Raven stands for Risk Analysis and Vulnerability Enumeration for CI/CD Pipeline Security, and it is now available as an open-source tool on GitHub. This innovative solution will be presented at the upcoming Black Hat Arsenal – SecTor Toronto event. Raven comes at a time when GitHub Actions are essential for CI/CD, as they enable the automation of everything from code testing to deployment. However, these actions also pose a risk of vulnerabilities.
Source: GBHackers