Get to know

Asi Greenholts

Sr Staff Researcher • Prisma

Blogs by Asi Greenholts

Sort By:

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

Sep 14, 2023

By Asi Greenholts

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Jenkins’ default configurations can leave your CI/CD pipelines open to attack. Learn five practical tips to help you define secure configurations in your organization.

Jul 25, 2023

By Asi Greenholts

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

Learn how attackers abuse repository webhooks to gain access to Jenkins instances and discover CI/CD security tips to protect your pipelines from attack.

Jul 13, 2023

By Omer Gil and Asi Greenholts

Blogs by Asi Greenholts

Sort By:

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

Sep 14, 2023

By Asi Greenholts

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

Learn how attackers abuse repository webhooks to gain access to Jenkins instances and discover CI/CD security tips to protect your pipelines from attack.

Jul 13, 2023

By Omer Gil and Asi Greenholts

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Jenkins’ default configurations can leave your CI/CD pipelines open to attack. Learn five practical tips to help you define secure configurations in your organization.

Jul 25, 2023

By Asi Greenholts

Asi Greenholts

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links