Category » Security Archives - ALMtoolbox NewsALMtoolbox News

GitLab Custom Roles: How to Control API Access and Webhooks without Over-Permissioning Users

April 5, 2026 ¬ 8:26 amh.Tamir GefenNo Comments »

GitLab custom roles help teams control access to code, settings, tokens, and webhook administration without promoting every advanced user to Maintainer or Owner. The key is understanding where custom roles help, where token scopes still matter, and how both shape access to data through the GitLab API and GitLab webhooks

New: CI Module for “The Shield” application to improve its Code Security and Fight Coronavirus

March 29, 2020 ¬ 12:40 pmh.Tamir GefenNo Comments »

To encourage downloads of the ‘Shield’ app that fights coronavirus, we have built a complementary Continuous Integration (CI) solution and code scanners to improve information security, code security and privacy of the app. We also invite the developers to use it freely and continuously in future. A few days ago, the Israeli Ministry of Health […]

FLASH: Vulnerability in IBM Rational ClearCase ClearQuest with potential for TLS Attack

September 23, 2013 ¬ 9:04 pmh.Noa HarelNo Comments »

The IBM GSKit component used in Rational ClearCase and ClearQuest is susceptible to a Transport Layer Security protocol (used in HTTPS) vulnerability known as “Lucky Thirteen.” The vulnerability might allow remote attackers to conduct distinguishing and plain-text recovery attacks by statistically analyzing timing data for crafted packets. Remediation: Upgrade to latest version: 7.1.2.12, 8.0.0.8 or […]