Arnica.io

08/25/2023

Check out the latest from Application Security leaders around the world!

Check this out! Listen now on .

08/22/2023

Episode 2 of is live! Check out the episode for VP of Security Engineering Mark Stanislav's take on why and are on a collision course.

https://open.spotify.com/episode/6JS1PxL3N0TdryKXp6Mciz?si=f422612284e74599Episode

08/22/2023

For decades, security and engineering seemed to be at odds. FullStory's VP of Security Engineering & GRC Mark Stanislav believes can learn from to empower and be partners to developers!

🌱

01/11/2023

Managing permissions in Microsoft Azure DevOps can be complex but understanding granular permissions and applying them correctly is critical to an effective posture.

Read the latest blog from Arnica.io CTO, Eran Medan on how to nail Azure permissions management.

http://www.arnica.io/blog/managing-granular-permissions-in-azure-devops?utm_source=facebook&utm_medium=direct&utm_campaign=blog&utm_content=managing-granular-permissions-in-azure-devops

11/15/2022

🚨 New feature alert: Secret detection & mitigation! 🚨

Arnica's secret detection solution locates and validates secrets when they are pushed to your code repositories and provides automated mitigation actions that mask the secret within the code. Arnica erases any history of the secret within your code repository.

👇Check out our feature announcement below👇

Arnica locates and validates hardcoded secrets when they are pushed to code repositories providing added security for GitHub and Azure DevOps. Arnica also provides automated secret mitigation actions that mask any secret within your code. Arnica erases any history of the secret within your code repo...

11/07/2022

🚨 New feature alert: Anomaly detection! 🚨

At Arnica, our people are our greatest strength! But compromised credentials would represent a tremendous risk. That is why we are excited to announce our Anomaly Detection to ensure that any anomalous behavior from developers or the code they write is detected before code reaches production!

Check out our feature announcement!

Arnica monitors developer activity and new code commits within your source code management environment to impose anomaly detection at the time the committed code is pushed to GitHub or Azure DevOps. Arnica pushes a secondary form of authentication via Slack or Teams to prompt a review before code ev...

11/03/2022

🚨New feature alert: Dynamic permissions management!🚨

Developer permissions management has been a burdensome, clunky process for too long. Automate toward least privilege access, while empowering developers to control their own access with Arnica's dynamic permissions management solution.

• Mitigate excessive permissions with 1-click
• Automate mitigation actions with Arnica policies
• Give developers the ability to manage their own permissions (within your policy boundaries) using Slack and Microsoft Teams

👇Check out our feature announcement here👇

Arnica enables DevOps teams to automate constant progress toward least-privilege for developer permissions security. Using Arnica's continuous permissions management solution, developers have the ability to gain permissions to code repositories automatically based on Arnica policies when they need t...

11/01/2022

Everything Arnica.io does is aimed at making our customers' lives better. That's why we are excited to share our recent customer story with Lemonade where Arnica was able to:

🤹Dramatically improve permissions management
✨Facilitate frictionless permissions approvals
👮Make compliance adherence & reporting easy
💆‍♀️Keep developers happy

👇Check out our case study below👇

10/25/2022

We are excited to announce the official launch of the Arnica product along with $7M in seed-funding from our stellar VCs Joule Ventures and First Rays Venture Partners.

https://venturebeat.com/security/how-arnicas-tool-keeps-supply-chain-and-developers-flowing-by-repelling-attacks/

Arnica's new tool leverages machine learning (ML) and graph-based behavioral analysis to help protect against supply chain attacks without disrupting developer flow or productivity.

10/20/2022

🚨 New feature alert: 1-Click Risk Mitigations! 🚨

At Arnica.io we are committed to fixing what we find! That is why we have released 1-click mitigations for every risk we identify across the . 1-Click too many? You can also automate your mitigation policies!

Check out our feature announcement!

Security products that provide visibility are capped in their value. When identifying software supply chain security risks within your development ecosystem – source code management, CI/CD, GitHub, Azure DevOps – Arnica provides one-click mitigation actions for code security and developer securi...

10/19/2022

Multi-factor authentication (MFA) is becoming a standard across industries. Implementing GitHub MFA is a great way to reduce security risk within GitHub and your source code. But there are some important considerations and limitations to understand in order to ensure a smooth, non-disruptive adoption of this security best practice.

👇Check out our latest blog! 👇

Multi-factor authentication (MFA) is becoming an industry standard and security best practice. Implementing GitHub MFA is a great way to reduce security risk in GitHub and improve code security. Before you implement GitHub MFA, there are some important considerations and limitations to understand in...

10/12/2022

On Monday, Toyota disclosed a data leak caused by exposed access keys on GitHub. Basic controls can provide high security value for low effort, but these controls were not implemented in this instance. Our latest blog details quick wins toward securing your development ecosystem.

Toyota disclosed a data leak caused by exposed access keys on GitHub. The lessons learned are that basic controls that provide high value for low effort were not implemented. This blog post will share quick wins toward the goal of securing your development ecosystem.