ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Securing GitHub Actions with William Woodruff"
Episode Synopsis
William Woodruff discussed his project, Zizmor, a security linter designed to help developers identify and fix vulnerabilities within their GitHub Actions workflows. This tool addresses inherent security risks in GitHub Actions, such as injection vulnerabilities, permission issues, and mutable tags, by providing static analysis and remediation guidance. Fresh off the heels of the tj-actions/changed-files backdoor, this is a great topic with some things everyone can do right away. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-securing-github-actions-william-woodruff/
More episodes of the podcast Open Source Security
Iocaine poisons bots with Gergely Nagy
12/01/2026
Anubis with Xe Iaso
05/01/2026
Rustls with Dirkjan and Joe
29/12/2025
TARmageddon with Alex Zenla
01/12/2025
Python Security with Seth Larson
24/11/2025
In God we trust