Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Git

gitguardian

Safeguarding Your Collaboration Tools: Tackling the New Favorite Targets of Attackers

Jul 17, 2024 By Ferdinand Boas In GitGuardian
Secrets in collaboration tools are becoming prime targets for attackers. Reduce your attack surface by extending GitGuardian automated secrets detection capabilities to Slack, Jira, Confluence, or Microsoft Teams. Ensure security wherever your teams collaborate!
Read Post

Introducing GitGuardian's Remediation Location & Tracking

Jul 16, 2024 By GitGuardian In GitGuardian
Remediation is one of the most challenging aspects of fighting secrets sprawl. Finding exactly the right code to address and then tracking when and how it was fixed can get cumbersome, Especially when dealing with multiple projects and teams. We are proud to Introduce Remediation Location and Tracking to your GitGuardian incidents detail view. With our new Pinpoint location within the Impacted Perimeter view, the platform will organize issues all fixable incidents into the new "Require code fixing" tab helping developers concentrate their efforts.
View Video

CyberRisks in DevOps - staying ahead for cyber resilience & compliance

Jul 15, 2024 By GitProtect In GitProtect
Are you aware of cyber risks in DevOps and how they can impact your business? Join our host ⁠Gregory Zagraba⁠ and explore the biggest cyber threats to DevOps environments, including GitHub, GitLab, Bitbucket, and Jira with an ultimate review of the Top 2023 risks. But in order not to leave you in the crosshairs of hackers, human errors, and malicious insiders, he will also get in-depth insights on data protection, backup, Disaster Recovery, and security.
View Video
Arctic Wolf

CVE-2024-6385: Critical Unauthorized Pipeline Job Vulnerability in GitLab

Jul 12, 2024 By Andres Ramos In Arctic Wolf
On July 10, 2024, GitLab issued an advisory regarding a critical vulnerability (CVE-2024-6385) in GitLab CE/EE that had been reported to them through a bug bounty program. This vulnerability allows a threat actor to trigger a GitLab pipeline as another user under certain circumstances. A GitLab pipeline is a collection of automated processes that run in stages to build, test, and deploy code.
Read Post
foresiet

GitLab Patches Critical Vulnerability Allowing Unauthorized Pipeline Jobs

Jul 11, 2024 By Foresiet In Foresiet
GitLab has released a new series of updates to address critical security flaws in its software development platform. Among these, a severe vulnerability tracked as CVE-2024-6385 has been identified, allowing attackers to run pipeline jobs as arbitrary users. This blog will detail the nature of these vulnerabilities, their impact, and the steps GitLab has taken to mitigate them. Critical Vulnerability: CVE-2024-6385.
Read Post
jit

Announcing GitLab support: Empower developers to secure everything they code in GitLab

Jul 10, 2024 By David Melamed In Jit
Today, I’m thrilled to announce Jit’s full support for GitLab, which will significantly expand our ability to execute our mission to empower every developer to secure everything they code. This new integration will provide all of the same benefits that we’ve been delivering to our customers on GitHub for years, including: If you’re on GitLab, check out the guidelines below to quickly realize these benefits.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.