Tag
cache-security
Safeguard articles tagged "cache-security" — guides, analysis, and best practices for software supply chain and application security.
2 articles
Concepts
What is a Build Cache Poisoning Attack
Build cache poisoning plants malicious entries in a shared CI cache so trusted builds unknowingly consume attacker-controlled artifacts. Here's the mechanics and the fixes.
Jul 14, 20256 min read
Container Security
BuildKit Cache Security Considerations for Container Builds
BuildKit's caching is what makes container builds fast. It is also a potential vector for cache poisoning attacks if not properly secured.
Apr 12, 20245 min read