Blog

Dispatches from the
AppSec Frontlines

Sharing insights and experiences solving
modern development infrastructure security challenges.

October 21, 2021 21 min read

8 Best Practices to Improve Kubernetes Security

Tony Loehr
October 7, 2021 17 min read

8 Best Practices for Securing Infrastructure as Code

Tony Loehr
August 3, 2021 12 min read

Why Developers are Hackers’ New Targets (and What to do About it)

Orion Cassetto
June 10, 2021 21 min read

Vendor vs. Developer: Codecov Lessons on AppSec Responsibility

Ilia Shkolyar
May 26, 2021 8 min read

How to Setup Branch Protection Rules in Azure DevOps

Tomer Almog
April 20, 2021 11 min read

The Codecov Breach – Development Infrastructure is the Weakest Link & its Now Rapidly Being Exploited

Amnon Even-Zohar
February 18, 2021 9 min read

ESLint: Compromising the Build using Supply Chain Attack

Amnon Even-Zohar
January 31, 2021 9 min read

A Unique Supply Chain Attack: The 2020 Sawfish

Amnon Even-Zohar
January 12, 2021 8 min read

Beyond SolarWinds: The “Octopus Scanner” Supply Chain Attack

Amnon Even-Zohar
January 4, 2021 10 min read

Why Microsoft’s Latest SolarWinds Admission Can’t Be Ignored

Andrew Fife
December 15, 2020 13 min read

Six AppSec Learnings from SolarWinds

Ronen Slavin
September 9, 2020 11 min read

Why You Need to Know SAMM

Ronen Slavin
September 1, 2020 15 min read

Security Best Practices for Azure DevOps

Ronen Slavin

Load More

Getting Started Is Easy

We'll connect you with a Cycode expert who can share
more about the product and answer any questions you have