CI/CD Security Checklist: Six Best Practices to Proactively Address CI/CD Pipeline Weaknesses

CI/CD pipelines play a critical role in cloud-native software development, serving as the foundation in which developers store, compile, and deploy code. But CI/CD pipelines are frequently the weakest point in the software supply chain, and bad actors have taken note. CI/CD pipeline weaknesses provide an opportunity for bad actors to inject malicious code and leak sensitive data, thereby corrupting both the CI/CD pipeline and the software supply chain.

CI/CD security is often overlooked, and pipelines require special care in how they are configured and how user behavior is controlled. However, with the right approach, it’s possible to proactively address CI/CD security and harden your pipelines over time. Below are six tactical rules a CI/CD security checklist for proactively addressing CI/CD pipeline weaknesses so you can prevent issues like pipeline poisoning, secrets exfiltration, and dependency chain abuse.

View Datasheet

Free Download

Please enter your contact information and click the download button. You will receive an email with your download link.

I have read and agree to the Palo Alto Privacy Statement.

I have read and agree to the Palo Alto Terms of Use.

By clicking the button below, you consent to B2B Media Group GmbH with its affiliated companies and Enigma Marketing Pte Ltd processing and storing your data for marketing purposes, in particular for marketing-related contact by e-mail and telephone.

You can revoke your consent at any time by sending an e-mail to unsubscribe@b2bmg.com (subject: Enigma Marketing Pte Ltd). Further information can be found in the Privacy Notice.

Privacy / download conditions:

Date: 1.8.2018

Client

B2B Media Group GmbH, Bahnhofstraße 5, 91245 Simmelsdorf (B2B MG)

Partner

Enigma Marketing Pte Ltd

Fields marked with * are mandatory