Rotem BarinCider SecuritySecret Diver — Searching for deeply hidden secretsWe are glad to introduce Secret Diver, a tool that allows you to search inside Docker layers for secrets.Jan 19, 2022Jan 19, 2022
Rotem BarinCider SecurityNPM might be executing malicious code in your CI without your knowledgeHow to tell if you are using NPM safely within your CIJan 3, 2022Jan 3, 2022
Rotem BarinCider SecurityOur dependencies are under attack, and this time we were lucky…How can we protect ourselves when our world infrastructure is under attack?Nov 24, 2021Nov 24, 2021
Rotem BarinCider SecurityMalicious code analysis: Abusing SAST (mis)configurations to hack CI systemsWhat happens when SAST tools do more than just scanning? What if security scanners abuse their privileges?Nov 3, 2021Nov 3, 2021
Rotem BarinAppsFlyer EngineeringDevelopers, Please encode your URLsIf you like it, put a # on it!Oct 26, 2020Oct 26, 2020
Rotem BarinAppsFlyer EngineeringNGINX may be protecting your applications from traversal attacks without you even knowingBy Danny Robinson and Rotem BarSep 24, 20202Sep 24, 20202
