Today, SaaS security challenges are lurking around for any org. Tune in to br3akp0int for- 'Controlling your SaaS Sprawl with a SaaS Security Platform', to find out more from our next guest- Abhishek Anand, Co-Founder Koala Lab.
LIVE NOW!
YouTube: https://t.co/E9Z6UpIWJo
My hot take on the xz back door: it’s a success for the community. It took 2 years to sneak it in and it was caught in 1 month before it was in any major distro. It is really hard to backdoor a distro which is pretty cool.
GitHub Actions is definitely a great platform, one of the better GitHub Products(as good co-pilot, imo) but comes with it'w own security risks, adequately securing it can be very powerful.
Here is my deep-dive post on #github Actions cache poisoning. This is a powerful build pipeline lateral movement and privilege escalation technique and I used it to earn several thousand💰in #bugbounty rewards.
https://t.co/7S5MjdP2Wc
📣 Join us for a special live stream with Abhishek Anand, co-founder of KoalaLab, focusing on PINNY. It's a tool designed to hash-pin Dockerfiles and GitHub actions, protecting against dependency hijacking & confusion. https://t.co/oYVLNEarZN