Get to know

Asi Greenholts

Sr Staff Researcher • Prisma

Blogs by Asi Greenholts

Sort By:

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

Sep 14, 2023

By Asi Greenholts

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Jenkins’ default configurations can leave your CI/CD pipelines open to attack. Learn five practical tips to help you define secure configurations in your organization.

Jul 25, 2023

By Asi Greenholts

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

Learn how attackers abuse repository webhooks to gain access to Jenkins instances and discover CI/CD security tips to protect your pipelines from attack.

Jul 13, 2023

By Omer Gil and Asi Greenholts

Blogs by Asi Greenholts

Sort By:

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

Sep 14, 2023

By Asi Greenholts

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

Learn how attackers abuse repository webhooks to gain access to Jenkins instances and discover CI/CD security tips to protect your pipelines from attack.

Jul 13, 2023

By Omer Gil and Asi Greenholts

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Jenkins’ default configurations can leave your CI/CD pipelines open to attack. Learn five practical tips to help you define secure configurations in your organization.

Jul 25, 2023

By Asi Greenholts

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Asi Greenholts

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

CI/CD, DevSecOps

Abusing Repository Webhooks to Access Internal CI/CD Systems at Scale

AppSec, CI/CD

How to Secure Jenkins’ Default Build Authorization Configuration

Get the latest news, invites to events, and threat alerts

Get the latest news, invites to events, and threat alerts

Products and Services

Company

Popular Links