#github

Articles tagged with #github

Short-lived OIDC for CI: kill every long-lived GitHub Actions token
AWS OIDC, GCP WIF, Azure federated credentials
May 3, 20268 min read21
The $4.45M Mistake: How a Missing SBOM Requirement Let the XZ Utils Backdoor Slip Past Millions of Servers
A 3-year patient infiltration. One 500ms anomaly. Zero automated defenses. Here's the full architecture of what happened, what should have stopped it, and how to build a self-healing supply chain security system into your IDP, today.
Feb 22, 202622 min read33

#github - AI-Driven DevSecOps, Cloud Security & System Architecture | Subhanshu Mohan Gupta