Announcing New Legit Prevention Capabilities!  Click to read more -->

Blog Contact Us Sign In
Platform
Platform - ASPM Iconx
Application Security Posture Management (ASPM)
Platform - Secrets Detection & Prevention
Secrets Detection & Prevention
Platform - Continuous Compliance and SBOM Icon
Continuous Compliance and SBOM
Platform - Software Supply Chain Security SSCS Icon
Software Supply Chain Security (SSCS)
Platform - AI Security Posture Management (AI-SPM) Icon
AI Security Posture Management (AI-SPM)
Platform - AppSec Vulnerability Management Icon
AppSec Vulnerability Management
Integrations
Why Legit
Why Legit - Customers Icon
Customers
Resources
header mobile nav icon
Resources
Resources - Blog Icon
Blog
Resources - Resource Library Icon
Resource Library
Resources - Open Source with Legitify Icon
Open Source w/ Legitify
Resources - Events Icon
Events
Company - About Legit Icon 2
ASPM Knowledge Base
Company
Company - Partners Icon
Partners
Company - About Legit Icon 2
About Legit
Company - Press Releases Icon 1
Press Releases
Company - In the News Icon
In the News
Company - Careers Icon
Careers
image of blog Tor Beer

Tor Beer

Showing all posts by Tor Beer

Legit Security | Our team investigated how sensitive information can get exposed via SDLC tools that may be used as part of your development pipeline.
Best Practices Legit Threats

Exposing Secrets Via SDLC Tools: The Artifactory Case

February 28, 2023

Our team investigated how sensitive information can get exposed via SDLC tools that may be used as part of your development pipeline.

Read More
Legit Security | We investigate how sensitive information can get exposed via AppSec tools that you use in your dev pipeline, using the SonarQube Case.
Threats

Exposing Secrets Via SDLC Tools: The SonarQube Case

January 19, 2023

We investigate how sensitive information can get exposed via AppSec tools that you use in your dev pipeline, using the SonarQube Case.

Read More
Explore our findings on a common markdown syntax vulnerability and its potential to cause Denial-of-Service (DoS) attacks.
Legit Threats

The MarkdownTime Vulnerability: How to Avoid DoS Attack on Business

January 18, 2023

Explore our findings on a common markdown syntax vulnerability and its potential to cause Denial-of-Service (DoS) attacks.

Read More
Earlier today, Stephan Lacy published a Twitter post about a massive attack on GitHub. Even though later it was understood that none of the original GitHub repositories was infected, the attack attempt is a huge deal.
Threats SCMs

Breaking News: How a Massive Malware Attack Almost Occurred on GitHub

August 03, 2022

Earlier today, Stephan Lacy published a Twitter post about a massive attack on GitHub. Even though later it was understood that none of the original GitHub repositories was infected, the attack attempt is a huge deal.

Read More
Create a Secure Software Supply Chain in 10 Easy Steps In today’s age of security breaches, it’s more important than ever to create a secure software supply chain. Follow these 10 easy steps to keep your business safe.
CISO Best Practices

How to Secure Your Software Supply Chain in 10 Steps

August 02, 2022

Create a Secure Software Supply Chain in 10 Easy Steps In today’s age of security breaches, it’s more important than ever to create a secure software supply chain. Follow these 10 easy steps to keep your business safe.

Read More
On April 1st, GitLab announced Critical Security Release CVE-2022-1162, disclosing a very bizarre vulnerability and illustrating some important lessons in securing a software supply chain.
Threats SCMs

A Cautionary Tale: The Untold Story of the GitLab CVE Backdoor (CVE-2022-1162)

April 06, 2022

On April 1st, GitLab announced Critical Security Release CVE-2022-1162, disclosing a very bizarre vulnerability and illustrating some important lessons in securing a software supply chain.

Read More

Request a Demo

Request a demo including the option to analyze your own software supply chain.

Request a Demo