Blog

Dispatches from the
AppSec Frontlines

Sharing insights and experiences solving
modern development infrastructure security challenges.

April 20, 2021 11 min read

The Codecov Breach - Development Infrastructure is the Weakest Link & its Now Rapidly Being Exploited

On April 15th, Codecov disclosed a major breach when an attacker compromised its infrastructure allowing to export sensitive information like tokens ...

Amnon Even-Zohar
February 18, 2021 9 min read

ESLint: Compromising the Build using Supply Chain Attack

Amnon Even-Zohar
January 31, 2021 9 min read

A Unique Supply Chain Attack: The 2020 Sawfish

Amnon Even-Zohar
January 12, 2021 8 min read

Beyond SolarWinds: The “Octopus Scanner” Supply Chain Attack

Amnon Even-Zohar
January 4, 2021 10 min read

Why Microsoft’s Latest SolarWinds Admission Can’t Be Ignored

Andrew Fife
December 15, 2020 13 min read

Six AppSec Learnings from SolarWinds

Ronen Slavin
September 9, 2020 11 min read

Why You Need to Know SAMM

Ronen Slavin
September 1, 2020 15 min read

Security Best Practices for Azure DevOps

Ronen Slavin
August 5, 2020 10 min read

How to Setup Branch Protection Rules

Tomer Almog
July 23, 2020 13 min read

GitHub Permissions for Maximum Security

ilia Shkolyar
July 14, 2020 9 min read

Keeping Your Secrets Safe

Maor Davidzon
June 26, 2020 6 min read

Are We Making It Too Easy To Leak Our Source Code?

Lior Levy
June 9, 2020 8 min read

The Bad Coding Habits That Leave Your Source Code Exposed

Ronen Slavin

We'll connect you with a Cycode expert who can share
more about the product and answer any questions you have