Dispatches from the AppSec Frontlines
By signing up I confirm I have read Cycode's Privacy Policy and agree to receive newsletters and updates from Cycode's blog
-
July 11, 2022 8 min read
Security Advisory: IconBurst Attack
The IconBurst attack is a software supply chain attack designed to grab data from apps and websites. This attack campaign seeks to install malicious NPM modules that harvest sensitive data from forms embedded in mobile applications and websites...
-
July 5, 2022 5 min read
Multi-functional Threat Coverage: How Cycode handles latest Jenkins plugin vulnerabilities
Jenkins security team announced 34 security...
-
June 28, 2022 14 min read
A Strong Foundation of Governance Improves All SDLC Security Initiatives
The innovation of DevOps toolchains has delivered...
-
June 28, 2022 28 min read
All Roads Lead to Build Secrets – Or How Your Build System Could Expose The Production Environment
Every software manufacturer nowadays implements...
-
June 16, 2022 13 min read
ISO 27001 Compliance
CrateDepression is a software supply chain attack designed to target GitLab CI Pipelines by impersonating legitimate Rust...
-
June 15, 2022 10 min read
5 Reasons Why Achieving Compliance in the SDLC Is Challenging for AppSec Teams
Compliance isn’t a sexy topic, but it’s often...
-
June 1, 2022 14 min read
TypoSquatting, RepoJacking, and Domain Takeover – The Story of the Recent Attacks
We’ve had a busy month in terms of software...
-
May 22, 2022 5 min read
Security Advisory: CrateDepression
CrateDepression is a software supply chain attack designed to target GitLab CI Pipelines by impersonating legitimate Rust...
-
May 20, 2022 24 min read
PCI DSS Compliance Requirements
PCI DSS is a strict compliance standard, especially with respect to penalties. The potential costs of a security breach...
-
May 10, 2022 17 min read
Cycode Recognized as a Cool Vendor in Recent Gartner® Report
Gartner recognized Cycode as a Cool Vendor in the...
-
May 4, 2022 21 min read
DevSecOps Tools: How Security Tools Improve DevOps Velocity
To support effective DevSecOps operations, organizations should consider the following difficulties in enforcing security within...
-
April 28, 2022 15 min read
The Real Cost of a Source Code Leak
If source code falls into the hands of malicious actors, the repercussions can be...
-
April 20, 2022 12 min read
SOC 2 Type II Compliance
SOC 2 Type II is prescribed to organizations handling sensitive information to verify the safe handling of precious...
Ready to get started?
We'll connect you with a Cycode expert who can share more about the product and answer any questions you have Book a Demo