-
How to secure your GitHub Actions workflows with CodeQL
In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours. The post How to secure your GitHub Actions workflows with CodeQL appeared first on The GitHub Blog. In the…
-
GitLab supports banks in navigating regulatory challenges
The risk of cyber attacks in the banking industry has reached unprecedented levels. Studies by the International Monetary Fund reveal that the financial sector is particularly vulnerable to cyber threats, with nearly one-fifth of reported incidents in the past two decades targeting this industry alone. As these threats continue to escalate, they drive the need…
-
Data Cleaning in Data Science
In this Data Science blog post series, we’ve talked about where to get data from and how to explore that data using pandas, but whilst that data is excellent for learning, it’s not similar to what we will term real-world data. Data for learning has often already been cleaned and curated to allow you to…
-
Building LATAM’s future tech workforce with AI
Git Commit 2024 and our new AI course in Spanish The post Building LATAM’s future tech workforce with AI appeared first on The GitHub Blog. Read this post in Spanish Estamos emocionados de celebrar el tercer año de Git Commit, nuestro programa anual dedicado a cerrar la brecha de habilidades tecnológicas y empoderar a estudiantes…
-
Reduce supply chain risk with smarter vulnerability prioritization
Application Security teams face a constant uphill battle in risk reduction due to the ever-growing number of vulnerabilities. This year alone, 36,000 Common Vulnerabilities and Exposures (CVEs) have been reported — a 25% increase from last year. The sharp rise intensifies the challenge of prioritization in vulnerability management, especially for lean AppSec teams. To help,…
-
Streamline the path to CMMC Level 2 compliance with GitLab
The Cybersecurity Maturity Model Certification (CMMC) Program is a framework developed by the U.S. Department of Defense (DoD) to enforce cybersecurity requirements and protect sensitive unclassified information shared by the DoD with contractors and subcontractors. With the release of the CMMC final rule, DoD contractors can begin to assess and align their controls and processes…
-
Rider 2025.1 Roadmap
The start of the new year is the perfect time to share our plans for JetBrains Rider 2025.1. These plans are subject to change based on available resources, evolving development priorities, and shifts in the .NET landscape. Some features and improvements may be postponed to a later release date. With that in mind, let’s dive…
-
Java Annotated Monthly – January 2025
The new year has arrived, and we’re kicking it off with another handpicked selection of must-read tutorials and the latest news you won’t want to miss. This issue starts with an amazing featured content section with Donald Raab. Settle in and scroll your way to some fresh knowledge! Featured Content Greetings, Java Annotated Monthly readers!…
-
GitLab’s 2024 bug bounty year in review
It’s that time again when everyone reflects on the year that just passed, and the Application Security team at GitLab is no different. We run the bug bounty program at GitLab, and every year we summarize our stats for those who are curious. We wouldn’t be where we are without the collaboration of our bug…