Andreas Bucksteeg
Andreas Bucksteeg
**Is your feature request related to a problem? Please describe.** **Describe the solution you'd like** All scanners used in our `cve-scan` GHA workflow support sarif format and therefore can be...
### What problem are you facing? We cant to switch from Pulumi to Crossplane for managing our infrastructure. So far we can switch fully as not all needed resources are...
**Ory Network - Pentest 2023-Q4 finding** For many of the flows, the Kratos server itself makes calls to a Kratos REST API. This aids the horizontal scaling aspect of the...
**Ory Network - Pentest 2023-Q4 finding** During the initial scan of the Kratos identity server repository with `semgrep`, one of the findings was a lack of specification towards a minimum...
### Preflight checklist - [X] I could not find a solution in the existing issues, docs, nor discussions. - [X] I agree to follow this project's [Code of Conduct](https://github.com/ory/kratos/blob/master/CODE_OF_CONDUCT.md). -...
## Related Issue or Design Document ## Checklist - [ ] I have read the [contributing guidelines](../blob/master/CONTRIBUTING.md) and signed the CLA. - [ ] I have referenced an issue containing...
To protect against Clickjacking Attacks, it is best practice to: - Preventing the browser from loading the page in frame using the [X-Frame-Options](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) or [Content Security Policy (frame-ancestors)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/frame-ancestors) HTTP headers....
This pull request includes several updates to the `.github/workflows/cve-scan.yaml` file to enhance the security scanning process and update dependencies. ### Workflow Enhancements: * Added `workflow_dispatch` to allow manual triggering of...