New Feature: Software bill of materials (SBOM)

We launched Arnica today. Here is our story.

New Feature: Secret Detection & Mitigation | Arnica

New Feature: Anomalous Developer Behavior | Arnica

New Feature: Automated Developer Permissions Management | Arnica

New Feature: One-Click Risk Mitigations

Introducing SecuriSlow™: Slowing Down Your Developers, Fast

Leveraging EPSS, CVSS, and KEV for Comprehensive Risk Management & Prioritization

Need for AppSec exposed by the ‘ResumeLooters’ SQL Injection & XSS Attacks

The Essential Guide to SCA and SAST

Minimize AppSec Effort and Maximize AppSec Coverage with Pipelineless Security Scanning

How to prioritize third-party package (SCA) vulnerabilities

CI/CD Pipeline Security vs. IDE plugins vs. Pipelineless Security

Why Risk Scanning Needs to be Free: Don't Just Find Risks, Fix Them

How to Evaluate a Static Application Security Testing (SAST) Solution

A Complete Guide: Enterprise Managed Users vs Bring Your Own Users on GitHub

How to Determine the Severity of a Third-Party Risk with Software Composition Analysis (SCA)

SBOM For Your Software Supply Chain: Added Visibility or Security Risk?

How to ensure you don’t have Sourcegraph secrets in source code

How to ensure your third-party software packages are reputable

How to prioritize your backlog of hardcoded secrets

Why Secret Scanning Visibility Should Be Free & Understanding Where There is Value

How to Detect & Prevent Source Code Exfiltration

Should I Manage Code in a Single Organization or Multiple Organizations?

The Criticality of Context for Addressing Software Supply Chain Risk

What Developers Can Learn from Taylor Swift's Re-recording Strategy

Why secrets continue to be a massive problem in source code

How insurance tech companies are leading the way on Application Security

Trying to identify spoofing in GitHub? May the 4th be with you!

How We Converted a GitHub Tool Into a General Purpose Webhook Proxy to Supercharge Our Integration Development

Adopting Pipelineless Security Solutions for Modern AppSec Programs

Defending Against Source Code Exfiltration, Fast and Slow

The Importance of EPSS in Vulnerability Prioritization: A Holistic Approach

What is an SBOM, what is it not, and do you need one?

Harnessing the Power of Secure Coding Practices for Effective CI/CD Security

Best practices maintaining a secure development environment

Azure Permissions: Managing Granular Permissions in Azure Devops

Security to-do lists slow you down, security tools need to fix the problems they find

Leveraging Developer Security Skills to Fortify your Security Team

What is Pipelineless Security?

GitHub Hosted vs. Self-Hosted Runners: Which One Should You Choose?

What to Consider Before Enforcing Multi-Factor Authentication (MFA) on GitHub

Trouble Keeping Track of Your Keys? So Does Toyota: Lessons Learned from a Key Management Breach

Hardening Your Software Development Environment: A Beginner's Guide

Four takeaways from the NSA's software supply chain security recommendations

Analyzing LastPass' Recent Security Incident Notification

Demystifying the Pl0x GitHub attack

GitHub CODEOWNERS: What Every Developer Should Know

Protecting Stale Code Repositories on GitHub: Essential Security Measures

Hacking Upstream: Finding a 0-Day in an OpenSSH Key Parser Library

GitGoat: An Open Source Project of Intentionally (Riskless) Misconfigured GitHub Organizations

Tracing the Impact of a Clothing Retailer's Software Supply Chain Breach on Your Production Environment

The Importance of Free Secret Detection, Even for Private Repositories

Github OAuth Apps Security: How to protect yourself against GitHub/OAuth Apps Supply Chain Attacks

How to Survive a State Actor's Attempt to Put a Backdoor in Your Code

Application Security vs. Software Supply Chain Security: What's the Difference?

How Top Open Source Projects Protect Their Code: Insights and Best Practices

Afraid of your source code leaking? I can tell by the Twitch in your eye…!

Hacking Hacker News: Lessons Learned from a Security Researcher Wearing A Growth Hat

Protecting Your Business from Supply Chain Attacks: Expert Q&A

Developers Extension Security Team: A New Approach to Ensuring Secure Code

How to Reduce Code Risk Using Pipelineless Security

Best Secure software development solutions: our top picks

Interview with Nir Veltman – Arnica

Securing the Modern Software Supply Chain

Arnica raises $7M to improve software supply chain security

Arnica raises $7 million to secure software supply chain

Atlanta startup Arnica raises $7M as it enters growing cybersecurity market

How Arnica’s tool keeps supply chain and developers flowing by repelling attacks

With $7M in funding, Arnica is using behavioral analytics to spot hackers posing as developers

Arnica raises $7M to secure software supply chains with behavior-based threat detection and least-privilege enablement

Arnica Raises $7 Million to Protect Software Developers, Code

Interview with Nir Valtman, CEO and Founder of Arnica

Enhancing the Security of the Software Supply Chain through Secure Software Development Practices

Biden issues Executive Order to strengthen nation’s cybersecurity networks

Cybersecurity 101: Protect your privacy from hackers, spies, and the government