Arnica Blog - Plushcap

Blog URL

www.arnica.io/resources/blog

Posts YTD

0 ↓ vs 2 last year

Avg Posts/Month

1.6 since 2023

Monthly Post Volume

Start year: 2022 2023 2024 2025 2026

Post Details

Search:

Title	Author	Published	Words	HN Pts
5 critical lessons from the latest GitHub phishing campaign by Gitloker	Nir Valtman	2024-06-17	1,389	--
Azure Permissions: Managing Granular Permissions in Azure Devops	Eran Medan	2023-01-10	1,645	--
Why Risk Scanning Needs to be Free: Don't Just Find Risks, Fix …	Simon Wenet	2023-11-20	1,283	--
Trying to identify spoofing in GitHub? May the 4th be with you!	Mark Maney	2023-05-03	1,976	1
How to Determine the Severity of a Third-Party Risk with Software Composition …	Simon Wenet	2023-09-27	1,501	--
The Criticality of Context for Addressing Software Supply Chain Risk	Mark Maney	2023-06-19	1,753	--
Should I Manage Code in a Single Organization or Multiple Organizations?	Mark Maney	2023-06-27	1,101	--
[April fools] Introducing SecuriSlow™: Slowing Down Your Developers, Fast	Nir Valtman	2024-04-01	274	--
How to ensure your third-party software packages are reputable	Mark Maney	2023-08-16	1,909	--
Best practices maintaining a secure development environment	Mark Maney	2023-01-11	1,961	--
How We Converted a GitHub Tool Into a General Purpose Webhook Proxy …	Doron Guttman	2023-04-17	1,949	3
Harnessing the Power of Secure Coding Practices for Effective CI/CD Security	Nir Valtman	2023-02-13	1,796	--
Defending Against Source Code Exfiltration, Fast and Slow	Mike Doyle	2023-04-05	1,272	--
How to ensure you don’t have Sourcegraph secrets in source code	Nir Valtman	2023-09-04	630	3
Malicious Code Campaign on GitHub Repos: Is it Hype or a Dire …	Nir Valtman	2024-03-05	754	2
How to Evaluate a Static Application Security Testing (SAST) Solution	Mark Maney	2023-11-13	1,668	--
How to prioritize third-party package (SCA) vulnerabilities	Mark Maney	2023-11-28	1,410	--
What Every Developer Needs to Know About GitHub Branch Protection	Nir Valtman	2024-03-13	1,430	1
A Complete Guide: Enterprise Managed Users vs Bring Your Own Users on …	Nir Valtman	2023-10-17	1,301	--
Why secrets continue to be a massive problem in source code	Mark Maney	2023-05-30	1,441	--
How insurance tech companies are leading the way on Application Security	Simon Wenet	2023-05-03	970	--
What is an SBOM, what is it not, and do you need …	Mark Maney	2023-03-22	1,649	--
SBOM For Your Software Supply Chain: Added Visibility or Security Risk?	Mark Maney	2023-09-19	1,176	--
The Essential Guide to SCA and SAST	Simon Wenet	2024-02-08	505	--
CI/CD Pipeline Security vs. IDE plugins vs. Pipelineless Security	Nir Valtman	2023-11-27	1,881	--
Leveraging EPSS, CVSS, and KEV for Comprehensive Risk Management & Prioritization	Simon Wenet	2024-02-20	1,040	--
How to Detect & Prevent Source Code Exfiltration	Simon Wenet	2023-07-05	1,414	--
The Importance of EPSS in Vulnerability Prioritization: A Holistic Approach	Eran Medan	2023-03-28	628	1
How to prioritize your backlog of hardcoded secrets	Nir Valtman	2023-07-18	1,884	--
What Developers Can Learn from Taylor Swift's Re-recording Strategy	Nicholas Rodine	2023-06-12	1,107	2
Adopting Pipelineless Security Solutions for Modern AppSec Programs	Simon Wenet	2023-04-10	1,465	--
Minimize AppSec Effort and Maximize AppSec Coverage with Pipelineless Security Scanning	Nir Valtman	2024-01-23	1,972	--
Practical Guide for Evaluating Secret Detection Solutions to Fit Modern Software Development	Nir Valtman	2024-06-12	2,043	--
Why Secret Scanning Visibility Should Be Free & Understanding Where There is …	Mike Doyle	2023-07-11	1,420	--
Need for AppSec exposed by the ‘ResumeLooters’ SQL Injection & XSS Attacks	Nir Valtman	2024-02-13	555	--
New York Times Data Breach Reveals Secrets & Source Code	Simon Wenet	2024-07-10	832	--
Rabbit r1 Data Breach Again Shows The Dire Need for Improved Secrets …	Simon Wenet	2024-06-28	853	--
Building an AppSec Program, Powered by Pipelineless Security	Nir Valtman	2024-08-20	2,644	--
Time for an Honest Talk About Third-Party Risk Management and Software Composition …	Mark Maney	2024-09-10	903	--
Optimizing Code Security: Advanced Strategies in SAST Scanning	Simon Wenet	2024-09-17	2,199	--
Implementing SAST Security Policies: Effective Strategies for Application Protection	Eitam Arad	2024-10-10	2,083	--
State of Developer Time Loss 2024: How Arnica’s Pipelineless Security Can Help	Eitam Arad	2024-11-05	1,748	--
Best Practices for SCA Scanning in Agile Development	Eitam Arad	2024-11-14	2,326	--
How Arnica's Low-Reputation Package Detection Could Have Prevented the XML-RPC npm Package …	Eran Medan	2024-12-02	869	--
SAST vs. DAST: A Comparative Analysis	Simon Wenet	2025-01-07	1,158	--
Launching Opengrep in response to Semgrep's Open Source Licensing Change	Eran Medan	2025-01-23	563	--
Evaluating SCA Tools for Addressing Open Source Vulnerabilities	Anna Daugherty	2025-02-13	2,520	--
Prioritizing AppSec Vulnerabilities: Developer Context vs. Full Reachability	Nir Valtman	2025-02-11	524	--
Direct vs. Transitive Dependencies: Navigating Package Management in Software Composition Analysis (SCA)	Anna Daugherty	2025-02-25	2,908	--
GitHub Actions Supply Chain Attack: What Arnica Customers Need to Know	Eran Medan	2025-03-17	677	--
How Pipelineless SAST Enforces Application Security Without Slowing Developers Down	Anna Daugherty	2025-04-09	1,501	--
Arnica Now Available on AWS Marketplace	Anna Daugherty	2025-04-23	384	--
SCA Testing for Secure Software Development: When, Where, and How to Scan …	Arnica	2025-05-01	2,074	--
How Regulated Industries Can Evaluate Pipelineless Security Integration Solutions	Arnica	2025-05-14	2,721	--
Understanding the Hidden Costs of DevSecOps Automation Tools	Anna Daugherty	2025-05-10	2,089	--
“Increasing AppSec effectiveness isn’t just a fantasy.” - Key Takeaways from GISEC …	Anna Daugherty	2025-05-09	506	--
Top Application Security Posture Management Tools DevSecOps Teams Rely On	Arnica	2025-07-01	1,782	--
Arnica Recognized by Gartner® in the 2025 Hype Cycle™ for Software Engineering	Anna Daugherty	2025-07-10	86	--
Incremental SCA Scanning Strategies for Large-Scale Monorepos	Arnica	2025-07-15	944	--
Customizing Software Composition Analysis Tools to Enforce Industry-Specific Risk Thresholds	Arnica	2025-07-15	924	--
Using Behavioral Analytics to Improve Real-Time Application Security Monitoring	Arnica	2025-06-26	1,256	--
ASPM Tools That Empower Developers Without Slowing Them Down	Arnica	2025-07-01	1,553	--
Arnica Named a Representative Vendor in 2025 Gartner Hype Cycle for Application …	Anna Daugherty	2025-07-31	471	--
Designing Automated Security Workflows Across Multi-Cloud Codebases	Arnica	2025-06-26	1,066	--
Arnica Positioned as a Major Player in the 2025 IDC MarketScape for …	Anna Daugherty	2025-09-09	429	--
Meet Arnie: Your AI Code Protector	Arnica	2025-09-23	764	--
Secure Coding Agent Architectures for Enterprise Repositories	Arnica	2025-10-03	1,400	--
Building a Zero-Trust Model for Agentic AI Security	Arnica	2025-10-03	1,460	--
From Vibe Coding to Viable Coding: How to Make AI Work in …	Arnica	2025-10-08	500	--
Why Agentic AI Is the Next Leap in Retail Decision-Making	Arnica	2025-10-27	1,044	--
Beneath the Surface of Multi-Agent AppSec	Nir Valtman	2025-11-04	734	--
Securing the Agentic Era: What the Arnica Team Learned at OWASP US …	Arnica	2025-11-10	791	--
Shai Hulud 2.0: How to Immediately Identify Your Exposure with Arnica's New …	Arnica	2025-11-24	379	--
Arnica Named a Leader in the 2025 Frost Radarâ¢ for Application Security …	Arnica	2025-12-10	526	--
Top 6 AI SAST Tools for 2026: The Quick Guide to Agentic …	Arnica	2025-12-15	1,464	--
2026 AppSec Predictions: The Year We Confront AI Reality	Arnica	2025-12-22	882	--

Plushcap, by Matt Makai. 2021-2026.