9 Tips For a More Secure Continuous Delivery Pipeline

You should take advantage of anything that can improve your continuous delivery such as reading the article contained in this post which mentions tips for a more secure continuous delivery pipeline.  The following is an excerpt from “DevOpsSec: Securing Software Through Continuous Delivery”, by Jim Bird.

It’s important not only to secure the application and its runtime environment, but to secure the Continuous Delivery tool chain and build and test environments, too. You need to have confidence in the integrity of delivery and the chain of custody, not just for compliance and security reasons, but also to ensure that changes are made safely, repeatably, and traceably.

Your Continuous Delivery tool chain is also a dangerous attack target itself: it provides a clear path for making changes and pushing them automatically into production. If it is compromised, attackers have an easy way into your development, test, and production environments. They could steal data or intellectual property, inject malware anywhere into the environment, DoS your systems, or cripple your organization’s ability to respond to an attack by shutting down the pipeline itself.

To keep reading this Jim Bird’s article, click here!