Skip to content

Free Trial

Cycode
  • Platform
    • Hardcoded Secrets Detection
      Find existing secrets across your SDLC and block new secrets in pull requests
    • Source Code Leakage Detection
      Identify suspicious behavior and detection proprietary code exposures
    • NextGen SCA – Software Composition Analysis new
      Find all vulnerable dependencies across your entire SDLC with Pipeline Composition Analysis
    • Source Control & CI/CD Security
      Centrally manage governance & security policies across all your DevOps tools
    • SAST – Static Application Security Testing new
      Zero in on vulnerabilities in custom developed code
    • Code Tampering Prevention
      Combine integrity verification, anomaly detection, critical code monitoring & governance
    • Infrastructure as Code Security
      Prevent cloud misconfigurations and apply security standards to Terraform, Kubernetes, & more
  • Resources
  • Blog
  • Company
    • About Us
    • Contact Us
    • Press & Media
    • Careers
  • Log In
  • Book a Demo
  • Free Trial

Hardcoded Secrets

Hardening Your SDLC in Response to Lapsus$ Breaches

May 31, 2022March 22, 2022 by Ronen Slavin
Hardening Your SDLC in Response to Lapsus Breaches

Over the last several weeks, Lapsus$ has taken down a who’s who of software development teams: NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Least Privilege Enforcement, Asset Inventory Leave a comment

Using the Principle of Least Privilege for Maximum Security

August 8, 2022March 10, 2022 by Tony Loehr
Privilege, Maximum Security

It’s a simple concept, so why doesn’t every organization enforce the principle of least privilege?

Categories BLOG Tags IaC Security, Hardcoded Secrets, Compliance & Frameworks, Software Supply Chain Security, Least Privilege Enforcement Leave a comment

How To Prevent AWS S3 Bucket Misconfigurations

June 9, 2022March 1, 2022 by Tony Loehr

WS S3 misconfigurations account for 16% of cloud security breaches. To avoid suffering a breach because of an AWS S3 bucket misconfiguration, it is imperative to implement best practices.

Categories BLOG Tags IaC Security, Hardcoded Secrets, Software Supply Chain Security, Governance Leave a comment

Software Supply Chain Security: Your Attack Surface Is Bigger Than You Think

August 2, 2022February 28, 2022 by Julie Peterson
Software Supply Chain Security and SDLC Attack Vectors

When most organizations approach software supply chain security, too often they think only about securing the open source or third-party dependencies in their code.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Compliance & Frameworks, Software Supply Chain Security, Hardening SDLC, SLSA, NIST SSDF, Governance Leave a comment

A Secrets Management Maturity Model

March 15, 2022January 14, 2022 by Jon Jarboe
Read More

Maturity models may be a controversial topic, but used properly we believe they can help leaders understand their capabilities and develop a roadmap for improvement.

Categories BLOG Tags Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Governance Leave a comment

Cycode Integration with JFrog Pipelines and Artifactory

May 31, 2022December 31, 2021 by Tony Loehr
Read Now

JFrog and Cycode created an integration that will improve the security of our customers’ digital assets and dependencies.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Asset Inventory, SLSA Leave a comment

AWS CloudFormation Security: 8 Best Practices

July 8, 2022November 17, 2021 by Tony Loehr
AWS cloudformation security

AWS CloudFormation gives organizations the ability to easily manage a collection of AWS resources by automating the initialization, provisioning, and…

Categories BLOG Tags IaC Security, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Least Privilege Enforcement, Governance Leave a comment

Secrets Management and DevOps: A Risk-based Approach to Eliminating Hardcoded Secrets

June 2, 2022January 23, 2022 by cycode
Download Now

In some of the more recent high-profile…

Tags Hardcoded Secrets

7 Terraform Security Best Practices

March 15, 2022November 2, 2021 by Tony Loehr
Cover Image

Terraform, developed by Hashicorp, is an infrastructure as code (IaC) framework that allows for declarative resource provisioning…

Categories BLOG Tags IaC Security, Hardcoded Secrets, Software Supply Chain Security, Governance Leave a comment

8 Infrastructure as Code (IaC) Best Practices for Security

August 12, 2022October 7, 2021 by Tony Loehr
Cover Image

Infrastructure as Code (IaC) is a rapidly growing technique of provisioning infrastructure with software, utilizing software…

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Least Privilege Enforcement, Governance Leave a comment
Post navigation
Older posts
Page1 Page2 Next →

RELATED CONTENT

  • Security Advisory: IconBurst Attack
  • Multi-functional Threat Coverage: How Cycode handles latest Jenkins plugin vulnerabilities
  • A Strong Foundation of Governance Improves All SDLC Security Initiatives
  • All Roads Lead to Build Secrets – Or How Your Build System Could Expose The Production Environment
  • ISO 27001 Compliance

Recent Comments

    • Platform
      • Hardcoded Secrets Detection
      • Source Code Leakage Detection
      • NextGen SCA – Software Composition Analysis new
      • Source Control & CI/CD Security
      • SAST – Static Application Security Testing new
      • Code Tampering Prevention
      • Infrastructure as Code Security
    • Resource center
      • Resources
      • Blog
    • COMPANY
      • About Us
      • Press & Media
      • Careers
      • Contact Us
    • legal
      • Website Terms of Use
      • Privacy Policy
      • Cookie Policy
      • Status Page

    SIGN UP FOR OUR NEWSLETTER

    By signing up I confirm I have read Cycode's Privacy Policy and agree to receive newsletters and updates from Cycode's blog.

    Copyrights

    © 2022. Cycode Ltd. All Rights Reserved.

    Follow Us:
    © 2022 Cycode • Built with GeneratePress