|
|
|
|
|
|
by pixl97
25 days ago
|
|
|
> but I still think that restricting outbound requests is a good measure It is 100% necessary, but doesn't stop most attacks quick enough. If you're posting to github.com/acmecompany then attackers love to do things like add their own user github.com/acemcompany and just upload your data to that. Generally it doesn't last very long, but with CI/CD they can get thousands of keys in a minute and be gone seconds later. |
|
|