Application Security Accelerated Archives

SCA: Securing Modern SDLCs with Pipeline Composition Analysis

The first incarnation of software composition analysis (SCA) technologies came out in 2002 when dependencies were a relatively…

Software Bill of Materials (SBOMs): A Practical Guide to Implementing NIST/CISA’s SBOM Requirements

Google SLSA & NIST SSDF: Emerging Software Supply Chain Security Best Practices

The severity and frequency of software supply chain attacks have increased significantly…

Effectively Tackling Hardcoded Secrets With A Secret Management Maturity Model

Hard coding secrets – usernames, passwords, tokens, API keys, and more – is a risky practice that’s been around for as long as developers have been writing code….

Why Security Teams Consistently Fail to Implement Effective Security Controls Across the SDLC

DevOps has been around for more than a…

GitHub Actions & Code Injection: Avoiding Vulnerable Configurations

As part of our research of the GitHub Actions security landscape, we discovered that in writing a perfectly secure GitHub Actions workflow, several pitfalls could cause severe security consequences…

Start Securing the 10x Developer TodayDiscover the power of Cycode for your team.

Start Securing the 10x Developer Today
Discover the power of Cycode for your team.