First results from using GitHub CodeQL to discover security vulnerabilities in Jenkins plugins
A little over a month ago, GitHub announced the general availability of its code scanning solution. It’s based on CodeQL,… Read More
A little over a month ago, GitHub announced the general availability of its code scanning solution. It’s based on CodeQL,… Read More
As we anticipated in this post, the anomaly and threat detection for Amazon Simple Storage Service (S3) activities that was previously available in… Read More
Eagle-eyed readers of today’s security advisory may already have noticed that we consider the cross-site scripting (XSS) vulnerabilities to be… Read More
Almost five years ago, I blogged about a solution that automatically analyzes AWS CloudTrail data to generate alerts upon sensitive… Read More
Azure Key Vault is a product for securely managing keys, secrets and certificates. I’m happy to announce two new features… Read More
Table of Contents The Problem Code Duplication And Security A Branch Is Not A Feature Documentation The Solution Code Duplication… Read More
API keys and secrets are difficult to handle safely, and probably something you avoid thinking about. In this post I’ll… Read More
Today I get to share my favorite kind of announcement. It’s the sort of thing that will improve security for… Read More
This is a speaker blog post for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal and has… Read More
This is a speaker blogpost for a DevOps World | Jenkins World 2019 talk in Lisbon, Portugal Come join us… Read More