Analyzing the public GitHub Actions Marketplace – some concerning security results!

18 Sep, 2022
Xebia Background Header Wave

At the last innovation day Rob started to analyze the GitHub Actions Marketplace for the setup of the actions, type of actions, as well as analyzing the dependencies of these actions. The results are interesting, but also cause for some concern about the security of this ecosystem. As an industry, we need to improve on our security setups and standards.

Read more information in this post.

Rob Bos
Rob has a strong focus on ALM and DevOps, automating manual tasks and helping teams deliver value to the end-user faster, using DevOps techniques. This is applied on anything Rob comes across, whether it’s an application, infrastructure, serverless or training environments. Additionally, Rob focuses on the management of production environments, including dashboarding, usage statistics for product owners and stakeholders, but also as part of the feedback loop to the developers. A lot of focus goes to GitHub and GitHub Actions, improving the security of applications and DevOps pipelines. Rob is a Trainer (Azure + GitHub), a Microsoft MVP and a LinkedIn Learning Instructor.

Get in touch with us to learn more about the subject and related solutions

Explore related posts