Microsoft

Guidance for detecting, investigating, and defending against the Trivy supply chain compromise

Threat actors abused trusted Trivy distribution channels to inject credential‑stealing malware into CI/CD pipelines worldwide ...
NetEye Blog

Rethinking Authentication and Authorization in a Multi-Component Platform with OIDC

A more scalable approach is to decouple authorization from identity. Instead of embedding all role logic inside Keycloak, we ...