GitHub boosts secrets scanning: A necessary step, but supply chain security is key to managing risk | allinfosecnews.com

Oct. 24, 2023, 11:30 a.m. | jpmellojr@gmail.com (John P. Mello Jr.)

ReversingLabs Blog blog.reversinglabs.com

Credentials leaks are a major threat to supply chain security. In the hands of an adversary, application development secrets will open the door to a host of attack strategies. The CircleCI hack made this crystal clear for software supply chain risk management.

adversary application application development app sec & supply chain security attack circleci clear credentials crystal development door github hack host key leaks major management risk risk management scanning secrets secrets scanning security software software supply chain software supply chain risk strategies supply supply chain supply chain risk supply chain risk management supply chain security threat

More from blog.reversinglabs.com / ReversingLabs Blog

When it comes to threat modeling, not all threats are created equal 2 days, 19 hours ago | blog.reversinglabs.com

appsec & supply chain security can career fix +4

CISA's new 'vulnrichment' program aims to bolster the NVD 3 days, 19 hours ago | blog.reversinglabs.com

agency appsec & supply chain security bolster cisa +17

ReversingLabs Search Extension for Splunk Enterprise 4 days, 18 hours ago | blog.reversinglabs.com

apis application blog command +13

What you missed at RSA Conference 2024: Key trends and takeaways 4 days, 19 hours ago | blog.reversinglabs.com

america appsec & supply chain security artificial intelligence (ai) center +20

NSA: State-backed attackers are not after your data — they're targeting CI 1 week, 2 days ago | blog.reversinglabs.com

advanced advanced persistent threat agency apt +22

CI/CD pipelines and the cloud: Are your development secrets at risk? 1 week, 3 days ago | blog.reversinglabs.com

appsec & supply chain security aws azure can +21

Why GenAI fails at full SOC automation 1 week, 4 days ago | blog.reversinglabs.com

ai tools automation autonomous build +23

Verizon 2024 DBIR: Software supply chain risks fuel a data breach epidemic 2 weeks, 2 days ago | blog.reversinglabs.com

alarm appsec & supply chain security breach breaches +25

What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 2 weeks, 3 days ago | blog.reversinglabs.com

appsec & supply chain security cisos development don +16

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España

View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania

View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States

View on infosec-jobs.com