Tag: CI/CD
-
JetBrains TeamCity supply chain bug, servers still unpatched and vulnerable
EXECUTIVE SUMMARY: Security experts have warned that cyber criminals are exploiting a critical TeamCity vulnerability en …
-
Integrating software supply chain security in DevSecOps CI/CD pipelines
NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help …
-
CI/CD at Risk as Exploits Released For Critical Jenkins Bug
Software developers have been told to urgently patch their Jenkins servers after exploits were published for a new critical vulnerability …
-
Supply chain attacks possible with TensorFlow CI/CD misconfigurations
TensorFlow instances on GitHub and PyPi could have been subjected to supply chain attacks involving the exploitation of continuous …
-
TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning …
-
CI/CD in the Cloud: A 2024 Guide
CI/CD, or Continuous Integration and Continuous Delivery, is a methodology that revolutionized software development. It emphasizes regular, …
-
Novel CI/CD attack could prompt widespread supply chain compromise
Significant supply chain compromise could be conducted against major IT and cryptocurrency organizations through a novel continuous …
-
CI/CD Security: Advanced Best Practices to Secure Your Pipelines
Continuous Integration and Continuous Delivery (CI/CD) security has become crucial to modern software development practices. As the speed …
-
A Guide to Implementing Shift Left Strategies for Enhanced Cyber Resilience
In the ever-evolving landscape of cybersecurity, organizations are increasingly recognizing the imperative to fortify their defenses early …
-
CI/CD Risks: Protecting Your Software Development Pipelines
Have you heard about Dependabot? If not, just ask any developer around you, and they’ll likely rave about how it has revolutionized the …
-
Raven: Open-source CI/CD Pipeline Vulnerability Scanner Tool
Raven stands for Risk Analysis and Vulnerability Enumeration for CI/CD Pipeline Security, and it is now available as an open-source tool on …
-
Raven: Open-source CI/CD pipeline security scanner
Raven (Risk Analysis and Vulnerability Enumeration for CI/CD) is an open-source CI/CD pipeline security scanner that makes hidden risks …
●●●