NEW Gartner® Report: Hype Cycle™ for Application Security, 2023

Download Now
Platform
header mobile nav icon
Platform
warranty-badge-highlight 1
Software Supply Chain Security

dashboard-3 1
Application Security Control Plane

cloud-data-transfer 1
Code To Cloud Traceability

shield-check 1
Compliance & SBOM

Customers Company
header mobile nav icon
Company
book icon primary 200
About Us

briefcase icon primary 200
Careers

message icon primary 200
News

calendar icon primary 200
Events

Resources
header mobile nav icon
Resources
squared pencil icon primary 200
Blog

bookmark icon primary 200
Resource Library

brackets icon primary 200
Open Source

Contact Us
image of blog Tor Beer

Tor Beer

Showing all posts by Tor Beer

Legit Security | Our team investigated how sensitive information can get exposed via SDLC tools that may be used as part of your development pipeline.

Exposing Secrets Via SDLC Tools: The Artifactory Case

Our team investigated how sensitive information can get exposed via SDLC tools that may be used as part of your development pipeline.

Read More
Legit Security | We investigate how sensitive information can get exposed via AppSec tools that you use in your dev pipeline, using the SonarQube Case.
Threats

Exposing Secrets Via SDLC Tools: The SonarQube Case

We investigate how sensitive information can get exposed via AppSec tools that you use in your dev pipeline, using the SonarQube Case.

Read More
We explore a vulnerability we found in a popular implementation of the markdown engine and the potential Denial-of-Service (DoS) attack that it could cause on projects rendering markdown.
Legit Threats

The MarkdownTime Vulnerability: How to Avoid This DoS Attack on Business Critical Services

We explore a vulnerability we found in a popular implementation of the markdown engine and the potential Denial-of-Service (DoS) attack that it could cause on projects rendering markdown.

Read More
Earlier today, Stephan Lacy published a Twitter post about a massive attack on GitHub. Even though later it was understood that none of the original GitHub repositories was infected, the attack attempt is a huge deal.
Threats SCMs

Breaking News: How a Massive Malware Attack Almost Occurred on GitHub

Earlier today, Stephan Lacy published a Twitter post about a massive attack on GitHub. Even though later it was understood that none of the original GitHub repositories was infected, the attack attempt is a huge deal.

Read More
Create a Secure Software Supply Chain in 10 Easy Steps In today’s age of security breaches, it’s more important than ever to create a secure software supply chain. Follow these 10 easy steps to keep your business safe.
CISO Best Practices

How to Secure Your Software Supply Chain in 10 Steps

Create a Secure Software Supply Chain in 10 Easy Steps In today’s age of security breaches, it’s more important than ever to create a secure software supply chain. Follow these 10 easy steps to keep your business safe.

Read More
On April 1st, GitLab announced Critical Security Release CVE-2022-1162, disclosing a very bizarre vulnerability and illustrating some important lessons in securing a software supply chain.
Threats SCMs

A Cautionary Tale: The Untold Story of the GitLab CVE Backdoor (CVE-2022-1162)

On April 1st, GitLab announced Critical Security Release CVE-2022-1162, disclosing a very bizarre vulnerability and illustrating some important lessons in securing a software supply chain.

Read More

Schedule a Demo

Book a demo including the option to analyze your own software supply chain.

Book a Demo