This series of articles aims to identify the best practices to implement in order to secure your delivery process and your CI/CD pipelines: 0. DevSecOps & CI/CD Pipelines: understand the fundamentals.1. Version Control System Security2. Secure Continuous Integration (CI) Pipelines3. Secure Continuous Delivery (CD) Pipelines4. Securely Managing Secrets in CI/CD Pipelines5. Securely Managing Artifacts in CI/CD Pipelines6. CI/CD Pipeline Security: Strategies to Detect and Counter […]

Montreal (Quebec) — June 20, 2024 — This new partnership is perfectly aligned with our commitment to help organizations accelerate their value delivery through the industry's best DevOps practices.

“Artifacts” are the byproducts generated via your Continuous Integration (CI) pipelines during the build process. These artifacts are compiled code (binaries) or packaged in the shape of a container image that is ready to be deployed to a server.

Welcome back to the CI/CD security series, where we continue to unravel the complexities and nuances of securing continuous integration and continuous delivery pipelines.

A deployment pipeline handles (automatically or semi-automatically) the process of configuring an environment such that a new version of an application is released.

The continuous integration security (CI) pipeline is central to the software delivery system, yet it represents a security hotspot with multiple attack vectors.