OUR BLOG

I've spent the last year researching the trust and safety mechanisms in SCM platforms like GitHub, GitLab, and Gitea. These platforms are important in the ecosystem, as GitHub and GitLab together...

Bug bounty programs have emerged over the last 5 years as a vital tool for identifying and mitigating vulnerabilities.   Many enterprises have accepted the value of having bug bounty programs in...

You might have recently heard people talking about "memory-safe" languages and how we all need to start using them.  There is a loud contingent of people on LinkedIn and Twitter advocating that we...

A new software supply chain attack is affecting GitHub users.  The new threat, “Gitloker” targets GitHub users repositories with a simple but effective attack: deleting everything they have access...

What is offensive security? In today's complex cybersecurity landscape, organizations use a variety of techniques to fortify their defenses and use proactive measures to ensure the integrity of...

I will be presenting at Project Discovery's inaugural "Hardly, Strictly Security Conference" April 25thWhat is the "Hardly, Strictly Security Conference"? Hardly, Strictly Security (HSS) is the only...

What is DevSecOps and why is it important for my company? DevSecOps is the combination of development, security and operations in relation to application delivery.  It involves integrating security...