1. | | CI/CD supply chain attack on Azure Karpenter Provider open-source project (stepsecurity.io) |
|
3 points by varunsharma07 29 days ago | past | 2 comments
|
2. | | Security Breach in Stripe Repo: A Deep Dive into the "Pwn Request" Vulnerability (stepsecurity.io) |
|
7 points by varunsharma07 3 months ago | past
|
3. | | An Obscure Actions Workflow Vulnerability in Google's Flank (adnanthekhan.com) |
|
20 points by varunsharma07 8 months ago | past | 1 comment
|
4. | | Show HN: GitHub Actions Advisor – View security scores of GitHub Actions you use (stepsecurity.io) |
|
3 points by varunsharma07 11 months ago | past
|
5. | | How Google secures their GitHub Actions workflows with StepSecurity (stepsecurity.io) |
|
3 points by varunsharma07 on Nov 8, 2023 | past
|
6. | | Protect Against CI/CD Attacks That Poison GitHub Actions Workflows (infosecwriteups.com) |
|
3 points by varunsharma07 on July 26, 2023 | past
|
7. | | Celebrating Success of 500 Open Source Projects Using StepSecurity's Platform (stepsecurity.io) |
|
1 point by varunsharma07 on July 11, 2023 | past | 1 comment
|
8. | | Show HN: AI-CodeWise – Transforming Code Reviews with AI-Powered Analysis (github.com/step-security) |
|
2 points by varunsharma07 on May 10, 2023 | past
|
9. | | Show HN: Secure your public GitHub repository with automated security fixes (github.com/step-security) |
|
2 points by varunsharma07 on March 8, 2023 | past
|
10. | | In Scorecard We Trust (github.com/readme) |
|
1 point by varunsharma07 on Jan 26, 2023 | past | 1 comment
|
11. | | DevOps Self-Service Centric Pipeline Security and Guardrails (betterprogramming.pub) |
|
4 points by varunsharma07 on Jan 25, 2023 | past | 1 comment
|
12. | | Show HN: Protect Your CI/CD from SolarWinds-Type Attacks with This Agent (github.com/step-security) |
|
15 points by varunsharma07 on Jan 25, 2023 | past | 2 comments
|
13. | | The Audit of Git Is Complete (ostif.org) |
|
2 points by varunsharma07 on Jan 24, 2023 | past | 1 comment
|
14. | | Update on Security Improvement at the Eclipse Foundation (barbero.tech) |
|
1 point by varunsharma07 on Jan 23, 2023 | past | 1 comment
|
15. | | Implementing OSSF Scorecards Across a GitHub Organisation (thestateofme.com) |
|
1 point by varunsharma07 on Jan 21, 2023 | past
|
16. | | Peribolos: Kubernetes Uses GitOps to Manage GitHub Communities at Scale (youtube.com) |
|
1 point by varunsharma07 on Jan 20, 2023 | past | 1 comment
|
17. | | Layoff information on Washington State employers (wa.gov) |
|
1 point by varunsharma07 on Jan 20, 2023 | past | 1 comment
|
18. | | Open Source Security Foundation (OpenSSF) 2022 Annual Report [pdf] (openssf.org) |
|
2 points by varunsharma07 on Jan 19, 2023 | past | 1 comment
|
19. | | Show HN: Publish from GitHub Actions using multi-factor authentication (github.com/step-security) |
|
72 points by varunsharma07 on Dec 6, 2022 | past | 26 comments
|
20. | | Do you maintain a GitHub Action? Contribute to the SecureWorkflows project (stepsecurity.io) |
|
2 points by varunsharma07 on Aug 31, 2022 | past | 1 comment
|
21. | | Show HN: Test Your Defenses with a Malware-Simulator Package (github.com/step-security) |
|
2 points by varunsharma07 on March 22, 2022 | past | 1 comment
|
22. | | Show HN: harden-runner: GitHub Action to prevent software supply chain attacks (github.com/step-security) |
|
11 points by varunsharma07 on Feb 28, 2022 | past | 3 comments
|
23. | | Show HN: Hands-on tutorials to learn about software supply chain security (github.com/step-security) |
|
3 points by varunsharma07 on Feb 8, 2022 | past
|
24. | | Show HN: Automatically restrict permissions for the GITHUB_TOKEN (github.com/step-security) |
|
3 points by varunsharma07 on Sept 10, 2021 | past
|