How to Use GitHub Actions Environment Variables and Secrets
Today we show you how to use GitHub Actions Environment Variables and Secrets!
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Git
Securing the Supply Chain - Automating our Way Out of Security Whack-a-Mole
Open-source components forever changed how we build software, but they are also a prominent security threat, nothing illustrated this better than the recent XZ library incident where the world narrowly avoided a massive supply chain attack. Join Gene Gotimer and Mackenzie Jackson to discuss how we can keep our open-source supply chains secure as we discuss: Security implications of vulnerable open-source components How using automation can help us move toward a secure supply chain How to discover and detect vulnerable components.
Open-Source Software Security
Open-source software security is crucial in today's cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in this in-depth blog post.
Introducing GitGuardian's Advanced Jira Cloud integration
Speed up your remediation workflow with GitGuardian's new Advanced Jira Cloud integration: Users have already been able to manually open Jira tickets from the incident view in the dashboard. Now, you can configure GitGuardian to create a new Jira ticket to track any needed development efforts. You can also configure the Jira tickets to resolve an incident in GitGuardian when a specific status is reached. It will mark the associated incident as Resolved so you can stay focused on other work.
Insights from HackSpaceCon 2024: Navigating Cybersecurity Challenges Ahead
Dive into our highlights from HackSpaceCon 2024, covering red teaming, AI, and securing critical infrastructure to prepare for ever-evolving cyber threats.
Secure-by-Design Software in DevSecOps
In this new series, CJ May shares his expertise in implementing secure-by-design software processes. The second part of his DevSecOps program is all about implementing secure-by-design software pipelines.
How To Put A Project On GitHub: Best Practices
When you set up a new project on GitHub, the initial steps lay the groundwork for its future development, collaboration, and maintenance. It’s like laying down the first stone of a building. We have prepared a concise guide for starting your project effectively.
Why Understanding Your Open Source Licenses Matters
Fully understanding open-source licenses is crucial for your projects and organization. Let's look at where these licenses come from and how they can impact your applications.
Understanding AI Package Hallucination: The latest dependency security threat
In this video, we explore AI package Hallucination. This threat is a result of AI generation tools hallucinating open-source packages or libraries that don't exist. In this video, we explore why this happens and show a demo of ChatGPT creating multiple packages that don't exist. We also explain why this is a prominent threat and how malicious hackers could harness this new vulnerability for evil. It is the next evolution of Typo Squatting.
Early Lessons from the Sisense Breach
Business intelligence company Sisense has seen secrets compromised in its GitLab repositories, leading to a siphoning of its customers' sensitive data.