Remember: any github action or user with write access to your repo, effectively has read access to all secrets configured in your repo
Pinned Tweet
Follow
Joseph Katsioloudes
@jkcso
Iโm passionate about 2 things: #cybersecurity and #opensource. I combine them at by empowering every developer in the world ship secure software.
linkedin.com/in/jkcso/Joined August 2021
Joseph Katsioloudesโs Tweets
My first day in FuzZinG Business School
2
This Wednesday, we are at in Oslo, Norway! Join to discover Security as Code (SaC) and the latest initiatives we pursue to secure open source.
4
13
Take your test pilot for a spin: GitHub Copilot Labs now comes with a test generator, that creates and refines tests!
GIF
65
755
3,739
I was grinding all year long to have my GitHub profile ready for Christmas ๐๐๐๐๐
๐คฃ great idea
68
224
2,439
๐ CoPilot for CodeQL queries to find security bugs!
0:58
2K views
2
12
41
very excited that the #CVE program republished my article aiming to debunk common myths surrounding CVE assignment! ๐ CVEs aren't a bad thing so let's stop treating them like they are! #OSS #infosec
cve.org/Media/News/ite
10
16
Instead of the classic โare you arab?โ Iโve just been asked โis saudi arabia playing today?โ โฝ๏ธ๐
1
NEW Security Feature:
๐ PRIVATE VULNERABILITY REPORTING ๐
0:57
6.6K views
7
42
127
Show this thread
Love this free feature from - a 3-letter alias & randomly generated email addresses. Handy for registering at places with $0 security budget ๐ฅ
2
Let's continue with our next expert speaker - Joseph Katsioloudes. Enjoy his talk "Security as Code: A DevSecOps Approach"! #OSMC
1
6
Donโt let security be like Jenga ๐
1
3
22
Mastering cybersecurity is knowing you'll always be a student of cybersecurity.
22
99
562
Why do conferences be asking for the slide deck weeks in advance and need me to use their theme? Iโm gonna make it two days before with my own designs and itโs gonna be bomb donโt worry.
Youโre stripping me of my chaotic, creative process.
22
19
205
Show this thread
1
11
I love how the word โmalformedโ is used instead of โspecially craftedโ when exploiting a DoS bug. Unless โmalformedโ is a synthetic word composed from โmaliciouslyโ and โformedโ ๐
2
4
In every audience there are people who smile back โค๏ธ
1
1
7
Similar to vulnerabilities introduced by technical debt ๐
Quote Tweet
Squirrels fail to recover up to 74% of the nuts that they bury, unintentionally planting new trees in the process. 
2
I've been using GitHub CoPilot for a few days now.
I've been in software nearly 2 decades and I'm trying to remember the last time something felt this magical.
I'm googling a lot less because it just figures out what I want. Super impressed.
If you've been ignoring it, stop.
26
29
248
๐
Quote Tweet
Seen at my kidโs school last night. Two PowerMac G5โs as a bench. I donโt know whether to laugh, cry, steal it, or copy itโฆ
1
5
30 cybersecurity search engines for researchers:
1. DehashedโView leaked credentials.
2. SecurityTrailsโExtensive DNS data.
3. DorkSearchโReally fast Google dorking.
4. ExploitDBโArchive of various exploits.
5. ZoomEyeโGather information about targets.
152
1,606
6,157
Show this thread
The single most expensive phrase in software engineering:
"Maybe we should just build it ourselves instead?"
263
1,214
9,562
Most companies are not Uber this morning as a matter of luck, not skill.
This could easily have been ~90% of organizations.
Donโt point and laugh. It could be you next time, and it might be already.
71
438
2,179
on stage, delivering the 101 on how to use CodeQL to identify vulnerabilities.
CodeQL curious?
Check out the info in the slide below:
2
4
34
Show this thread
Quote Tweet
After a short break we'll be back with โSecure your code like NASA with Security as Code (SaC)โ by Joseph Katsioloudes. See you at 10:15 (GMT+2)!
Abstract: sec-t.org/talks/#Joseph-
Live stream: youtu.be/wrOpBQcCvAY sec-t.org/talks/#Joseph-
1
2
Such a pleasure to (finally!) meet in Stockholm ๐ธ๐ช for . Despite both presenting sessions on #CodeQL, the use cases and content is different (which again shows how versatile CodeQL is), adding great value to anyone attending!
8
MOM!!!!
IM NOT PLAYING FORTNITE!!!!! IM CLOSING GITHUB PRs.
101
1,108
10K
Show this thread
๐ฟ๐ฟ๐ฟ watching some debate over my accent ๐คฆ๐ปโโ๏ธ
2
2
Deeply in love with Cyclades ๐ฌ๐ท๐
1
6
OSINT Challenge: Where in Greece is this? ๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท
1
2
One and Only ๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท๐ฌ๐ท
5
