BestHub
Sign in
Tagged articles
4 articles
Page 1 of 1
DevOps Coach
DevOps Coach
Oct 9, 2025 · Information Security

How to Harden GitHub Actions: Proven Security Practices for Safer CI/CD

This guide explains why GitHub Actions need protection, reviews core concepts, and provides step‑by‑step hardening measures—including read‑only token defaults, trusted action sources, branch‑protection rules, secret management, explicit permissions, SHA pinning, and runner security—to keep CI/CD pipelines safe from real‑world attacks.

CI/CD securityDevOpsGitHub Actions
0 likes · 10 min read
How to Harden GitHub Actions: Proven Security Practices for Safer CI/CD
DevOps Cloud Academy
DevOps Cloud Academy
Sep 27, 2022 · Information Security

Securing Version Control Systems and CI/CD Pipelines in the Software Supply Chain

The article explains how vulnerabilities in version control systems and CI/CD pipelines can expose the software supply chain to attacks and provides best‑practice recommendations for hardening VCS configurations, branch protection, least‑privilege access, secure testing environments, and credential management.

CI/CD securityVCS securityinformation security
0 likes · 9 min read
Securing Version Control Systems and CI/CD Pipelines in the Software Supply Chain
Programmer DD
Programmer DD
Apr 22, 2021 · Information Security

How Hackers Hijack GitHub Actions to Run Free Crypto Mining

Hackers exploit GitHub Actions by submitting malicious pull requests that add hidden workflows, downloading and executing crypto‑mining binaries on GitHub’s free servers, a technique that has spread to other CI platforms and poses a persistent security challenge.

CI/CD securityContainer SecurityGitHub Actions
0 likes · 9 min read
How Hackers Hijack GitHub Actions to Run Free Crypto Mining
dbaplus Community
dbaplus Community
Sep 12, 2018 · Operations

Mastering Enterprise Ops Security: Habits, Architecture, and Incident Response

This article presents a comprehensive guide to operational security, covering essential habits, a layered technical architecture, access‑control strategies, CI/CD safeguards, DDoS mitigation, data protection, incident‑response procedures, and collaboration with IT, security, and network teams.

CI/CD securityDDoS DefenseData Protection
0 likes · 20 min read
Mastering Enterprise Ops Security: Habits, Architecture, and Incident Response