GitGuardian launched its new Honeytoken module, providing intrusion detection, code leakage detection and helping companies secure their software supply chains against attackers targeting Source Control Management (SCM) systems, Continuous Integration Continuous Deployment (CI/CD) pipelines, and software artifact registries.
“Honeytoken is a significant addition to our code and supply chain security platform,” said Eric Fourrier, CEO of GitGuardian. “It enables organizations to detect intrusions in their DevOps environments effectively. Security teams can now easily monitor their honeytokens and prioritize their secrets incidents within the same centralized console. We are excited to offer this new capability to our customers as we continue to enhance our platform’s capabilities to secure their SDLC and software supply chain.”
With attackers increasingly targeting components in the software supply chain as entry points, GitGuardian’s Honeytoken offers a proactive and pragmatic approach to detect and limit the impact of data breaches. Honeytokens look like real credentials, but don’t grant access to actual customer data, instead only triggering alerts that report the intruder’s IP address.
Users can place them anywhere across their SDLC system, including code repositories, third-party apps like CI/CD pipelines, Docker images, project management systems, cloud infrastructure, or even developer laptops.
On average, it takes 327 days to identify a data breach. This proactive method reduces the breach detection time to a few minutes and helps protect the SDLC against potential intrusions. The key aspect of the approach lies in its simplicity, enabling security teams to address this complex problem of identifying a breach without the need to develop an entire deception system. With just a few lines of code, Honeytoken can effectively deceive attackers, making it an efficient and easy-to-use solution.
Last year, GitGuardian launched ggcanary, a free, open-source project that enables organizations to deploy honeytokens in their codebase or configuration files to detect intrusions in their DevOps environments.
With the new Honeytoken module built on top of it, users can create, deploy and manage honeytokens on a larger enterprise scale and secure thousands of code repositories simultaneously. On the GitGuardian platform, users can see which repositories are protected by honeytokens and which ones, if any, have been triggered.
Eric added, “Honeytoken will also provide code leakage detection. GitGuardian monitors public GitHub in real time for leaked secrets and sends pro bono alerts to developers. So when users place honeytokens in their code, GitGuardian can determine if it has been leaked on the public GitHub. This ability sets GitGuardian apart from its competitors and will enable companies to significantly reduce the impact of breaches like the ones disclosed by Twitter, LastPass, Okta, Slack, and others. We will do a live demo of the Honeytoken capabilities at RSA to demonstrate in real-time how effectively Honeytoken can alert when source code leaks occur. ”
And we’re not stopping here. We plan to automate the dissemination of honeytokens in the SDLC, making it easier to roll out this technology at scale. We will provide shift-left capabilities in the future and expand the use of honeytokens beyond AppSec. This will involve providing the GitGuardian CLI tool, ggshield, to developers, so they can create honeytokens, place them in code repositories and the software supply chain.”
In its ongoing efforts to build a code security platform for the DevOps generation, GitGuardian is actively adding new capabilities to its platform. Honeytoken is the second one after Infrastructure as Code (IaC) at the end of last year. Honeytoken will be first available on demand to existing customers, and then quickly rolled out in GA.
At GitGuardian, security is not a privilege, but a necessity that should be available to everyone. The company has a strong product-led growth (PLG) philosophy, and any GitGuardian user can get free honeytokens to try out the new offering.