Analyzing the public GitHub Actions Marketplace – some concerning security results!

/ 18 Sep, 2022

At the last innovation day Rob started to analyze the GitHub Actions Marketplace for the setup of the actions, type of actions, as well as analyzing the dependencies of these actions. The results are interesting, but also cause for some concern about the security of this ecosystem. As an industry, we need to improve on our security setups and standards.

Read more information in this post.