CI/CD Security Checklist: Six Best Practices to Proactively Address CI/CD Pipeline Weaknesses

CI/CD pipelines play a critical role in cloud-native software development, serving as the foundation in which developers store, compile, and deploy code. But CI/CD pipelines are frequently the weakest point in the software supply chain, and bad actors have taken note. CI/CD pipeline weaknesses provide an opportunity for bad actors to inject malicious code and leak sensitive data, thereby corrupting both the CI/CD pipeline and the software supply chain.

CI/CD security is often overlooked, and pipelines require special care in how they are configured and how user behavior is controlled. However, with the right approach, it’s possible to proactively address CI/CD security and harden your pipelines over time. Below are six tactical rules a CI/CD security checklist for proactively addressing CI/CD pipeline weaknesses so you can prevent issues like pipeline poisoning, secrets exfiltration, and dependency chain abuse.

데이터시트 보기

무료 다운로드

연락처 정보를 입력하고 다운로드 버튼을 클릭하십시오. 다운로드 링크가 포함된 이메일이 발송됩니다.

I have read and agree to the Palo Alto Privacy Statement.

I have read and agree to the Palo Alto Terms of Use.

I consent to B2B Media Group GmbH with its affiliated companies and Enigma Marketing Pte Ltd processing my data for marketing purposes, in particular for marketing-related contact via email and telephone.

You can withdraw your consent at any time by emailing privacy@b2bmg.com (subject: Enigma Marketing Pte Ltd). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Enigma Marketing Pte Ltd

* 표시된 영역은 필수입니다