GitHub Archives - Help Net Security

GitHub

Datadog and Snyk unveil GitHub integration to automate software development workflow

December 14, 2020

Datadog announced the Datadog Vulnerability Analysis GitHub Action, Datadog’s first action listed on the GitHub Marketplace. GitHub Actions provide powerful, flexible CI/CD …

Open source vulnerabilities go undetected for over four years

December 3, 2020

For its annual State of the Octoverse report, GitHub has analyzed over 45,000 active code directories to provide insight into open source security (vulnerabilities) and …

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)

November 5, 2020

A critical vulnerability (CVE-2020-27955) in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, allows attackers to achieve remote code …

GitHub envisions a world with fewer software vulnerabilities

October 13, 2020

After five months in beta, the GitHub Code Scanning security feature has been made generally available to all users: for free for public repositories, as a paid option for …

DefenseCode’s SAST ThunderScan solution now available as a GitHub Action

October 7, 2020

DefenseCode Group has announced that DefenseCode’s Static Application Security Testing (SAST) ThunderScan solution is now available as a GitHub Action, offering security …

Checkmarx provides automated security scans within GitHub repositories

October 5, 2020

Checkmarx announced a new GitHub Action to bring comprehensive, automated static and open source security testing to developers. As enterprises look to differentiate …

RedCommander: Open source tool for red teaming exercises

September 3, 2020

GuidePoint Security released a new open source tool that enables a red team to easily build out the necessary infrastructure. The RedCommander tool solves a major challenge …

Computer scientists create benchmarks to advance quantum computer performance

August 19, 2020

Two UCLA computer scientists have shown that existing compilers, which tell quantum computers how to use their circuits to execute quantum programs, inhibit the …

Solar appScreener 3.6: Supporting Pascal and integrating with GitLab, GitHub and Bitbucket

August 13, 2020

Solar Security has announced the release of a new version of its app security analyzer, Solar appScreener 3.6, which supports Pascal and features improved integration with …

GitHub Code Scanning aims to prevent vulnerabilities in open source software

May 8, 2020

GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …

Software vulnerabilities sometimes first announced on social media

May 7, 2020

Software vulnerabilities are more likely to be discussed on social media before they’re revealed on a government reporting site, a practice that could pose a national …

Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

January 16, 2020

Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment. Regula …

GitHub

Datadog and Snyk unveil GitHub integration to automate software development workflow

Open source vulnerabilities go undetected for over four years

Git LFS vulnerability allows attackers to compromise targets’ Windows systems (CVE-2020-27955)

GitHub envisions a world with fewer software vulnerabilities

DefenseCode’s SAST ThunderScan solution now available as a GitHub Action

Checkmarx provides automated security scans within GitHub repositories

RedCommander: Open source tool for red teaming exercises

Computer scientists create benchmarks to advance quantum computer performance

Solar appScreener 3.6: Supporting Pascal and integrating with GitLab, GitHub and Bitbucket

GitHub Code Scanning aims to prevent vulnerabilities in open source software

Software vulnerabilities sometimes first announced on social media

Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

Don't miss

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)

Streamlining cloud compliance through automation

Cybersecurity marketing: Always think of the customer

eBook: 20 tips for secure cloud migration

Business executives targeted with Office 365-themed phishing emails