January 5, 2024 at 05:27AM The text emphasizes the importance of effectively managing exposed secrets within an organization’s source code to prevent unauthorized access and data breaches. It outlines the key factors in addressing exposed secrets, such as classification, understanding the scope of exposure, identifying root causes, and leveraging technology for effective secrets management. It … Read more
November 14, 2023 at 01:46PM Microsoft has addressed a critical security vulnerability in Azure CLI that could allow attackers to steal credentials from GitHub Actions or Azure DevOps logs. The bug, identified as CVE-2023-36052, enables unauthenticated attackers to access plain text contents written by Azure CLI to CI/CD logs. Microsoft advises users to update to … Read more
November 13, 2023 at 03:04AM The cybersecurity industry focuses on developing new tools to address security challenges, but the most common cause of incidents remains process errors. According to a survey, 33% of security incidents are due to process errors, and 55% of security tools are not actively managed. Process mining for cybersecurity is proposed … Read more
October 19, 2023 at 01:03PM Setting up a CI/CD pipeline comes with several challenges, but there are strategies to overcome them. These include implementing strong authentication practices, ensuring robust networking, conducting code reviews, selecting the right branching strategy, managing secrets securely, practicing effective change management, validating the pipeline through automation and monitoring, and effectively communicating … Read more