-
October 27, 2021
Integrating Infrastructure as Code Security into Developer Workflows
Over the last decade or so, developers have shifted from provisioning infrastructure by way of IT teams and ticketing systems...
-
April 20, 2021
The Codecov Breach – Development Infrastructure is the Weakest Link & its Now Rapidly Being Exploited
On April 15th, Codecov disclosed a major breach when an attacker compromised its infrastructure allowing to export sensitive information like...
-
February 18, 2021
ESLint: Compromising the Build using Supply Chain Attack
A supply-chain attack is an indirect attack which targets the tools, automatic software updates or supply chain in general, in...
-
January 31, 2021
A Unique Supply Chain Attack: The 2020 Sawfish
For attackers targeting technology businesses, the goal is often stealing intellectual property and other data, which can either be sold...
-
January 12, 2021
Beyond SolarWinds: The “Octopus Scanner” Supply Chain Attack
The SolarWinds exploit and subsequent breaches unfolding appears to be an incredibly sophisticated supply chain attack. Not only was SolarWinds...