Legit Security Blog

Breaking News: How a Massive Malware Attack Almost Occurred on GitHub

Earlier today, Stephen Lacy published a Twitter post about a massive attack attempt on GitHub. This attack attempt is a huge deal, but fortunately it seems the attack was prevented from being successful and no GitHub repositories appear to be...

Read More

How to Secure Your Software Supply Chain in 10 Steps

A software supply chain is the list of components, libraries, and tools used to build a software application. Software vendors often create products...

Read More

A Complete Guide to the Secure Software Development Lifecycle (SDLC)

Development teams already work in a very methodical repeating process – the Software Development Lifecycle (SDLC) – and a huge opportunity exists to...

Read More

Vulnerable GitHub Actions Workflow Part 3: Google Firebase & Apache Found Vulnerable to Environment Abuse

In this 3rd blog post in the series, we'll discuss vulnerable GitHub Actions workflows we've found that affect top-tier open-source repositories such...

Read More

Secure SDLC: The Best Advice for Securing Your Code and Application Data in 2022 and Beyond

The principles of data security are pretty simple, although organizations have a tendency to short cut them in their SDLCs. Data security is defined...

Read More

Securing GitHub: How to Keep Your Code and Pipelines Safe from Hackers

GitHub is one of the most widely used software development platforms. You’d be hard-pressed to find a developer or a business that has never used or...

Read More

The Open Source Community And Its Critical Role in Software Supply Chain Security

As we head to the Open Source Summit conference next week, we wanted to discuss our contributions to the open source community, why we invest so much...

Read More

A 10-Step Application Security Risk Assessment Checklist

An application security risk assessment is a process of identifying, assessing, and managing the potential risks to an application. Not only does...

Read More

GitHub Security Best Practices Your Team Should Be Following

GitHub can be configured to be fairly robust against security breaches. It has various security features and settings that enhance the safety of its...

Read More

How to Use DevOps Security Tools to Protect Your Business

DevOps is a practice used to deliver software and services faster. As more businesses adopt DevOps, they are also adopting DevOps security tools to...

Read More

Stay Connected

 Please join our mailing list for future updates and announcements.