Recent Posts

• Opengrep – A Fork of Semgrep
  by niros_valtoson 1/23/2025, 3:25:09 PM with 4 comments
• Show HN: Semgrep rule to identify malicious Python code
  by niros_valtoson 3/7/2024, 12:58:40 PM with 0 comments
• Show HN: Semgrep Rule That Identifies GitHub Repo Confusion Attack IOCs
  by niros_valtoson 3/7/2024, 1:35:10 AM with 0 comments
• Cellular Outage Caused by Cyber Attack? Speculations on Social Media
  by niros_valtoson 2/22/2024, 2:23:43 PM with 0 comments
• The Guide to Building an Efficient CI/CD Pipeline
  by niros_valtoson 9/18/2023, 1:50:27 PM with 0 comments
• GitHub sends my hardcoded secrets to providers when Secret Scanning is disabled
  by niros_valtoson 5/11/2023, 3:10:22 AM with 0 comments
• Trying to identify spoofing in GitHub? May the 4th (or 5th) be with you
  by niros_valtoson 5/5/2023, 2:12:12 PM with 0 comments
• What Is Pippelineless Security?
  by niros_valtoson 2/21/2023, 2:45:46 PM with 0 comments
• Show HN: GitGoat v2 is released – fake commits with real vulnerable code
  by niros_valtoson 2/5/2023, 5:02:51 PM with 0 comments
• GitHub finally introduced fine-grained personal access tokens
  by niros_valtoson 10/18/2022, 4:17:41 PM with 1 comment
• Hardening software development environments 101
  by niros_valtoson 9/22/2022, 11:50:55 AM with 0 comments
• NSA's software supply chain security recommendations need some refinement
  by niros_valtoson 9/13/2022, 2:12:47 PM with 0 comments
• Ask HN: How do you prioritize the update of vulnerable 3rd party packages?
  by niros_valtoson 9/6/2022, 6:37:33 AM with 2 comments
• Hold the pitchforks. What LastPass did right.
  by niros_valtoson 8/26/2022, 5:40:59 PM with 0 comments
• GitHub Enterprise Cloud customers can access IP addresses for audit log entries
  by niros_valtoson 8/6/2022, 2:12:47 AM with 0 comments
• Making to most of GitHub rate limits
  by niros_valtoson 7/27/2022, 10:54:23 AM with 0 comments
• What is eBPF, anyway, and why should Kubernetes admins care?
  by niros_valtoson 7/26/2022, 10:02:08 AM with 0 comments
• FBI found Huawei equipment in Midwest could disrupt US nuclear communications
  by niros_valtoson 7/26/2022, 9:52:12 AM with 1 comment
• What every developer should know about GitHub CODEOWNERS
  by niros_valtoson 7/25/2022, 3:17:11 PM with 0 comments
• How to Protect Stale Source Code Repositories on GitHub
  by niros_valtoson 7/19/2022, 12:12:58 PM with 0 comments
• Why we offer our advanced secret scanning for free, even for private repos
  by niros_valtoson 7/9/2022, 1:46:26 PM with 0 comments
• Supply Chain Breach: Tracing the Impact of a Clothing Retailer on Your Prod Env
  by niros_valtoson 5/25/2022, 7:16:34 PM with 0 comments
• Show HN: Free secrets scanning for unlimited private GitHub repos
  by niros_valtoson 5/12/2022, 3:36:26 PM with 5 comments
• How to Protect Yourself Against GitHub/OAuth Apps Supply Chain Attacks
  by niros_valtoson 4/17/2022, 11:54:48 AM with 0 comments
• Stay tuned for Kaspersky source code leak
  by niros_valtoson 3/9/2022, 5:19:27 AM with 0 comments
• How to survive a state-actor trying to put a backdoor in your code?
  by niros_valtoson 3/8/2022, 12:41:45 PM with 1 comment
• App SEC vs. Software Supply Chain Security Explained
  by niros_valtoson 2/28/2022, 2:52:00 PM with 1 comment