Contact

Cider Blog

Our Thoughts and Insights on Application Security

How we Abused Repository Webhooks to Access Internal CI Systems at Scale

Sep 20, 2022 16 mins read
Huge thanks to Yaron Avital, Tyler Welton and Daniel Krivelevich for their contribution to this research. Intro As adoption of CI systems and processes becomes more...
Omer Gil @omer_gil
Asi Greenholts @TupleType
Bypassing required reviews using GitHub Actions
Oct 12, 2021 7 mins read
A newly discovered security flaw in GitHub allows leveraging GitHub Actions to bypass the required reviews mec...
Omer Gil @omer_gil
Cider Security has been acquired by Palo Alto Networks
Read more >
2022 Cider Security Ltd. All rights reserved.