| 5 critical lessons from the latest GitHub phishing campaign by Gitloker |
Nir Valtman |
Jun. 17, 2024 |
1389 |
- |
| Azure Permissions: Managing Granular Permissions in Azure Devops |
Eran Medan |
Jan. 10, 2023 |
1645 |
- |
| Why Risk Scanning Needs to be Free: Don't Just Find Risks, Fix Them |
Simon Wenet |
Nov. 20, 2023 |
1283 |
- |
| Trying to identify spoofing in GitHub? May the 4th be with you! |
Mark Maney |
May. 03, 2023 |
1976 |
- |
| How to Determine the Severity of a Third-Party Risk with Software Composition Analysis (SCA) |
Simon Wenet |
Sep. 27, 2023 |
1501 |
- |
| The Criticality of Context for Addressing Software Supply Chain Risk |
Mark Maney |
Jun. 19, 2023 |
1753 |
- |
| Should I Manage Code in a Single Organization or Multiple Organizations? |
Mark Maney |
Jun. 27, 2023 |
1101 |
- |
| [April fools] Introducing SecuriSlow™: Slowing Down Your Developers, Fast |
Nir Valtman |
Apr. 01, 2024 |
274 |
- |
| How to ensure your third-party software packages are reputable |
Mark Maney |
Aug. 16, 2023 |
1909 |
- |
| Best practices maintaining a secure development environment |
Mark Maney |
Jan. 11, 2023 |
1961 |
- |
| How We Converted a GitHub Tool Into a General Purpose Webhook Proxy to Supercharge Our Integration Development |
Doron Guttman |
Apr. 17, 2023 |
1949 |
- |
| Harnessing the Power of Secure Coding Practices for Effective CI/CD Security |
Nir Valtman |
Feb. 13, 2023 |
1796 |
- |
| Defending Against Source Code Exfiltration, Fast and Slow |
Mike Doyle |
Apr. 05, 2023 |
1272 |
- |
| How to ensure you don’t have Sourcegraph secrets in source code |
Nir Valtman |
Sep. 04, 2023 |
630 |
- |
| Malicious Code Campaign on GitHub Repos: Is it Hype or a Dire Threat? |
Nir Valtman |
Mar. 05, 2024 |
754 |
- |
| How to Evaluate a Static Application Security Testing (SAST) Solution |
Mark Maney |
Nov. 13, 2023 |
1668 |
- |
| How to prioritize third-party package (SCA) vulnerabilities |
Mark Maney |
Nov. 28, 2023 |
1410 |
- |
| What Every Developer Needs to Know About GitHub Branch Protection |
Nir Valtman |
Mar. 13, 2024 |
1430 |
- |
| A Complete Guide: Enterprise Managed Users vs Bring Your Own Users on GitHub |
Nir Valtman |
Oct. 17, 2023 |
1301 |
- |
| Why secrets continue to be a massive problem in source code |
Mark Maney |
May. 30, 2023 |
1441 |
- |
| How insurance tech companies are leading the way on Application Security |
Simon Wenet |
May. 03, 2023 |
970 |
- |
| What is an SBOM, what is it not, and do you need one? |
Mark Maney |
Mar. 22, 2023 |
1649 |
- |
| SBOM For Your Software Supply Chain: Added Visibility or Security Risk? |
Mark Maney |
Sep. 19, 2023 |
1176 |
- |
| The Essential Guide to SCA and SAST |
Simon Wenet |
Feb. 08, 2024 |
505 |
- |
| CI/CD Pipeline Security vs. IDE plugins vs. Pipelineless Security |
Nir Valtman |
Nov. 27, 2023 |
1881 |
- |
| Leveraging EPSS, CVSS, and KEV for Comprehensive Risk Management & Prioritization |
Simon Wenet |
Feb. 20, 2024 |
1040 |
- |
| How to Detect & Prevent Source Code Exfiltration |
Simon Wenet |
Jul. 05, 2023 |
1414 |
- |
| The Importance of EPSS in Vulnerability Prioritization: A Holistic Approach |
Eran Medan |
Mar. 28, 2023 |
628 |
- |
| How to prioritize your backlog of hardcoded secrets |
Nir Valtman |
Jul. 18, 2023 |
1884 |
- |
| What Developers Can Learn from Taylor Swift's Re-recording Strategy |
Nicholas Rodine |
Jun. 12, 2023 |
1107 |
- |
| Adopting Pipelineless Security Solutions for Modern AppSec Programs |
Simon Wenet |
Apr. 10, 2023 |
1465 |
- |
| Minimize AppSec Effort and Maximize AppSec Coverage with Pipelineless Security Scanning |
Nir Valtman |
Jan. 23, 2024 |
1972 |
- |
| Practical Guide for Evaluating Secret Detection Solutions to Fit Modern Software Development |
Nir Valtman |
Jun. 12, 2024 |
2043 |
- |
| Why Secret Scanning Visibility Should Be Free & Understanding Where There is Value |
Mike Doyle |
Jul. 11, 2023 |
1420 |
- |
| Need for AppSec exposed by the ‘ResumeLooters’ SQL Injection & XSS Attacks |
Nir Valtman |
Feb. 13, 2024 |
555 |
- |
| New York Times Data Breach Reveals Secrets & Source Code |
Simon Wenet |
Jul. 10, 2024 |
832 |
- |
| Rabbit r1 Data Breach Again Shows The Dire Need for Improved Secrets Security |
Simon Wenet |
Jun. 28, 2024 |
853 |
- |
| Building an AppSec Program, Powered by Pipelineless Security |
Nir Valtman |
Aug. 20, 2024 |
2644 |
- |
| Time for an Honest Talk About Third-Party Risk Management and Software Composition Analysis (SCA) |
Mark Maney |
Sep. 10, 2024 |
903 |
- |
| Optimizing Code Security: Advanced Strategies in SAST Scanning |
Simon Wenet |
Sep. 17, 2024 |
2199 |
- |
| Implementing SAST Security Policies: Effective Strategies for Application Protection |
Eitam Arad |
Oct. 10, 2024 |
2083 |
- |