Source: Boost Security Blog

Boost Security Blog The tale of a Supply Chain near-miss incident

TL;DR: We disclosed to Chainguard in December 2023 that one of their GitHub Actions workflow was vulnerable to "pwn request", potentially impacting the integrity of Docker images signed by their cosign Terraform Provider. Fortunately, this ended up being a near-miss incident. We also introduce the Living Off The Pipeline project, which inventories tools used in build pipelines that have RCE-by-Design features.

Read full article »
Boost Security's Competitors | Boost Security's News | Boost Security's Financials
Stay up-to-date with the latest news on Boost Security
Est. Annual Revenue
$100K-5.0M
Est. Employees
1-25
Zaid Al Hamami's photo - Co-Founder & CEO of Boost Security

Co-Founder & CEO

Zaid Al Hamami

CEO Approval Rating

90/100

Read more
Stay up-to-date with the latest news on Boost Security