Access Management

The Anatomy of the Codecov Breach: A CyberArk Labs Webinar

The breach on code testing software vendor Codecov could have easily gone unnoticed for an indefinite amount of time.

Bearing resemblance to the 2020 SolarWinds attack, it’s another example of highly evasive supply chain infiltration in which malicious actors target and steal credentials to get to their intended target. For Codecov – the target was amongst their 29,000 customers worldwide.

As the long-term impact of this breach is still being investigated -- the team at CyberArk Labs reports their findings after analyzing the attack. Here’s what's covered:

  • Hacks and backdoors: an examination of the Codecov attack chain
  • Discovering the breach: how months could have been years
  • Cloud & DevOps: operational challenges and threats
  • Fragmented Security Architecture: Rise of the Shadow Admin
  • Supply Chain Attacks: The different types, ramifications and fallout
  • Taking the learnings: A discussion on mitigation strategies.

About the Author


CyberArk is the only security company focused on eliminating the most advanced cyber threats; those that use insider privileges to attack the heart of the enterprise. Dedicated to stopping attacks before they stop business, CyberArk proactively secures against cyber threats before attacks can escalate and do irreparable damage. The company is trusted by the world's leading companies - including more than 40 of the Fortune 100 - to protect their highest value information assets, infrastructure and applications.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.