C.J. MayinGitGuardianHow to Become Great at API Key Rotation: Best Practices and TipsSecret management can be a complex challenge. In this article, we will take you from zero to hero on key rotation.7 min read·Dec 28, 2023----
C.J. MayinGitGuardianSecure Code Review Best Practices [cheat sheet included]Reducing vulnerabilities in your software means manual and automated secure code reviews. Download our handy cheat sheet and learn more!6 min read·Jul 26, 2023----
C.J. MayinGitGuardianBest Practices for Securing Infrastructure as Code (IaC) in the DevOps SDLC [cheat sheet included]Infrastructure as code (IaC) is the practice of managing and provisioning computing resources using configuration files or scripts rather…8 min read·Apr 13, 2023----
C.J. MayinGitGuardianThinking Like a Hacker: Finding Source Code Leaks on GitHubAbout this series5 min read·Dec 7, 2022----
C.J. MayinGitGuardianThinking Like a Hacker: Stealing Secrets with a Malicious GitHub ActionHow can an attacker exploit leaked credentials? Fourth case: secrets are stolen with a malicious GitHub action.4 min read·Oct 13, 2022----
C.J. MayinGitGuardianThinking Like a Hacker: Commanding a Bot Army of Compromised Twitter AccountsHow can an attacker exploit leaked credentials? Third case: Twitter API keys are used to pump an altcoin.5 min read·Sep 26, 2022----
C.J. MayinGitGuardianThinking Like a Hacker: AWS Keys in Private ReposHow can an attacker exploit leaked credentials? Second case: an AWS secret is found in a private repository.5 min read·Aug 12, 2022----
C.J. MayinGitGuardianThinking Like a Hacker: Abusing Stolen Private KeysThe first entry in a new series about leaked secret abuse.5 min read·Jul 21, 2022----
C.J. MayinGitGuardianSecuring Containers with Seccomp: Part 2This tutorial will guide you through the setup of a GitHub Action generating a Seccomp filter for your application, a cutting-edge security…10 min read·Apr 1, 2022----
C.J. MayinGitGuardianSecuring Containers with Seccomp: Part 1In this article we present a novel way to protect your container applications post-exploitation. This additional protection is called…7 min read·Mar 24, 2022----