So, you think your CI/CD environment is secure?
7y agoen
Source
This post, co-written by Weaveworks and Snyk, explains how by using a GitOps continuous integration (CI)/continuous delivery (CD) pipeline combined with good security practices improves the overall security of your development workflow to Kubernetes.
You might also wanna read
CI/CD Security Testing: Is Your CI/CD Pipeline Compliant?
Packetlabs·7mo ago
Survey finds Kubernetes teams trust deployment automation but not resource optimization, as AI workloads raise the stakes
A survey of 321 Kubernetes practitioners reveals a stark trust gap: 82% trust automated delivery (CI/CD pipelines), but only 27% will let au
thenewstack.io·12d agoWhy Runtime Scanning Falls Short for CI/CD Supply Chain Security
This article argues that runtime scanning is insufficient for securing CI/CD supply chains because detection-based security alerts arrive on
hendryadrian.com·21d agoTrivy GitHub Actions Compromised in Supply Chain Attack, Exposing CI/CD Secrets
A new supply chain attack targeting Trivy's GitHub Actions has been disclosed, where attackers compromised the security scanner by force-upd
Cordyceps CI/CD vulnerability exposes supply chain risks across major tech organizations
Security research from Novee Security reveals a CI/CD weakness called "Cordyceps" that allows unauthenticated GitHub users to hijack trusted
thenewstack.io·2d agoThe OWASP Top 10 CI/CD Security Risks to Harden DevSecOps
Packetlabs·1y ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.