
saas
#
hybrid cloud
#
open source
Venafi has launched its cloud-based machine identity security solutions in Australia, enhancing organisations' ability to manage risks as AI adoption rises.

Carlsberg enhances development with GitHub integration
Wed, 15th Jan 2025
#
devops
#
digital transformation
#
apm
Carlsberg has enhanced its development processes by integrating GitHub's tools, streamlining coding and security while reducing operational tool sprawl.

30,000 Postman workspaces leak API keys & credentials
Fri, 27th Dec 2024
#
phishing
#
martech
#
email security
CloudSEK has uncovered over 30,000 exposed Postman workspaces leaking sensitive API keys, affecting major firms across healthcare, finance, and sports sectors.

GitGuardian unveils strategy to protect non-human identities
Wed, 18th Dec 2024
#
network infrastructure
#
cloud security
#
api
GitGuardian has launched a Non-Human Identity Security strategy to enhance the management of NHIs and their secrets, addressing enterprise security challenges.

GitGuardian report highlights rising secrets security concerns
Fri, 1st Nov 2024
#
application security
#
cyberark
#
security posture
GitGuardian's 2024 report reveals that 79% of IT leaders have seen secrets leaks, highlighting growing concerns and a shift towards enhanced security measures.

Entro Security report reveals critical risks in managing NHIs
Tue, 17th Sep 2024
#
cybersecurity
#
security vulnerabilities
#
secrets management
Report reveals grave cybersecurity flaws, with 97% of Non-Human Identities having excessive privileges and 44% of tokens exposed.

Survey reveals security gaps in managing non-human identities
Tue, 17th Sep 2024
#
pam
#
cloud security
#
iam
A survey reveals critical security gaps in managing non-human identities, with only 15% of organisations confident in their NHI security measures.

Entrust launches KCaaS, enhancing cloud-based key management
Fri, 23rd Aug 2024
#
virtualisation
#
encryption
#
veeam
Entrust unveils KeyControl as a Service, addressing critical gaps in key management with its cloud-based solution, enhancing security and compliance.

Tessell partners with HashiCorp to enhance DBaaS features
Fri, 14th Jun 2024
#
encryption
#
microsoft
#
cloud services
Tessell partners with HashiCorp to boost its DBaaS platform by integrating automation and security tools, enhancing flexibility, scalability, and security for users.

Avocado Consulting expands partnership with CyberArk
Mon, 15th Apr 2024
#
virtualisation
#
devops
#
digital transformation
Avocado, a consulting firm, has announced an enhanced partnership with CyberArk to bolster identity security in Aussie and Kiwi firms amidst swift digital transformation.

Leaked secrets on GitHub rose by 28% in 2023, report reveals
Thu, 14th Mar 2024
#
it training
#
data privacy
#
cybersecurity
The 2024 State of Secrets Sprawl report reveals a 28% rise in new secret occurrences leaked on GitHub in 2023, exposing a significant security gap and putting various sectors at risk.

GitGuardian & CyberArk partner for secrets security solution
Fri, 9th Feb 2024
#
devops
#
apm
#
software development
Secrets detection specialist GitGuardian collaborates with CyberArk to tackle Secrets Sprawl in DevOps, offering automated detection and leak remediation.

GitGuardian launches free toolset to protect business secrets
Fri, 20th Oct 2023
#
supply chain & logistics
#
apm
#
cybersecurity
GitGuardian has launched 'HasMySecretLeaked,' a tool to help security engineers check if their organisation's secrets have leaked on GitHub.

Keeper Security with first in joining the CVE programme
Fri, 6th Oct 2023
#
devops
#
pam
#
apm
Keeper Security, a leader in password management, has become the first company in its field to join the CVE programme as a CNA.

HashiCorp acquires BluBracket to expand its secrets management capabilities
Fri, 30th Jun 2023
#
it automation
#
multi-cloud
#
cybersecurity
With this acquisition, HashiCorp is expanding its product portfolio to enable customers to discover and manage their entire secret inventory.