Rob Bos
@RobBos81
Followers
732
Following
45K
Media
686
Statuses
9K
Archived this account. Please find me somewhere else through my blog👇, @[email protected] or LinkedIn: https://t.co/kGtTzzCIWf
Den Bosch, NL
Joined January 2010
I have archived this account after the new management changes that are very unpleasant. Please find me somewhere else through my blog👇, @Rob_Bos@mstdn.social or LinkedIn:
nl.linkedin.com
Giving teams the opportunity to grow and deliver value, by bringing down hurdles and… · Ervaring: Linkedin Learning · Opleiding: Hogeschool Zuyd (Maastricht, Heerlen, Sittard) · Locatie: Eindhoven ·...
0
0
1
Very insightful post on attacking Source Control Management systems (SCM)!.
medium.com
This article is part of a multi-part series about the security of the software supply chain. We will be analyzing in depth each component…
0
0
0
The GitHub Silverware Drawer Dilemma, Or: Finding Active Repository Forks | Hackaday
hackaday.com
An fortunate reality of GitHub and similar sites is that projects that are abandoned by the maintainer are often continued by someone else who forked the project. Unfortunately, the ease of forking…
0
0
0
Devs urged to rotate secrets after CircleCI suffers security breach | The Daily Swig
portswigger.net
DevOps platform advises customers to revoke API tokens
0
0
1
10 software supply chain attacks you can learn from
www.reversinglabs.com
Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks.Â
0
0
1
My best viewed blogposts created in 2022: Number 1 Explaining the different types of GitHub Access Tokens you can use to get access to GitHub.
0
0
0
My top blogposts created in 2022: Number 2 Only created in August, but now my best viewed post on a monthly basis! Six reasons of why you workflow did not start and how to check them!.
0
0
0
My top blogposts created in 2022: Number 3 About a much asked for approach to cleanup the notifications on GitHub.
0
0
0
My top blogposts created in 2022: Number 4 About scanning the entire! GitHub Actions Marketplace for security issues in their dependencies!.
0
0
0
My top blogposts created in 2022: Number 5 . About detecting usage of the camera in Windows and triggering my Home Automation setup for that!.
0
0
0
My top blogposts created in 2022: Number 6: . My take on how I create a GitHub Action and where I start.
0
0
1
My top blogposts created in 2022: Number 7: Configuration as Code for the GitHub platform. There are lots of posts talking about this, but few with an actual implementation. I create one for inviting users and creating repos for them. Read it here: .
0
0
1
Finding the next Log4j – OpenSSF’s Brian Behlendorf on pivoting to a ‘risk-centred view’ of open source development.
portswigger.net
Apache pioneer says ‘use at your own risk’ model no longer tenable as OpenSSF ramps up end user engagement
0
0
0
So. I have enabled actionlint on 3 repos today, and fixed 2 workflows that had vulnerabilities or errors in them. And I am educating people on using GitHub Actions in a safe way for a couple of years now! . ActionLint: . #BeSaferPeople #DevOps #GitHub
0
0
1
New blogpost! Adding the OSSF scorecard action to your repository: .. This can help you improve the security in your repository, with actionable alerts (and super easy fixes for some!).
0
0
0
.NET 7 Networking Improvements
devblogs.microsoft.com
Introducing new networking features in .NET 7 including HTTP space, new QUIC APIs, security, WebSockets, and more!
0
0
1
These numbers are scary! (On the other hand: I will always have a job!). Culture a Stumbling Block to DevOps, DevSecOps
0
0
0
Dependabot now supports security updates for Dart and Flutter apps that use Pub packages
github.blog
Dependabot security updates now supports the Pub ecosystem, making it easier for you to fix vulnerable dependencies in your Dart or Flutter apps. With security updates enabled, Dependabot will...
0
1
2