🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Lemonade + CISO Jonathan Jaffe have been instrumental in helping Arnica address key issues "most CISOs are dealing with:" • 10x better permissions management • Frictionless access approvals • Easy compliance & reporting • Happy developers! arnica.io/case-studies/l…

Today on CHAOSS Project's Podcast Arnica's CEO Nir Valtman and Head of Data Science discuss how #opensource projects secure their code! podcast.chaoss.community/65?utm_source=…

In Arnica's new blog, Eran Medan discusses the different components of software supply chain security and how a zero trust approach can help you secure your development environments more effectively! Check it out 👇 arnica.io/blog/hardening…

Threat actors identified themselves as recruiters. As part of the interview, they asked each #developer/#devops candidate to install a pre-configured known #opensource software, but the installer included a #malware that stole users’ credentials. arstechnica-com.cdn.ampproject.org/c/s/arstechnic…

Is it a #softwaresupplychain #security issue? Don't jump into conclusions! Comm100 needs time to investigate the root cause. I encourage them to disclose the results - users will gain #trust, the market will be educated & employees will appreciate it. crowdstrike.com/blog/new-suppl…

Yet another exploit against the #development ecosystem. This time it’s on #BitBucket. It definitely shows that the tools in the development ecosystem are a good target for #softwaresupplychain #security attacks. …eepingcomputer-com.cdn.ampproject.org/c/s/www.bleepi…

SBOM SBOM SBOM... this is the time to be excited about the year 2033! Here is a realistic blog post about where #SBOM is today.  lnkd.in/gE2xuCaR

The 3 quick wins in this article will cost you nothing, except spending 1 hour on pasting the shared code samples, configuring GitHub, and setting up Tines. Any feedback is welcome... #devsecops lnkd.in/gjWW28Tv

Thanks for co tributing to everyone’s diet in the Arnica office, Doron Guttman! lnkd.in/gqMyCBXN

Everything we do at Arnica is oriented toward a future in which software development is unimpeded by risk. TY TechCrunch for detailing a major step along this journey! techcrunch.com/2022/10/31/arn… #softwaresupplychainsecurity #devops #devsecops #codesecurity #shiftleft

Visit the Arnica Diamond Expo at booth #D11 at the #OWASP 2022 Global AppSec San Francisco event next week! sf.globalappsec.org/schedule/ #appsec #sanfran #security #conference #globalappsec

What is #pipelineless #security? In short, automated guardrails with all benefits from security scans in IDE, CI/CD pipelines and Checks. #cicdpipelines #devsecops #appsec lnkd.in/gRgKsDPE

Critique alert: this is how companies should NOT communicate about a #security #breach / #vulnerability What happened? CircleCI published an alert to rotate the #secrets stored in the system. What didn’t happen? - No backgroun…lnkd.in/gAiVmbhb lnkd.in/gDZpBFzw

Timothy Chen Check out Arnica, just saw a demo the other day and they do exactly that and more.

Congrats Mike Doyle on being selected as a speaker at @OWASP OWASP Israel ! May 17 @ 13:45 IDT "Introducing SafePackage, an open-source security wrapper for all kinds of package managers that neutralizes malicious dependency attacks against developer ecosystems."

#developer account #spoofing is demonstrated in a #StarWarsDay fashion by Mark Maney

Last week, Sourcegraph announced a #hack stemming from an admin token being exposed in source code. Over the weekend, we added a custom validator for Sourcegraph tokens. Read more from Arnica CEO Nir Valtman here: arnica.io/blog/how-to-en…

Securing user access to source code management tools like GitHub doesn't have to come at the expense of #DevEx. Check the latest guide from Arnica CEO, Nir Valtman, on evaluating an Enterprise Managed Users vs. Bring Your Own Users approach. arnica.io/blog/a-complet…

We detected suspicious activity on our Okta instance but confirmed no user data was accessed. Pedro Canahuati, our CTO, provides more information in this blog post blog.1password.com/okta-incident/, which includes our internal Okta Incident Report for additional details.

[Seeding AppSec]: Building security programs in regulated industries x.com/i/broadcasts/1…