BLOG
Webinar in Review: Generative AI and Hardcoded Secrets
On July 26th, Cycode hosted a webinar to discuss the burgeoning use of AI and Large Language Models (LLMs) in generating code. We explored the intersection…
Understanding Software Bill of Materials (SBOM): Enhancing Transparency and Security in Software Supply Chains
We will explore the background of SBOM and SLSA compliance by reviewing the executive order. Then, we will explain what…
The JumpCloud Attack: What We Know So Far
In a recent cybersecurity incident, North Korean hackers targeted JumpCloud, an enterprise software company. Mandiant, CrowdStrike and SentinelOne attributed the breach…
VS Code’s Token Security: Keeping Your Secrets… Not So Secretly
This is the full story of the vulnerability we have discovered within Visual Studio Code (VS Code) concerning the handling of secure token storage. While designed for isolated storage for each extension, this vulnerability presents…
How to Achieve SLSA Compliance in Azure Pipelines
We are excited to announce the release of a powerful tool designed to help companies achieve SLSA (Supply Chain Levels for Software Artifacts) compliance …
Cycode Launches Enhanced Secret Validation Capabilities as part of its Secrets Detection module
In the world of DevOps and cybersecurity, secrets like API keys, tokens, or passwords maintain the functionality…
Plugging Gerrit Security Gaps with Cycode
Gerrit is a well-regarded, free code collaboration tool, primarily used for team code review. Its excellent integration with…
How to Mitigate the 6 Threats on your CI/CD Environment Listed in CISA & NSA CSI
Continuous Integration and Continuous Deployment (CI/CD) environments are integral to the modern…