Software supply chain attacks surprise us every time!

Based on the research we conducted for all software supply chain attacks since 2018, the repetitive root causes were either improper access management to developer tools, or inability to detect abnormal identity or code behavior.
Problems can be found all over, but how do we solve them in a way that reduces the operational cost and solves a wide problem space?! You need an easy-button solution, which is why Arnica exists.

Solution

Arnica identifies the excessive permissions in GitHub and provides an easy and safe mitigation functionality to reduce them (any action can be reverted), while supplementing it with a self-service access management functionality for your developers via Slack. Arnica is currently working on identifying the abnormal behavior within GitHub, so stay tuned.