{"id":933,"date":"2021-04-19T10:15:33","date_gmt":"2021-04-19T17:15:33","guid":{"rendered":"https:\/\/salesforcedevops.net\/?p=933"},"modified":"2021-05-31T09:04:34","modified_gmt":"2021-05-31T16:04:34","slug":"developers-targeted-again-in-codecov-hack","status":"publish","type":"post","link":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/","title":{"rendered":"Developers Targeted Again in Codecov Hack"},"content":{"rendered":"\n<p class=\"has-drop-cap wp-block-paragraph\"><a href=\"https:\/\/about.codecov.io\/\">Codecov<\/a>, a leading supplier of computer language testing services, announced an infiltration of their network by a malicious actor. As a result, thousands of copies of a script capable of exfiltrating Linux environment variables has been distributed to software vendors worldwide. To deal with the Codecov hack, the company says they have engaged a 3rd party security consultant and informed United States federal law enforcement as part of their remediation efforts.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">The Codecov hack is a software supply chain attack similar to <a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/04\/02\/the-solarwinds-hack-and-salesforce-devops\/\">SolarWinds<\/a>, but potentially wider in scope because the Codecov attack is at an earlier step in the supply chain than SolarWinds.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Codecov Hack News is Breaking<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Codecov issued <a href=\"https:\/\/about.codecov.io\/security-update\/\">this statement<\/a> today explaining how the malicious script works, and how to remove the script. The actors are going after environment variables, which are used as an ephemeral storage mechanism for devops scripting. A credential manager, for example, could retrieve keys needed to log onto AWS and then store them in an environment variable. Later on, a continuous integration pipeline utility will access that variable to log onto AWS and perform a function.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Other writers have additional takes:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><a href=\"https:\/\/www.theverge.com\/2021\/4\/18\/22390379\/federal-investigators-breach-software-codecov-solarwinds\">Federal investigators looking into breach at software code testing company Codecov<\/a> &#8211; The Verge<\/li><li><a href=\"https:\/\/www.reuters.com\/technology\/us-investigators-probing-breach-san-francisco-code-testing-company-firm-2021-04-16\/\">US investigators probing breach at code testing company Codecov &#8211; Reuters<\/a><\/li><li><a href=\"https:\/\/arstechnica.com\/gadgets\/2021\/04\/backdoored-developer-tool-that-stole-credentials-escaped-notice-for-3-months\/\">Backdoored developer tool that stole credentials escaped notice for 3 months<\/a> &#8211; Ars Technica<\/li><li><a href=\"https:\/\/gizmodo.com\/u-s-federal-investigators-are-reportedly-looking-into-1846707144\">U.S. Federal Investigators Are Reportedly Looking Into Codecov Security Breach, Undetected for Months<\/a> &#8211; Gizmodo<\/li><li><a href=\"https:\/\/www.techradar.com\/news\/codecov-breach-triggers-fears-of-another-solarwinds-scale-attack\">Codecov breach triggers fears of another SolarWinds-scale attack<\/a> &#8211; TechRadar<\/li><\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Environment Variables at Risk<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This hack goes at a key vulnerability in devops, which is poor credential management. The Codecov hack should encourage devops managers to look more closely at products like <a href=\"https:\/\/www.hashicorp.com\/products\/vault\">Vault from Hashicorp<\/a> for functions like key regeneration. Check out my earlier post, <a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/04\/09\/okta-goes-for-developer-security-with-starter-developer-edition\/\">Okta Goes For Developer Security with Starter Developer Edition<\/a>, for details on another vendor&#8217;s solution to credential management.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">For impacted Codecov customers, a key remediation step will be to replace all of the credentials involved in running a CI\/CD pipeline. Using a credential management system may help managers to replace all of those keys with a script.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">But, We use Salesforce!<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">This is another warning shot to all organizations that use any kind of developer workstation in their software development pipeline. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">It doesn&#8217;t seem practical, or desirable, to contain a development pipeline completely within Salesforce. With the Codecov hack, devops managers now need to look at the array of tools available in their organization, and evaluate the tool&#8217;s supply chain risk. <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Software Supply Chain Risk<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Software supply chain risk has moved into the center stage of concerns for IT leaders, and there does not seem to be any easy answers on the horizon. For now, the devops software and services industry needs to step up and start proving they are using security techniques to protect against software supply chain risk.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"block-cf92440d-a18d-45f5-839d-1a9bd45f3334\">Vern&#8217;s Salesforce Devops Posts<\/h2>\n\n\n\n<ul class=\"wp-block-list\" id=\"block-4dea6362-0628-4e20-af56-e0558fddaab8\"><li><a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/04\/08\/use-the-salesforce-devops-segmentation-model-for-it-success\/\">Use the Salesforce Devops Segmentation Model for IT Success<\/a><\/li><li><a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/03\/10\/salesforce-devops-in-early-2021\/\">Salesforce Devops in Early 2021<\/a><\/li><li><a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/03\/21\/the-ways-of-the-salesforce-devops-build-or-buy\/\">The Ways of the Salesforce Devops: Build or Buy?<\/a><\/li><li><a href=\"https:\/\/origin.salesforcedevops.net\/index.php\/2021\/03\/18\/sfdx-cli-paves-the-way-for-open-source-salesforce-devops\/\">SFDX-CLI Paves The Way for Open-Source Salesforce Devops<\/a><\/li><\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Codecov, a leading supplier of computer language testing services, announced an infiltration of their network by a malicious actor. As a result, thousands of copies of a script capable of&hellip;<\/p>\n","protected":false},"author":1,"featured_media":951,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_uag_custom_page_level_css":"","footnotes":""},"categories":[6,4],"tags":[26,27,59],"post_series":[],"class_list":["post-933","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","category-industry-news","tag-devops-engineering","tag-devsecops","tag-security","entry","has-media"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v22.2 (Yoast SEO v22.2) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Developers Targeted Again in Codecov Hack - SalesforceDevops.net<\/title>\n<meta name=\"description\" content=\"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Developers Targeted Again in Codecov Hack - SalesforceDevops.net\" \/>\n<meta property=\"og:description\" content=\"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\" \/>\n<meta property=\"og:site_name\" content=\"SalesforceDevops.net\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/salesforcedevopsnet\" \/>\n<meta property=\"article:published_time\" content=\"2021-04-19T17:15:33+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-05-31T16:04:34+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Vernon Keenan\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@salesforcedevop\" \/>\n<meta name=\"twitter:site\" content=\"@salesforcedevop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Vernon Keenan\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\"},\"author\":{\"name\":\"Vernon Keenan\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/ac094823465a60be4f47d7321ed7ce04\"},\"headline\":\"Developers Targeted Again in Codecov Hack\",\"datePublished\":\"2021-04-19T17:15:33+00:00\",\"dateModified\":\"2021-05-31T16:04:34+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\"},\"wordCount\":522,\"commentCount\":4,\"publisher\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/#organization\"},\"image\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg\",\"keywords\":[\"Devops Engineering\",\"DevSecOps\",\"Security\"],\"articleSection\":[\"Cybersecurity\",\"Industry News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#respond\"]}],\"copyrightYear\":\"2021\",\"copyrightHolder\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/#organization\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\",\"url\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\",\"name\":\"Developers Targeted Again in Codecov Hack - SalesforceDevops.net\",\"isPartOf\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg\",\"datePublished\":\"2021-04-19T17:15:33+00:00\",\"dateModified\":\"2021-05-31T16:04:34+00:00\",\"description\":\"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage\",\"url\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg\",\"contentUrl\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg\",\"width\":1200,\"height\":628,\"caption\":\"Codecov logo\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#website\",\"url\":\"https:\/\/cms.salesforcedevops.net\/\",\"name\":\"SalesforceDevops.net\",\"description\":\"Elevating Salesforce Devops with Insights and Innovation\",\"publisher\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cms.salesforcedevops.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#organization\",\"name\":\"SalesforceDevops.net\",\"url\":\"https:\/\/cms.salesforcedevops.net\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/origin.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/logo-horiz-325.jpg\",\"contentUrl\":\"https:\/\/origin.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/logo-horiz-325.jpg\",\"width\":325,\"height\":101,\"caption\":\"SalesforceDevops.net\"},\"image\":{\"@id\":\"https:\/\/cms.salesforcedevops.net\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/salesforcedevopsnet\",\"https:\/\/twitter.com\/salesforcedevop\",\"https:\/\/www.linkedin.com\/in\/vernonkeenan\",\"https:\/\/www.youtube.com\/channel\/UCOgOn9rD5gyXSOmV7-Q0n7g\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/ac094823465a60be4f47d7321ed7ce04\",\"name\":\"Vernon Keenan\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/wphb-cache\/gravatar\/09b\/09bd30f3ca2e049fbd8b9313ef5a41aex96.jpg\",\"contentUrl\":\"https:\/\/cms.salesforcedevops.net\/wp-content\/wphb-cache\/gravatar\/09b\/09bd30f3ca2e049fbd8b9313ef5a41aex96.jpg\",\"caption\":\"Vernon Keenan\"},\"description\":\"Vernon Keenan (LinkedIn) works as a senior information technology industry consultant based in Oakland, California. He earned his B.Sc. in Biomedical Engineering at Northwestern University where he programmed a PDP-8 with punched paper tape. In his 34-year-long career he has been a teacher, SPSS programmer, database administrator, clinical researcher, technology journalist, product marketing manager, market researcher, management consultant, and industry analyst. Most recently he is a telecom operator, cloud architect, Go devops engineer and Salesforce Developer\/Architect. For inquiries about Salesforce strategy briefings or solution architect work please contact Vern directly at +1-510-679-1900 or vern@vernonkeenan.com.\",\"sameAs\":[\"https:\/\/ceres-gw.tnxs.net\",\"https:\/\/linkedin.com\/in\/vernonkeenan\",\"https:\/\/twitter.com\/salesforcedevop\"],\"url\":\"https:\/\/cms.salesforcedevops.net\/index.php\/author\/vern\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Developers Targeted Again in Codecov Hack - SalesforceDevops.net","description":"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/","og_locale":"en_US","og_type":"article","og_title":"Developers Targeted Again in Codecov Hack - SalesforceDevops.net","og_description":"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.","og_url":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/","og_site_name":"SalesforceDevops.net","article_publisher":"https:\/\/www.facebook.com\/salesforcedevopsnet","article_published_time":"2021-04-19T17:15:33+00:00","article_modified_time":"2021-05-31T16:04:34+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg","type":"image\/jpeg"}],"author":"Vernon Keenan","twitter_card":"summary_large_image","twitter_creator":"@salesforcedevop","twitter_site":"@salesforcedevop","twitter_misc":{"Written by":"Vernon Keenan","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#article","isPartOf":{"@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/"},"author":{"name":"Vernon Keenan","@id":"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/ac094823465a60be4f47d7321ed7ce04"},"headline":"Developers Targeted Again in Codecov Hack","datePublished":"2021-04-19T17:15:33+00:00","dateModified":"2021-05-31T16:04:34+00:00","mainEntityOfPage":{"@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/"},"wordCount":522,"commentCount":4,"publisher":{"@id":"https:\/\/cms.salesforcedevops.net\/#organization"},"image":{"@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg","keywords":["Devops Engineering","DevSecOps","Security"],"articleSection":["Cybersecurity","Industry News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#respond"]}],"copyrightYear":"2021","copyrightHolder":{"@id":"https:\/\/cms.salesforcedevops.net\/#organization"}},{"@type":"WebPage","@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/","url":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/","name":"Developers Targeted Again in Codecov Hack - SalesforceDevops.net","isPartOf":{"@id":"https:\/\/cms.salesforcedevops.net\/#website"},"primaryImageOfPage":{"@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage"},"image":{"@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg","datePublished":"2021-04-19T17:15:33+00:00","dateModified":"2021-05-31T16:04:34+00:00","description":"The Codecov hack is potentially wider in scope than SolarWinds because the Codecov attack is at an earlier step in the supply chain.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cms.salesforcedevops.net\/index.php\/2021\/04\/19\/developers-targeted-again-in-codecov-hack\/#primaryimage","url":"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg","contentUrl":"https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg","width":1200,"height":628,"caption":"Codecov logo"},{"@type":"WebSite","@id":"https:\/\/cms.salesforcedevops.net\/#website","url":"https:\/\/cms.salesforcedevops.net\/","name":"SalesforceDevops.net","description":"Elevating Salesforce Devops with Insights and Innovation","publisher":{"@id":"https:\/\/cms.salesforcedevops.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cms.salesforcedevops.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/cms.salesforcedevops.net\/#organization","name":"SalesforceDevops.net","url":"https:\/\/cms.salesforcedevops.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cms.salesforcedevops.net\/#\/schema\/logo\/image\/","url":"https:\/\/origin.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/logo-horiz-325.jpg","contentUrl":"https:\/\/origin.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/logo-horiz-325.jpg","width":325,"height":101,"caption":"SalesforceDevops.net"},"image":{"@id":"https:\/\/cms.salesforcedevops.net\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/salesforcedevopsnet","https:\/\/twitter.com\/salesforcedevop","https:\/\/www.linkedin.com\/in\/vernonkeenan","https:\/\/www.youtube.com\/channel\/UCOgOn9rD5gyXSOmV7-Q0n7g"]},{"@type":"Person","@id":"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/ac094823465a60be4f47d7321ed7ce04","name":"Vernon Keenan","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/cms.salesforcedevops.net\/#\/schema\/person\/image\/","url":"https:\/\/cms.salesforcedevops.net\/wp-content\/wphb-cache\/gravatar\/09b\/09bd30f3ca2e049fbd8b9313ef5a41aex96.jpg","contentUrl":"https:\/\/cms.salesforcedevops.net\/wp-content\/wphb-cache\/gravatar\/09b\/09bd30f3ca2e049fbd8b9313ef5a41aex96.jpg","caption":"Vernon Keenan"},"description":"Vernon Keenan (LinkedIn) works as a senior information technology industry consultant based in Oakland, California. He earned his B.Sc. in Biomedical Engineering at Northwestern University where he programmed a PDP-8 with punched paper tape. In his 34-year-long career he has been a teacher, SPSS programmer, database administrator, clinical researcher, technology journalist, product marketing manager, market researcher, management consultant, and industry analyst. Most recently he is a telecom operator, cloud architect, Go devops engineer and Salesforce Developer\/Architect. For inquiries about Salesforce strategy briefings or solution architect work please contact Vern directly at +1-510-679-1900 or vern@vernonkeenan.com.","sameAs":["https:\/\/ceres-gw.tnxs.net","https:\/\/linkedin.com\/in\/vernonkeenan","https:\/\/twitter.com\/salesforcedevop"],"url":"https:\/\/cms.salesforcedevops.net\/index.php\/author\/vern\/"}]}},"uagb_featured_image_src":{"full":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"thumbnail":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-150x150-1.jpg",150,150,true],"medium":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-300x157-1.jpg",300,157,true],"medium_large":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-768x402-1.jpg",768,402,true],"large":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-1024x536-1.jpg",980,513,true],"1536x1536":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"2048x2048":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"lightbox":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"search_results":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-125x125.jpg",125,125,true],"blog_entry":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1-750x450-1.jpg",750,450,true],"blog_post":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",750,393,false],"blog_post_full":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"blog_related":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false],"gallery":["https:\/\/cms.salesforcedevops.net\/wp-content\/uploads\/2021\/04\/codecov-cover-1.jpg",1200,628,false]},"uagb_author_info":{"display_name":"Vernon Keenan","author_link":"https:\/\/cms.salesforcedevops.net\/index.php\/author\/vern\/"},"uagb_comment_info":4,"uagb_excerpt":"Codecov, a leading supplier of computer language testing services, announced an infiltration of their network by a malicious actor. As a result, thousands of copies of a script capable of&hellip;","_links":{"self":[{"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/posts\/933","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/comments?post=933"}],"version-history":[{"count":2,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/posts\/933\/revisions"}],"predecessor-version":[{"id":2775,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/posts\/933\/revisions\/2775"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/media\/951"}],"wp:attachment":[{"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/media?parent=933"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/categories?post=933"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/tags?post=933"},{"taxonomy":"post_series","embeddable":true,"href":"https:\/\/cms.salesforcedevops.net\/index.php\/wp-json\/wp\/v2\/post_series?post=933"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}