New JIRA Integration Capabilities in Cycode: Keep Track of Your Tickets with Ease
At Cycode, we always strive to make your application security workflows more efficient and effective…
BLOG
Making Sense of SBOMs: The Minimum Requirements
The National Telecommunications and Information Administration (NTIA), under the guidance of the US Department of Commerce, recently released a white paper…
Making Sense of the software bill of materials (SBOM): The Basics
Even though Software Bills of Materials (SBOMs) have been around for about 10 years, they have recently gained a lot of buzz in the software industry. This blog explores…
Cycode and AWS Collaborate on a 3-Part Series of Videos: Navigating the Complexities of Securing CI/CD Pipelines
In the fast-paced world of software development…
Introducing Container Secret Scanning
While many developers understand the risks associated with hardcoding credentials into code, when it comes to containers, understanding that risk is the exception, not the rule. As a result, it’s not uncommon for developers to hardcode secrets into container images…
Cycode Discovers a Vulnerability in GitHub API Authorization – CVE-2022-46258
Cycode Labs discovered a vulnerability in Github’s API in which GitHub Actions workflows …
The Overlooked Secret: Cycode Expands Secrets Detection Capabilities
With whole workplaces moving to remote working after the pandemic disruption, Slack’s popularity has soared…
Detecting and Mitigating Source Code Compromise in the Wake of the CircleCI Incident
On January 4th, 2023, CircleCI reported a data breach that…
Don’t Let Hardcoded Secrets Compromise Your Security: 4 Effective Remediation Techniques
Hardcoded secrets in your code are a security risk. If these secrets are accidentally made public…
Security Advisory: CircleCI Security Breach
CircleCI was breached. If you are using this tool immediately rotate all stored secrets and environment variables in CircleCI. These secrets are the holy grail for attackers targeting CI…