This week's articles
Pin GitHub Actions
Still, only 2% of GitHub repositories pins an Action to a full length commit SHA.
#ci/cd
#defend
Working as unexpected
A "working as intended" branch protection bypass that allows for protected credential exfiltration.
#attack
#ci/cd
What happened to RASP?
Wasn't RASP supposed to save us? This post walks through the history and challenge of the RASP market, and looks at whether the new ADR acronym will bring any better luck.
#defend
#strategy
|