The Arnica Blog

Featured posts

sunflower market
APPSEC

Arnica Now Available on AWS Marketplace

April 23, 2025
|
By
Anna Daugherty
Read more
Scientist selecting from four different options of arnica flowers on screens

Evaluating SCA Tools for Addressing Open Source Vulnerabilities

Read more
A giant humanoid Arnica flower reaching for a package

Prioritizing AppSec Vulnerabilities: Developer Context vs. Full Reachability

Read more
A cartoon image of a software developer on a roller coaster

State of Developer Time Loss 2024: How Arnica’s Pipelineless Security Can Help

Read more

All Posts

Filters
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
DEVELOPMENT
Featured
all

How Pipelineless SAST Enforces Application Security Without Slowing Developers Down

Anna Daugherty
ATTACK
Featured
all

GitHub Actions Supply Chain Attack: What Arnica Customers Need to Know

Eran Medan
ATTACK
Featured
all

How Arnica's Low-Reputation Package Detection Could Have Stopped the XML-RPC npm Breach

Eran Medan
APPSEC
Featured
all

Best Practices for SCA Scanning in Agile Development

Eitam Arad
SECURITY 101
Featured
all

SAST vs. DAST: A Comparative Analysis

Simon Wenet
APPSEC
Featured
all

Implementing SAST Security Policies for Effective Application Protection

Eitam Arad
APPSEC
Featured
all

Optimizing Code Security: Advanced Strategies in SAST Scanning

Simon Wenet
APPSEC
Featured
all

We Need to Talk About Third-Party Risk & Software Composition Analysis (SCA)

Mark Maney
APPSEC
Featured
all

Building an AppSec Program, Powered by Pipelineless Security

Nir Valtman
ATTACK
Featured
all

New York Times Data Breach Reveals Secrets & Source Code

Simon Wenet
ATTACK
Featured
all

Rabbit r1 Data Breach Again Shows The Dire Need for Improved Secrets Security

Simon Wenet
ATTACK
Featured
all

5 Critical Lessons from the GitHub Phishing Attack by Gitloker

Nir Valtman
APPSEC
Featured
all

Guide to Secret Detection Solutions for Modern Software Development

Nir Valtman
APPSEC
Featured
all

[April fools] Introducing SecuriSlow™: Slowing Down Your Devs, Fast

Nir Valtman
DEVELOPMENT
Featured
all

GitHub Branch Protection Guide: Keys for Developers

Nir Valtman

Happy dev, happy sec.

Interested in learning more about how pipelineless application security and developer-native workflows can upgrade your AppSec program?

Book Time With Arnica