Source: Boost Security Blog

Boost Security Blog Exploiting CI/CD with Style(lint): LOTP Guide

TL;DR: CI/CD remains a stealthy and soft target for supply chain attacks-especially via linters, formatters, build and test tools. This guide breaks down Living Off the Pipeline (LOTP) techniques, where attackers exploit CI tools already present and without modifying the workflow itself-using config files, plugins, and environment variables instead.

Read full article »

Boost Security's Competitors | Boost Security's News | Boost Security's Financials

Followers on Owler

Est. Annual Revenue

$100K-5.0M

Est. Employees

1-25

Co-Founder & CEO

Zaid Al Hamami

CEO Approval Rating

90/100

Boost Security is a Canada-based DevSecOps automation platform that offers solutions such as risk governance, and software supply chain security for enterprises.