Enhance Software Composition Analysis (SCA) with Reachability | Arnica

Enhance Software Supply Chain Security with SCA + Package Reputation | Arnica

Automated Risk Resolution Workflows: Upgrade Your Vulnerability Management || Arnica

New Feature: Code Risks Tracking for Multi-Branch Repositories | Arnica

New Feature: "W00t W00t" aka Code Risk Mitigation Shoutouts

New Integration: Security Issue Management [that rocks!] with Jira + ADO Boards

New Feature: AI-Based Code Risk Mitigations

New Integration: Introducing Arnica’s Application Security for Bitbucket Users

Arnica achieves SOC2 Type 2 & ISO27001 compliance

New Feature: Continuous Software Bill of Materials (SBOM)

We launched Arnica today. Here is our story.

New Feature: Secret Detection & Mitigation | Arnica

New Feature: Anomalous Developer Behavior | Arnica

New Feature: Automated Developer Permissions Management | Arnica

New Feature: One-Click Risk Mitigations

State of Developer Time Loss 2024: How Arnica’s Pipelineless Security Can Help

Optimizing Code Security: Advanced Strategies in SAST Scanning

Time for an Honest Talk About Third-Party Risk Management and Software Composition Analysis (SCA)

Building an AppSec Program, Powered by Pipelineless Security

New York Times Data Breach Reveals Secrets & Source Code

Rabbit r1 Data Breach Again Shows The Dire Need for Improved Secrets Security

5 critical lessons from the latest GitHub phishing campaign by Gitloker

Practical Guide for Evaluating Secret Detection Solutions to Fit Modern Software Development

[April fools] Introducing SecuriSlow™: Slowing Down Your Developers, Fast

GitHub Branch Protection Guide: Keys for Developers

Malicious Code Campaign on GitHub Repos: Is it Hype or a Dire Threat?

EPSS vs CVSS vs KEV for Nuanced Risk Management

Need for AppSec exposed by the ‘ResumeLooters’ SQL Injection & XSS Attacks

Guide to SCA and SAST: Secure Your Code Efficiently

Minimize AppSec Effort and Maximize AppSec Coverage with Pipelineless Security Scanning

How to prioritize third-party package (SCA) vulnerabilities

CI/CD Pipeline Security vs. IDE plugins vs. Pipelineless Security

Why Risk Scanning Needs to be Free: Don't Just Find Risks, Fix Them

How to Evaluate a Static Application Security Testing (SAST) Solution

A Complete Guide: Enterprise Managed Users vs Bring Your Own Users on GitHub

How to Determine the Severity of a Third-Party Risk with Software Composition Analysis (SCA)

SBOM For Your Software Supply Chain: Added Visibility or Security Risk?

How to ensure you don’t have Sourcegraph secrets in source code

How to ensure your third-party software packages are reputable

How to prioritize your backlog of hardcoded secrets

Why Secret Scanning Visibility Should Be Free & Understanding Where There is Value

Detecting & Preventing Source Code Exfiltration

Should I Manage Code in a Single Organization or Multiple Organizations?

The Criticality of Context for Addressing Software Supply Chain Risk

What Developers Can Learn from Taylor Swift's Re-recording Strategy

Best Practices for Source Code Secret Detection

How insurance tech companies are leading the way on Application Security

Trying to identify spoofing in GitHub? May the 4th be with you!

How We Converted a GitHub Tool Into a General Purpose Webhook Proxy to Supercharge Our Integration Development

Adopting Pipelineless Security Solutions for Modern AppSec Programs

Defending Against Source Code Exfiltration, Fast and Slow

Importance of EPSS for Vulnerability Management

What is a Software Bill of Materials (SBOM)?

Harnessing the Power of Secure Coding Practices for Effective CI/CD Security

Best Practices for a Secure Development Environment

Managing Azure DevOps Access Levels & Permissions

Security to-do lists slow you down, security tools need to fix the problems they find

Leveraging Developer Security Skills to Fortify your Security Team

What is Pipelineless Security?

Choosing GitHub Runners vs Self-Hosted Runners

What to Consider Before Enforcing Multi-Factor Authentication (MFA) on GitHub

Trouble Keeping Track of Your Keys? So Does Toyota: Lessons Learned from a Key Management Breach

Hardening Your Software Development Environment: A Beginner's Guide

Four takeaways from the NSA's software supply chain security recommendations

Analyzing LastPass' Recent Security Incident Notification

Demystifying the Pl0x GitHub attack

GitHub CODEOWNERS: A Developer’s Code Review Guide

Protecting Stale Code Repositories on GitHub: Essential Security Measures

Hacking Upstream: Finding a 0-Day in an OpenSSH Key Parser Library

GitGoat: An Open Source Project of Intentionally (Riskless) Misconfigured GitHub Organizations

Tracing the Impact of a Clothing Retailer's Software Supply Chain Breach on Your Production Environment

The Importance of Free Secret Detection, Even for Private Repositories

Github OAuth Apps Security: How to protect yourself against GitHub/OAuth Apps Supply Chain Attacks

How to Survive a State Actor's Attempt to Put a Backdoor in Your Code

Application Security vs. Software Supply Chain Security: What's the Difference?

How Top Open Source Projects Protect Their Code: Insights and Best Practices

Afraid of your source code leaking? I can tell by the Twitch in your eye…!

Hacking Hacker News: Lessons Learned from a Security Researcher Wearing A Growth Hat

Protecting Your Business from Supply Chain Attacks: Expert Q&A

Developers Extension Security Team: A New Approach to Ensuring Secure Code

How to Reduce Code Risk Using Pipelineless Security

Best Secure software development solutions: our top picks

Interview with Nir Veltman – Arnica

Securing the Modern Software Supply Chain

Arnica raises $7M to improve software supply chain security

Arnica raises $7 million to secure software supply chain

Atlanta startup Arnica raises $7M as it enters growing cybersecurity market

How Arnica’s tool keeps supply chain and developers flowing by repelling attacks

With $7M in funding, Arnica is using behavioral analytics to spot hackers posing as developers

Arnica raises $7M to secure software supply chains with behavior-based threat detection and least-privilege enablement

Arnica Raises $7 Million to Protect Software Developers, Code

Interview with Nir Valtman, CEO and Founder of Arnica

Enhancing the Security of the Software Supply Chain through Secure Software Development Practices

Biden issues Executive Order to strengthen nation’s cybersecurity networks

Cybersecurity 101: Protect your privacy from hackers, spies, and the government