![パスキーとは何か、そしてその課題](https://cdn-ak-scissors.b.st-hatena.com/image/square/e36897f184ffc64c98d89e14ed819d7208c6e9d4/height=288;version=1;width=512/https%3A%2F%2Fblog.agektmr.com%2Fimages%2F2022%2Fkeys.jpg)
Open SourceSecurityGit security vulnerabilities announcedGit users are encouraged to upgrade to the latest version, especially if they use `git archive`, work in untrusted repositories, or use Git GUI on Windows. Today, the Git project released new versions to address a pair of security vulnerabilities, CVE-2022-41903, and CVE-2022-23521, that affect versions 2.39 and older. Git for Windows was al
AWS Security Blog You can now assign multiple MFA devices in IAM At Amazon Web Services (AWS), security is our top priority, and configuring multi-factor authentication (MFA) on accounts is an important step in securing your organization. Now, you can add multiple MFA devices to AWS account root users and AWS Identity and Access Management (IAM) users in your AWS accounts. This helps you to raise
ProductSecurityHow to secure your end-to-end supply chain on GitHubSecuring your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We've seen bad actors expand their focus to taking over user… Securing your projects is no easy task, but end-to-end supply chain security is more top of mind than ever. We’ve seen bad actors expand their focus to taking over
ProductSecuritySecure your GitHub account with GitHub Mobile 2FAGitHub continues to improve account security and developer experience with a new 2FA mechanism in GitHub Mobile on iOS and Android. GitHub is committed to keeping our platform secure and enabling developers to secure their accounts. One way we’re doing that is by helping more developers adopt two-factor authentication (2FA) for their
Open SourceSecurityReducing security risk in open source software with GitHub Actions and OpenSSF Scorecards V4We’re excited to announce the V4 release of the OpenSSF’s Scorecard project in partnership with Google. GitHub is committed to helping secure the future of open source security, and it is why we continue to partner with our industry peers through the Open Source Security Foundation (OpenS
ProductSecuritySafeguard your containers with new container signing capability in GitHub ActionsGitHub has partnered with the OpenSSF and Project Sigstore to add container image signing to our default “Publish Docker Container” workflow. As developers have leaned into cloud native projects for scale and maintainability, the popularity of containers has exploded. With 92% of organizations leveragin
Open SourceSecurityEnrolling all npm publishers in enhanced login verification and next steps for two-factor authentication enforcementToday we're introducing enhanced login verification to the npm registry, and we will begin a staged rollout to maintainers beginning Dec 7. Three weeks ago, we provided an update on our commitment to npm ecosystem security. We promised to provide more details on th
.app 1 .dev 1 #11WeeksOfAndroid 13 #11WeeksOfAndroid Android TV 1 #Android11 3 #DevFest16 1 #DevFest17 1 #DevFest18 1 #DevFest19 1 #DevFest20 1 #DevFest21 1 #DevFest22 1 #DevFest23 1 #hack4jp 3 11 weeks of Android 2 A MESSAGE FROM OUR CEO 1 A/B Testing 1 A4A 4 Accelerator 6 Accessibility 1 accuracy 1 Actions on Google 16 Activation Atlas 1 address validation API 1 Addy Osmani 1 ADK 2 AdMob 32 Ads
Open SourceSecurityGitHub’s commitment to npm ecosystem securityWe're sharing details of recent incidents on the npm registry, our investigations, and how we’re continuing to invest in the security of npm. The npm registry is central to all JavaScript development, and, as stewards of the registry, ensuring its security is a responsibility GitHub takes seriously. Transparency is key in maintaining
ProductSecurityImproving Git protocol security on GitHubWe’re changing which keys are supported in SSH and removing unencrypted Git protocol. Only users connecting via SSH or git:// will be affected. If your Git remotes start with https://, nothing in this post will affect you. If you’re an SSH user, read on for the details and timeline. Hello from Git Systems, the team at GitHub that makes sure y
Keeping your GitHub Actions and workflows secure Part 3: How to trust your building blocks Jaroslav Lobacevski This post is the third and final in a series of posts about GitHub Actions security. Part 1, Part 2 In previous blog posts, we discussed possible mistakes and abuse patterns that could lead to the compromise of your GitHub repository. This time, I’ll discuss sometimes less obvious — whose
SecurityGitHub brings supply chain security features to the Go communityGitHub’s supply chain security features are now available for Go modules, which will help the Go community discover, report, and prevent security vulnerabilities. The global Go community embraced GitHub from the beginning—both as a place to collaborate on code and a place to publish packages—leading to Go becoming one of the t
Summary On April 1, 2021, the Codecov team was alerted to a security event involving our Bash Uploader. The threat actor specifically targeted the Codecov Bash Uploader and used it to deliver a malicious payload to all Codecov users utilizing the Bash Uploader, The Codecov GitHub Action, The Codecov CircleCI Orb, and the Codecov Bitrise Step (collectively, the “Bash Uploaders”). The team immediate
リリース、障害情報などのサービスのお知らせ
最新の人気エントリーの配信
処理を実行中です
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く