Michael S.

GitGoat is an open source tool built to enable DevOps and Engineering teams to design and implement a sustainable misconfiguration prevention strategy. It can be used to test products with access to GitHub repos without a risk to your production data.

Software supply chain attacks have caught the security community off-guard. Arnica, starting with GitHub & Azure DevOps, addresses the two primary root causes:
1) 🪄 excessive permissions to developer tools
2) 🥸 lack of abnormal behavior detection