Cloud Native Security

DevOps

OpenAI Custom GPTs: What You Need to Worry About

The integration of OpenAI's Custom GPTs with personal data files and third-party APIs offers new opportunities for organizations looking for custom LLMs for a variety of needs. They also open the door to many significant security risks, particularly accidental leakage of sensitive data through uploaded files and API interactions. Additionally, external APIs can subtly change GPT's responses through prompt injections....

Data Security

Data Security Posture Management

DevOps

Research

Feb 15, 2024

By Ofir Balassiano and David Nir Orlovsky

Cloud Native Security

Cloud Native Application Protection Platform

Cloud Workload Protection Platform

Cloud Security Posture Management

Data Security Posture Management

Cloud Infrastructure Entitlement Management

DevSecOps

Partners

AppSec, CI/CD, DevOps, Research

The GitHub Actions Worm: Compromising GitHub Repositories Through the Actio...

Learn how a novel attack vector in GitHub Actions allows attackers to distribute malware across repositories using a technique that exploits the actio...

Sep 14, 2023

By Asi Greenholts

CI/CD, DevOps

Unpinnable Actions: How Malicious Code Can Sneak into Your GitHub Actions W...

In today’s post, we look at action pinning, one of the profound mitigations against supply chain attacks in the GitHub Actions ecosystem. It turns out, though, that action pinning...

Aug 30, 2023

By Yaron Avital