Malicious code analysis: Abusing SAST (mis)configurations to hack CI systems | by Rotem Bar | Cider Security | Medium - discu.eu

Reddit

Malicious Code Analysis attack: Abuse code analysis tools to execute code on the analyzing host, or to bypass CI checks https://medium.com/cider-sec/malicious-code-analysis-abusing-sast-mis-configurations-to-hack-ci-systems-13d5c1b37ffe 2 comments 3/11/2021 netsec

Linking pages

GitHub - TupleType-1/awesome-cicd-attacks: Practical resources for offensive CI/CD security research. https://github.com/TupleType-1/awesome-cicd-attacks 0 comments

Linked pages

GitHub - bridgecrewio/checkov: Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew. https://github.com/bridgecrewio/checkov 0 comments

Related searches:

Search whole site: site:medium.com

Search title: Malicious code analysis: Abusing SAST (mis)configurations to hack CI systems | by Rotem Bar | Cider Security | Medium

See how to search.

Submit link to: