CI-CD

resource sets from aembit

Announcing Role-Based Resource Sets for Aembit Workload IAM

| | access, CI-CD, Product updates
3 min read https://www.youtube.com/watch?v=QSnJz7X-qLo Today we are pleased to announce Resource Sets, a new capability that allows administrators to group related resources and policies into isolated sets, each with specific role-based access ...
Aembit
🔨

Optimizing CI/CD Security: Best Practices for a Robust Software Delivery Pipeline

| | Automation, Best Practices, CI-CD, programming
5 min read Modern software development accelerates progress but introduces security risks that must be managed to protect organizational integrity and reputation. The post Optimizing CI/CD Security: Best Practices for a Robust ...
Aembit
An Introduction to Aembit and Workload IAM

Aembit Launches Terraform Provider to Enable Infrastructure as Code

| | CI-CD, Engineering, Product updates
3 min read This will enable DevOps teams to better streamline workload access controls, ensuring consistent, secure deployments across environments. The post Aembit Launches Terraform Provider to Enable Infrastructure as Code appeared ...
Aembit
Introducing Aembit Access Management for CI/CD Platforms

Introducing Aembit Access Management for CI/CD Platforms

| | access, CI-CD, Product updates, security, service accounts, workloads
4 min read Our identity federation capability better secures and streamlines CI/CD workflows, like in GitHub Actions and GitLab, with short-lived, secretless credentials. The post Introducing Aembit Access Management for CI/CD Platforms ...
Aembit
Case Study: How Lightspeed ensures full security compliance with Escape

Case Study: How Lightspeed ensures full security compliance with Escape

| | API Inventory, case-study, CI-CD, shift left
Discover how Lightspeed, the unified point of sale and payments platform, maintains security compliance, and explore its API security challenges ...
Escape - The API Security Blog

The Secure Java Developer’s Toolkit

| | CI-CD, Java, Java Developer, repositories, SecureChain for Java, supply chain
Java remains one of the most popular and widely-used programming languages. It’s not just about writing and running Java programs, though. A typical Java developer working in Linux has an entire ecosystem ...
TuxCare
Case Study: How Escape enhanced Shine's application security

Case Study: How Escape enhanced Shine’s application security

| | API Inventory, case-study, CI-CD, shift left
Discover how Shine, an online banking for professionals, enhanced API security. Explore their challenges and the transformative impact of Escape ...
Escape - The API Security Blog
Long Live the Pwn Request: Hacking Microsoft GitHub Repositories and More

Long Live the Pwn Request: Hacking Microsoft GitHub Repositories and More

| | CI-CD, corporate security, Offensive Security, pwn request, supply chain
Software supply chain attacks have been increasing both in frequency and severity in recent months. In response to these attacks, the CISA has even released a cybersecurity information sheet (CSI) on how ...
Blog - Praetorian
Announcing Gato Version 1.5!

Announcing Gato Version 1.5!

| | CI-CD, corporate security, Gato, Labs, open source, Tools & Techniques, Uncategorized
On January 21, 2023 at ShmooCon 2023, Praetorian open-sourced Gato (Github Attack Toolkit), a first of its kind tool that focuses on abusing offensive TTPs targeting self-hosted GitHub Actions Runners. Since then, ...
Blog - Praetorian
Praetorian GitHub Attack Toolkit (GATO) Demo

Phantom of the Pipeline: Abusing Self-Hosted CI/CD Runners

| | CI-CD, corporate security, Gato, GitHub Runners, open source, Red Team, Red Teaming, Tools & Techniques
Introduction Throughout numerous Red Teams in 2022, a common theme of Source Control Supply Chain attacks in GitHub repositories has emerged. After many hours manually hunting for and exploiting these attack paths, ...
Blog - Praetorian
Load more