# AppSec Newsletter 0027

### Links

* \[artigo\] [Opening Pandora’s box - Supply Chain Insider Threats in Open Source projects](https://boostsecurity.io/blog/opening-pandora-box-supply-chain-insider-threats-in-oss-projects)
    
* \[artigo\] [Docker Security – Step-by-Step Hardening (Docker Hardening)](https://reynardsec.com/en/docker-platform-security-step-by-step-hardening/) (um dos guias mais completos que já vi)
    
* \[ferramenta\] [Secret scanning AI-generated custom patterns (public beta) by Github](https://github.blog/changelog/2024-03-12-secret-scanning-ai-generated-custom-patterns-public-beta/)
    
* \[processo\] [CISA Secure Software Development Attestation Form](https://www.cisa.gov/resources-tools/resources/secure-software-development-attestation-form)
    
* \[repositório\] [Awesome Product Security](https://github.com/dagheyman/awesome-product-security)
    
* \[IA\] [Cloudflare announces Firewall for AI](https://blog.cloudflare.com/firewall-for-ai)
    

### Vagas

* [Hakai | Engenheiro de AppSec/DevSecOps (PL e SR)](https://www.linkedin.com/jobs/view/3851541724/?refId=Yoi1A0lMkiheFHjrXWhUaA%3D%3D&trackingId=Yoi1A0lMkiheFHjrXWhUaA%3D%3D)
    
* [Luxoft | Application Security Specialist](https://www.linkedin.com/jobs/view/3844611264/?eBP=CwEAAAGOTP22PFlUl8e1O0Pamw-_bMEo2wL-S1PcfamTkQCHkm6C6crROiwvIcVbQpjdLNWaLfnibkakmTHmYPB9Gqyl26DL-1QTtz-UDd0XV2cSuY_2Icgr1T9EjBSvp_6rxtqAx5Z8mNbYqLgLSPAkREexCK4KV3L2B38dSoqerArN-Wv-5EZCEGQ1PBCZgDJFjM7UpFjE0R49uvCQktNcZN5fDqEbfdtOZLHHTQACj7QV4WR2vXfrLqZJ7zUSnhZg75LPLbaMrc2GZtHhIVTIn-Ozf5sNiF-JvdKQZt-J_8NVIZfIeEVVF_xTLx8GCH-kIdMpaMO9bbwbUiVCpXo5AYE0wOQO0__84L2qrXgLFyroT5tC7BFcynYNWLRfhaItXgWE16aEjvKMEIEhUXxeq2CBfZxHzw&refId=84%2Bo2Jdg%2BV3j%2BLw%2FLPFtjw%3D%3D&trackingId=L1IVJCm7IlzIv0swj3eBNw%3D%3D&trk=flagship3_search_srp_jobs)
    
* [Stefanini | DevSecOps Pl](https://www.linkedin.com/jobs/view/3830995085/?eBP=CwEAAAGOTP2xfRpLNXl6RaRW5_bkCL7eX5r3Rg33v0dsOth_kg03c1r8ff4taMCJnmGRt6QLiLiT1emAweyXdUi-rlRqRmZjJNOhuDAyTFBuUMdX19S664l1oCsS9h7IAfQPWOaElrf4phO0al-5_k3mRLyLigEnmybidtQP6Qkq9D2SskupNcCXMEjXVK483gT_0lR-x3NScgKuOWu8VD10MPRaNF0_JAE0F24RX-cLrazX0AMjzYnJis3ZlcCUiE5yifNRZ6mM7DXBkzmiduyObTMcpUn7RxyGGGSXM-hFAkSHl6kyZRu5VIn6_5ahBpC4k9XByvNIdBiooJqnRO3uEDU8l1pD5nTaAgfvMai4qxcD5e-MjYBNw2OoJa2SZrtJuCzNKFlAWpIcbagm3QpU-Q&refId=q87g%2BeyRvydy0Qs7mU3taQ%3D%3D&trackingId=w0mwXWF0dJU%2FwgUHx2yBzw%3D%3D&trk=flagship3_search_srp_jobs)
    

### **Siga o Guia de AppSec nas redes!**

* Youtube: [**youtube.com/@GuiadeAppSec**](http://youtube.com/@GuiadeAppSec)
    
* Twitter / X: [**twitter.com/guiadeappsec**](http://twitter.com/guiadeappsec)
    
* Site: [**guiadeappsec.com.br**](http://guiadeappsec.com.br/)
