all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Hardening repositories against credential theft

Add to bookmarks
Aug. 15, 2023, 4 p.m. | Matthew Masarik

The GitHub Blog: Security News and Updates github.blog

Some best practices and important defenses to prevent common attacks against GitHub Actions that are enabled by stolen personal access tokens, compromised accounts, or compromised GitHub sessions.


The post Hardening repositories against credential theft appeared first on The GitHub Blog.

access access tokens accounts actions attacks best practices blog compromised compromised accounts credential credential theft github github actions hardening important personal practices repositories security sessions stolen theft tokens

Visit resource

More from github.blog / The GitHub Blog: Security News and Updates

Where does your software (really) come from? 1 day, 22 hours ago | github.blog
blog capabilities community github +11
CodeQL zero to hero part 3: Security research with CodeQL 3 days, 6 hours ago | github.blog
blog codeql github github security lab +6
Securing millions of developers through 2FA 1 week ago | github.blog
2fa adoption developers ecosystem +9
Security research without ever leaving GitHub: From code scanning to CVE via Codespaces and private … 4 weeks, 1 day ago | github.blog
blog blog post code codeql +16
Gaining kernel code execution on an MTE-enabled Pixel 8 1 month, 1 week ago | github.blog
android app arm arm mali +22
Keeping secrets out of public repositories 2 months ago | github.blog
blog default developers github +10
How to stay safe from repo-jacking 2 months, 1 week ago | github.blog
attack blog blog post can +10
Build code security skills with the GitHub Secure Code Game 2 months, 2 weeks ago | github.blog
actions blog build challenges +18
The architecture of SAST tools: An explainer for developers 2 months, 2 weeks ago | github.blog
address age architecture blog +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Associate Manager, BPT Infrastructure & Ops (Security Engineer)

@ SC Johnson | PHL - Makati
View on infosec-jobs.com

Cybersecurity Analyst - Project Bound

@ NextEra Energy | Jupiter, FL, US, 33478
View on infosec-jobs.com

Lead Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com

Junior Information Security Coordinator (Internship)

@ Garrison Technology | London, Waterloo, England, United Kingdom
View on infosec-jobs.com

Sr. Security Engineer

@ ScienceLogic | Reston, VA
View on infosec-jobs.com
View more jobs