CI/CD Security Checklist: Six Best Practices to Proactively Address CI/CD Pipeline Weaknesses

CI/CD pipelines play a critical role in cloud-native software development, serving as the foundation in which developers store, compile, and deploy code. But CI/CD pipelines are frequently the weakest point in the software supply chain, and bad actors have taken note. CI/CD pipeline weaknesses provide an opportunity for bad actors to inject malicious code and leak sensitive data, thereby corrupting both the CI/CD pipeline and the software supply chain.

CI/CD security is often overlooked, and pipelines require special care in how they are configured and how user behavior is controlled. However, with the right approach, it’s possible to proactively address CI/CD security and harden your pipelines over time. Below are six tactical rules a CI/CD security checklist for proactively addressing CI/CD pipeline weaknesses so you can prevent issues like pipeline poisoning, secrets exfiltration, and dependency chain abuse.

View Datasheet

Free Download

Please enter your contact information and click the download button. You will receive an email with your download link.

I have read and agree to the Palo Alto Privacy Statement.

I have read and agree to the Palo Alto Terms of Use.

I consent to B2B Media Group GmbH with its affiliated companies and Enigma Marketing Pte Ltd processing my data for marketing purposes, in particular for marketing-related contact via email and telephone.

You can withdraw your consent at any time by emailing privacy@b2bmg.com (subject: Enigma Marketing Pte Ltd). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Enigma Marketing Pte Ltd

Fields marked with * are mandatory