Argon Blog

Thoughts, news, and musings from Software Supply Chain, CI/CD, and DevOps
experts, interviews, articles, and breach analyses.

How well are you protecting your Secrets?

So, What exactly are Secrets? Modern CI/CD software development consists of many building blocks and interconnected tools, apps, cloud-based infrastructure,…

Nurit Bielorai
May 10 · 3 min read

Lessons Learned from Recent DevOps Pipeline Breaches

The new world of software development is inherently collaborative — development teams are geographically dispersed and require easily accessible and…

Eran Orzel
May 05 · 5 min read

Pipeline Composition Analysis: How your CI Pipeline presents new Oppor...

The Case of the Codecov Hack   It’s pretty amazing to consider the level of trust we put in lines…

Eylam Milner
Apr 21 · 7 min read

How to Protect Your Pipeline against Supply Chain Attacks: the Codecov...

A new “double” software supply chain attack that compromised Codecov Bash Uploader was revealed to have gone undetected since January…

Eran Orzel
Apr 16 · 4 min read

How not to become the next victim of Supply Chain Attacks

The SolarWinds attack came to light in December 2020, but its ripple effects still echo on much later as more…

Eilon Elhadad
Apr 12 · 4 min read

Securing software development environments is top concern for security...

Today, CI/CD pipelines form the backbone of modern-day DevOps operations. Over the past few years, the software development industry has…

Eran Orzel
Apr 09 · 2 min read

Looking to harden your security posture?

open source vulnerability scanner