Argon Blog

Thoughts, news, and musings from Software Supply Chain, CI/CD, and DevOps
experts, interviews, articles, and breach analyses.

Securing your artifactories and repositories from Dependency Confusion...

Your CI/CD security is only as strong as its weakest link. An overlooked part of the CI/CD pipeline can be…

Eilon Elhadad
May 31 · 4 min read

10 Github Security Best Practices

You just created your organization in Github. This presents an exciting opportunity, as it’s one of the leading SCM (Source…

Guy Ben-Aharon
May 24 · 3 min read

The proliferation of Pipeline tools and plugins: A backdoor for Supply...

Codecov hackers gained access to Monday.com source code Monday.com has recently disclosed that it was impacted by the Codecov supply-chain attack…

Eran Orzel
May 18 · 4 min read

How well are you protecting your Secrets?

So, What exactly are Secrets? Modern CI/CD software development consists of many building blocks and interconnected tools, apps, cloud-based infrastructure,…

Nurit Bielorai
May 10 · 3 min read

Lessons Learned from Recent DevOps Pipeline Breaches

The new world of software development is inherently collaborative — development teams are geographically dispersed and require easily accessible and…

Eran Orzel
May 05 · 5 min read

Pipeline Composition Analysis: How your CI Pipeline presents new Oppor...

The Case of the Codecov Hack   It’s pretty amazing to consider the level of trust we put in lines…

Eylam Milner
Apr 21 · 7 min read

Looking to harden your security posture?

open source vulnerability scanner