Exploiting CI/CD with Style(lint): LOTP Guide
TL;DR: CI/CD remains a stealthy and soft target for supply chain attacks—especially via linters,...
Here we’ll offer information relevant to developers and security automation for the software supply chain.
This free guide explores the business level risks of the software supply chain and offers examples for how they materialize. We'll review four key risk categories; your developers, 1st party code, 3rd party code and the development infrastructure, and break down specific vulnerabilities and how they're compromised in each category.
Is BoostSecurity right for you? What problem do you solve? Read more in our Executive Summary / At-a-Glance document, in the PDF below.
TL;DR: CI/CD remains a stealthy and soft target for supply chain attacks—especially via linters,...
After connecting with dozens of CISOs and CTOs, we've realized there’s a lot of diverging ideas...
TL;DR: We've been quiet lately—despite recent Supply Chain drama—because we wanted a clearer...