Roy Blit

1 min read

New Techniques Attackers Are Using to Harvest Your Secrets

Toyota Motor Corporation recently suffered a data breach due to a mistakenly exposed access key on GitHub. That hardcoded access key evaded detection for five years! This news joined a long line of headlines about the damage caused by hardcoding...

Read More

Legitify adds support for GitLab and GitHub Enterprise Server

We encounter security incidents on a weekly basis with prospective customers that involve pipeline manipulation, code theft, and sensitive data...

Read More

1 min read

Critical and Time Sensitive OpenSSL Vulnerability - The Race Between Attackers and Defenders

Update: On November 1st the OpenSSL project maintainers released their fix for the vulnerabilities. There were two vulnerabilities discovered. After...

Read More

Introducing Legitify: A Better Way To Secure GitHub

We’re pleased to announce the launch of Legitify – an open-source security tool for GitHub users to automatically discover and remediate insecure...

Read More

GitHub Security Best Practices Your Team Should Be Following

Configuring security in GitHub correctly can offer strong protection against breaches related to application vulnerabilities. The platform comes with...

Read More

Latest GitHub OAuth Tokens Attack Explained and How to Protect Yourself

On Friday April 15, GitHub Security announced it had detected the compromise of OAuth access tokens issued to Heroku and Travis-CI integrations to...

Read More

What Is SLSA? SLSA Explained In 5 Minutes

You’ve probably heard that software supply chain attacks are increasing rapidly and that the damage can be devastating. Both business and security...

Read More

Stay Connected

 Please join our mailing list for future updates and announcements.