CodeSecDays 2024 - Join GitGuardian for a full-day exploration of cutting-edge DevSecOps solutions!

Save my spot!

CodeSecDays 2024 - Join GitGuardian for a full-day exploration of cutting-edge DevSecOps solutions!

Save my spot!

Keep Your Private Code Packages Private With GitGuardian Honeytoken

GitGuardian Honeytoken is a tool that helps detect leaks and intrusions in projects. It allows users to create a Honeytoken from the dashboard, insert it into their project, and share the package with their team securely. Learn more at https://www.gitguardian.com/honeytoken.

Video Transcript

Are your private npm or PyPi  packages staying private? How would you know if someone shared an  internal package out there in the wild? GitGuardian Honeytoken is a quick and easy way to add leakage and intrusion  detection to your projects. Honeytokens are decoy credentials that don't  grant users access to anything but instead trigger alarms that give you the IP of the user,  their user agent, and what action they attempted. If someone does try to use them,  then you need to know ASAP. Honeytokens are also triggered when exposed  publicly and will sound the alarm if the credential is scanned, giving you a heads-up  that your private package is no longer private. Knowing early is the secret to  effective incident response. When building your packages, just create a  new honeytoken from the GitGuardian dashboard and insert it into the project where you  prefer, in a .yml, .json, .py, or .js file. Then build and share that package  with the team with confidence. GitGuardian Honeytokens are here  to help keep your projects safe.