Red Hat announced the general availability of Red Hat Connectivity Link, a hybrid multicloud application connectivity solution that provides a modern approach to connecting disparate applications and infrastructure.
GitGuardian has unveiled its NHI Security strategy, a transformative approach to securing the explosive growth of NHIs and the secrets they depend on.
At the core of this strategy is GitGuardian NHI Governance, a solution designed to provide comprehensive visibility and control over the lifecycle of NHIs and their tied secrets. This strategy marks a significant leap forward with the launch of integrations across five leading secrets management platforms: HashiCorp Vault, CyberArk Conjur, AWS Secrets Manager, Google Cloud Secrets Manager, and Azure Key Vault.
With Non-Human Identities outnumbering human ones by 50 to 1, enterprises face an unprecedented challenge in securing the rapid expansion of NHIs and their associated secrets—API keys, credentials, access tokens, and more. These secrets are often scattered across codebases, CI/CD pipelines, and productivity tools, creating security blind spots and operational inefficiencies. GitGuardian is responding with an NHI Security strategy explicitly designed to tackle this growing risk.
"Secrets and non-human Identities are now the backbone of modern digital infrastructures, but securing them has become a nightmare for enterprises," said Eric Fourrier, CEO of GitGuardian. "Through our NHI Security strategy, we're urging enterprises to step up and regain control of their secrets. We're giving them a clear, actionable path forward: a way to discover and secure their NHIs at scale while reducing risk and complexity."
GitGuardian NHI Governance introduces a comprehensive framework to address these challenges head-on. By unifying governance across platforms and automating key processes, the strategy is designed to provide organizations with:
● Complete Visibility: Centralized tracking of where secrets are stored, how they are used, their permissions, and which NHIs they are associated with.
● Proactive Posture Management: Detection of stale, overprivileged, or compromised secrets, with prioritized workflows for remediation.
● Lifecycle Automation: Seamless enforcement of security policies, from onboarding to secrets rotation, ensuring consistent best practices across teams.
Looking beyond tools and integrations, GitGuardian NHI Governance is designed to establish a vision for long-term resilience. "Our commitment is to empower security and development teams with actionable insights, robust governance, and scalable solutions. This new NHI Governance module is a natural extension of our deep expertise in secrets security. It not only helps organizations remediate leaked secrets but also strengthens overall NHI management and hygiene," said Eric Fourrier.
As a foundational component of its NHI Security strategy, GitGuardian has launched integrations with the industry's leading vaults HashiCorp Vault, CyberArk Conjur, AWS Secrets Manager, Google Cloud Secrets Manager, and Azure Key Vault.
These integrations tackle enterprises' challenges of secrets management while complementing existing vault functionalities:
1. Unified Secrets Visibility: Create a comprehensive inventory of secrets stored across multiple vaults, providing teams with a centralized view for managing and auditing secrets.
2. Vault Sprawl Mitigation: Address inefficiencies caused by using multiple secrets management tools by consolidating and streamlining vault operations.
3. Cross-Vault Incident Resolution: Link secret incidents directly to the affected vault entries, allowing quicker and more accurate remediation.
4. Secrets Lifecycle Auditing: Automate the identification of stale, compromised, or overprivileged secrets to prioritize security risks and enforce rotation policies.
5. Efficient Vault Migrations: Simplify the migration of secrets to preferred vaults, eliminate underused systems to reduce redundancies, purge outdated secrets, and cut costs.
6. Streamlined Onboarding and Policy Enforcement: Standardize secrets management practices across teams by integrating GitGuardian's Governance with existing vault policies.
"While vaults play a key role in secrets management, they aren't sufficient to address the full spectrum of secrets security challenges," added Eric Fourrier. "Our integrations take those platforms to the next level, ensuring enterprises can centralize their secrets management, reduce risks, and save on operational costs."
GitGuardian continuously enhances its offerings to help enterprises secure NHIs and their secrets at scale, and stay ahead of emerging threats. Future developments will include advanced automation, advanced NHI hygiene analytics, and enhanced incident response tools, further solidifying GitGuardian's position as a leader in NHI security.
GitGuardian's multi-vault integrations are available now.
Industry News
Appfire announced 7pace Timetracker for Jira is live in the Atlassian Marketplace.
SmartBear announced the availability of SmartBear API Hub featuring HaloAI, an advanced AI-driven capability being introduced across SmartBear's product portfolio, and SmartBear Insight Hub.
Azul announced that the integrated risk management practices for its OpenJDK solutions fully support the stability, resilience and integrity requirements in meeting the European Union’s Digital Operational Resilience Act (DORA) provisions.
OpsVerse announced a significantly enhanced DevOps copilot, Aiden 2.0.
Progress received multiple awards from prestigious organizations for its inclusive workplace, culture and focus on corporate social responsibility (CSR).
Red Hat has completed its acquisition of Neural Magic, a provider of software and algorithms that accelerate generative AI (gen AI) inference workloads.
Code Intelligence announced the launch of Spark, an AI test agent that autonomously identifies bugs in unknown code without human interaction.
Checkmarx announced a new generation in software supply chain security with its Secrets Detection and Repository Health solutions to minimize application risk.
SmartBear has appointed Dan Faulkner, the company’s Chief Product Officer, as Chief Executive Officer.
Horizon3.ai announced the release of NodeZero™ Kubernetes Pentesting, a new capability available to all NodeZero users.
Veracode acquired certain assets of Phylum, including its malicious package analysis, detection, and mitigation technology.
AppViewX announced the completion of its acquisition by Haveli Investments.
Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).