Despite decades of use, certificates tend to be a mystery to most developers. At their root, they are largely more than a collection of name-value pairs and a public key. The majority of people that work with certificates regularly often run into situations where they need to understand the details of how they work. In this post, we’ll dive into the basics and learn what’s in these files.

GitHub Actions Workflows can provide a great abstraction layer for creating or orchestrating build and release processes. Since we’re running code – in some cases, from third-parties – it’s important to understand how to secure the environment from malicious Actions. This is where permissions can help.

If you can code it, someone will find a way to exploit it ( accidentally or intentionally). Anytime development efforts are involved, it’s important to minimize security risks and bugs. This is also true with GitHub Actions, which allows you to script advanced automation solutions. Because of this, it’s important to understand where injection can occur and how to avoid it.

GitHub has a lot of options for verified domains. Have you ever wondered what they all do, when to use them, and how they help keep your brand secure? Then today’s topic is for you!

You’re working in a development container. You need access to a port on the host for a proxy SSH connection to a Git server. Sounds tough, right? Turns out it’s simple.

If you need to connect to multiple Git hosts or environments (like EMU and GHEC) with minimal effort, then SSH may provide the options you need to make it painless.

You might be less secure than you think! In a crowded market of security tools, developers are being sold a dream that quickly turns into a nightmare.

Trying to understand the options for signing Git commits? Explore the options available for cryptographic signatures and their tradeoffs in today’s post.

Continuing with our exploration of macOS notarization, today we’ll explore how to sign and notarize .NET console applications. Along the way, I’ll also show you the secret to making universal (“fat”) binaries for your application.