- Term Shit - הסרט המלא

הפרויקט החדש של @YoavVilner ושלי אחרי שנים שבהן סיפרנו בדיחות של גיקים במחתרת, החלטנו לצאת עם זה החוצה..

RT @geektimecoil: יזמים ישראליים בדקו כמה משחקי מילים על הייטק וטכנולוגיה אפשר לדחוס לסרטון אחד

@geektimecoil @YoavVilner

RT @EBGera: 1/13 כשאנחנו נאבקים על הזמנת רכב חדש או פלייסטיישן, התירוץ על ״בעיות בשרשרת האספקה״ נזרק לאויר. יזם סייבר שמע את התירוץ ורץ להק…

RT @omer_gil: New research: How we abused repository webhooks to access internal CI systems at scale. 1/

RT @omer_gil: Playing with some PPE attack vectors in my CI/CD env 👀

RT @clintgibler: ⚠️ GitHub Org Identity Management Risks When not using SSO * User personal emails could be compromised * IdP removal does…

RT @clintgibler: 🛡️ CI/CD Credential Hygiene @TupleType examines 3 common issues: 1. Unrotated static credentials 2. Overly accessible cr…

RT @antitree: This doesn't push my agenda of hating on Jankins but it's a good in-depth analysis of a few CI tools and how they handle cred…

RT @omer_gil: Great blog post by @TupleType about credential hygiene risks in engineering environments, with comparison of the different se…

RT @owasp: . @Owasp_DevSlop is going live tomorrow with Omer Gil & Daniel Krivelevich from @cider_sec to discuss the "Top 10 CI/CD Security…

RT @rung: I re-read CI/CD top10, I would like to introduce their new term. It's the PBAC(Pipeline-Based Access Controls). Source code manag…

RT @secarchpodcast: We are airing our eighth and final Episode in Season 3, this season is dedicated to #applicationsecurity, our guest for…

Looking forward to some fruitful followup collaborations with the industry on this #Top10CICD

RT @clintgibler: 🗡️ Exploiting Jenkins build authorization Jenkins default settings assign every build to “run as SYSTEM" 😱 To harden, us…

RT @TupleType: Exploiting Jenkins build authorization. A default configuration we often see unchanged in production environments causes all…