CI/CD Basics
CI/CD stands for “continuous integration and continuous delivery.” It’s a modern software development practice that automates the various steps it takes for code written by a developer to be pushed live into production.
Thanks to the automation of CI/CD pipelines, organizations are able to deploy both new code and essential security features—sometimes up to hundreds of times per day—to keep the cloud applications you rely on running without a hiccup.
CI/CD pipelines are extremely beneficial. But, of course, there’s a catch. By design, CI/CD pipelines need to have enormous privileges and access to highly sensitive data to make changes to a live app. This makes them very attractive targets for cybercriminals — which brings us to CI/CD security.
What is CI/CD Security?
CI/CD security refers to the practices, processes, and technologies organizations use to ensure the security and integrity of the CI/CD pipeline.
CI/CD security includes:
- Protecting secrets and sensitive data
- Implementing access controls, and
- Conducting security testing throughout the CI/CD pipeline.
Ideally, CI/CD security is part of an organization’s overall application security (or AppSec) program, which is designed to keep all angles of a cloud-native application secure.
How to Secure the CI/CD Pipeline
Attackers know that the CI/CD pipeline is an easy way to gain access to an organization and its secrets. Organizations can focus on several key areas to keep their CI/CD pipeline secure:
- Implementing secure access controls
- Ensuring code and artifact integrity
- Applying secure configuration practices
- Integrating automated security testing
- Managing and securing third-party dependencies
- Implementing secrets management
Learn more about CI/CD
To learn more about how CI/CD and how to harden your pipelines against attack, watch the latest episode of What’s That with Prisma Cloud.