Skip to content

Free Trial

Cycode
  • Platform
    • Hardcoded Secrets Detection
      Find existing secrets across your SDLC and block new secrets in pull requests
    • Source Code Leakage Detection
      Identify suspicious behavior and detection proprietary code exposures
    • NextGen SCA – Software Composition Analysis new
      Find all vulnerable dependencies across your entire SDLC with Pipeline Composition Analysis
    • Source Control & CI/CD Security
      Centrally manage governance & security policies across all your DevOps tools
    • SAST – Static Application Security Testing new
      Zero in on vulnerabilities in custom developed code
    • Code Tampering Prevention
      Combine integrity verification, anomaly detection, critical code monitoring & governance
    • Infrastructure as Code Security
      Prevent cloud misconfigurations and apply security standards to Terraform, Kubernetes, & more
  • Resources
  • Blog
  • Company
    • About Us
    • Contact Us
    • Press & Media
    • Careers
  • Log In
  • Book a Demo
  • Free Trial

Hardening SDLC

5 Steps to Protect Code Integrity in Software Pipelines

May 31, 2022April 12, 2022 by Jon Jarboe
5 Steps to Protect Code Integrity in Software Pipelines

Get 5 straightforward steps that any organization can take to harden their pipelines to keep attackers out.

Categories BLOG Tags Code Tampering, Software Supply Chain Security, Hardening SDLC, Governance Leave a comment

Hardening Your SDLC in Response to Lapsus$ Breaches

May 31, 2022March 22, 2022 by Ronen Slavin
Hardening Your SDLC in Response to Lapsus Breaches

Over the last several weeks, Lapsus$ has taken down a who’s who of software development teams: NVIDIA, Samsung, Vodafone, Ubisoft, and Mercado Libre.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Least Privilege Enforcement, Asset Inventory Leave a comment

How We Discovered Vulnerabilities in CI/CD Pipelines of Popular Open-Source Projects

July 8, 2022March 18, 2022 by Alex Ilgayev
Read Now

Cycode discovered critical vulnerabilities in several popular open-source projects, each of which can cause a supply-chain attack through the CI process.

Categories BLOG Tags Software Supply Chain Security, Hardening SDLC, Governance Leave a comment

Cycode Workflows: No-Code Automated Alerting & Remediation

June 8, 2022March 3, 2022 by Tony Loehr
Security Workflows

Cycode workflows allow users to automate security functions such as alerting, ticketing, and remediation that respond directly to triggered violations or vulnerabilities.

Categories BLOG Tags Software Supply Chain Security, Knowledge Graph, Hardening SDLC, Governance Leave a comment

Software Supply Chain Security: Your Attack Surface Is Bigger Than You Think

August 2, 2022February 28, 2022 by Julie Peterson
Software Supply Chain Security and SDLC Attack Vectors

When most organizations approach software supply chain security, too often they think only about securing the open source or third-party dependencies in their code.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Compliance & Frameworks, Software Supply Chain Security, Hardening SDLC, SLSA, NIST SSDF, Governance Leave a comment

Jenkins Security Best Practices

July 8, 2022February 28, 2022 by Alex Ilgayev
Jenkins - Best Security Practices

Jenkins is one of the most well-known tool for creating automation pipelines and integrating them with the rest of your CI/CD tools. It has an active community that has contributed thousands of plugins to extend Jenkins’ core functionality…

Categories BLOG Tags Code Tampering, Software Supply Chain Security, Hardening SDLC, Least Privilege Enforcement Leave a comment

Implementing SLSA Source Requirements to Improve Software Supply Chain Security

June 27, 2022February 24, 2022 by Tony Loehr

SLSA source requirements help mitigate threats originating from source control management. 

Categories BLOG Tags Code Tampering, Compliance & Frameworks, Software Supply Chain Security, Hardening SDLC, Asset Inventory, SLSA Leave a comment

A Secrets Management Maturity Model

March 15, 2022January 14, 2022 by Jon Jarboe
Read More

Maturity models may be a controversial topic, but used properly we believe they can help leaders understand their capabilities and develop a roadmap for improvement.

Categories BLOG Tags Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Governance Leave a comment

Cycode Integration with JFrog Pipelines and Artifactory

May 31, 2022December 31, 2021 by Tony Loehr
Read Now

JFrog and Cycode created an integration that will improve the security of our customers’ digital assets and dependencies.

Categories BLOG Tags IaC Security, Code Tampering, Hardcoded Secrets, Code Leakage, Software Supply Chain Security, Hardening SDLC, Asset Inventory, SLSA Leave a comment

Why Security Teams Consistently Fail to Implement Effective Security Controls Across the SDLC

June 8, 2022May 26, 2022 by Gil Ben-Horin

DevOps has been around for more than a decade…

Tags Software Supply Chain Security, Hardening SDLC, Governance
Post navigation
Older posts
Page1 Page2 Page3 Next →

RELATED CONTENT

  • Security Advisory: IconBurst Attack
  • Multi-functional Threat Coverage: How Cycode handles latest Jenkins plugin vulnerabilities
  • A Strong Foundation of Governance Improves All SDLC Security Initiatives
  • All Roads Lead to Build Secrets – Or How Your Build System Could Expose The Production Environment
  • ISO 27001 Compliance

Recent Comments

    • Platform
      • Hardcoded Secrets Detection
      • Source Code Leakage Detection
      • NextGen SCA – Software Composition Analysis new
      • Source Control & CI/CD Security
      • SAST – Static Application Security Testing new
      • Code Tampering Prevention
      • Infrastructure as Code Security
    • Resource center
      • Resources
      • Blog
    • COMPANY
      • About Us
      • Press & Media
      • Careers
      • Contact Us
    • legal
      • Website Terms of Use
      • Privacy Policy
      • Cookie Policy
      • Status Page

    SIGN UP FOR OUR NEWSLETTER

    By signing up I confirm I have read Cycode's Privacy Policy and agree to receive newsletters and updates from Cycode's blog.

    Copyrights

    © 2022. Cycode Ltd. All Rights Reserved.

    Follow Us:
    © 2022 Cycode • Built with GeneratePress