Code Tampering

Implementing SLSA Source Requirements to Improve Software Supply Chain Security

December 18, 2025February 24, 2022 by Tony Loehr

SLSA source requirements help mitigate threats originating from source control management.

Cycode Integration with JFrog Pipelines and Artifactory

August 11, 2025December 31, 2021 by Tony Loehr

JFrog and Cycode created an integration that will improve the security of our customers’ digital assets and dependencies.

Google SLSA Framework: Key Takeaways

September 28, 2025November 10, 2021 by Tony Loehr

In light of recent, multi-billion dollar cyber attacks, Google has introduced a framework to help developers improve software supply chain security. This proposed solution is…

Understanding the Trojan Source Attack and How to Defend Against It

March 31, 2026November 5, 2021 by Orion Cassetto

There’s little doubt that 2021 has been the year of the software supply chain attack, with many notable breaches that include Solarwinds…

8 Infrastructure as Code (IaC) Best Practices for Security

August 31, 2025October 7, 2021 by Tony Loehr

Infrastructure as Code (IaC) is a rapidly growing technique of provisioning infrastructure with software, utilizing software…

Why Developers are Hackers’ New Targets (and What to do About it)

January 4, 2026August 3, 2021 by Orion Cassetto

Compromised credentials are a tried-and-true tactic for hackers looking to gain access to secured systems, including personal accounts, corporate networks, SaaS applications and even development environments.

Vendor vs. Developer: Codecov Lessons on AppSec Responsibility

February 18, 2024June 10, 2021 by Ilia Shkolyar

The Codecov breach is an example of a classic software supply chain attack, in which attackers gain organization access by compromising 3rd…

Exploring the Chainjacking Attack

June 20, 2024December 7, 2021 by Tony Loehr

Several forms of supply chain attack have recently emerged that allow for attackers to insert themselves between developers and the dependencies they utilize.

How to Setup Branch Protection Rules in Azure DevOps

November 30, 2025May 26, 2021 by Tomer Almog

Branch protection rules are a crucial part of securing source control management systems. Branch protection rules enable administrators…

The Codecov Breach – Development Infrastructure is the Weakest Link & its Now Rapidly Being Exploited

April 3, 2024April 20, 2021 by Amnon Even-Zohar

On April 15th, Codecov disclosed a major breach when an attacker compromised its infrastructure allowing to export sensitive information like…

Start Securing the 10x Developer TodayDiscover the power of Cycode for your team.

Start Securing the 10x Developer Today
Discover the power of Cycode for your team.