Cyberespionage Attacks Against Southeast Asian Government Linked to Stately Taurus, Aka Mustang Panda
Rare Backdoors Suspected to be Tied to Gelsemium APT Found in Targeted Attack in Southeast Asian Government
Persistent Attempts at Cyberespionage Against Southeast Asian Government Target Have Links to Alloy Taurus
  • Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
  • magnifying glass search icon to open search field
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Research
  • Create Account
  • EN
    Language
  • Get Started
  • Contact Us
  • Resources
  • Get support
  • Under Attack?
  • Unit 42 Threat Research

Whitepaper

Top 10 CI/CD Security Risks: The Technical Guide

May 26, 2023
asset thumbnail

In-Depth Research and Recommendations from 16 Experts

CI/CD pipelines are the heartbeats of software development, serving as the foundation in which developers store, compile and deploy code. And given their critical role in cloud-native organizations, it’s no surprise that CI/CD pipeline weaknesses are common targets for bad actors looking to instigate an attack. 

The CI/CD attack surface has also changed considerably in recent years, due to trends like the rise of DevOps, automation and dependencies in code. In this complex security landscape, it can be challenging to know where to get started with CI/CD security. 

With this guide, you’ll learn the most important risks to prioritize at the start of your CI/CD security journey. You’ll get practical tips that will enable you to proactively identify and remediate the most critical CI/CD pipeline weaknesses so that you can prevent issues like data leakage and malicious code injection.

Download the guide to learn how to:

  • Implement strong logging and monitoring capabilities.

  • Maintain the principle of least privilege within your CI/CD ecosystem.

  • Mitigate dependency chain abuse.

  • Prevent poisoned pipeline execution (PPE) attacks.

  • Identify and remediate insecure system configurations.

  • And more!

Download
Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

black youtube icon black twitter icon black facebook icon black linkedin icon
  • USA (ENGLISH)
  • AUSTRALIA (ENGLISH)
  • BRAZIL (PORTUGUÉS)
  • CANADA (ENGLISH)
  • CHINA (简体中文)
  • FRANCE (FRANÇAIS)
  • GERMANY (DEUTSCH)
  • INDIA (ENGLISH)
  • ITALY (ITALIANO)
  • JAPAN (日本語)
  • KOREA (한국어)
  • LATIN AMERICA (ESPAÑOL)
  • MEXICO (ESPAÑOL)
  • SINGAPORE (ENGLISH)
  • SPAIN (ESPAÑOL)
  • TAIWAN (繁體中文)
  • UK (ENGLISH)

Popular Resources

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Investors
  • Products A-Z
  • Tech Docs
  • Unit 42
  • Sitemap

Legal Notices

  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Popular Links

  • About Us
  • Customers
  • Careers
  • Contact Us
  • Manage Email Preferences
  • Newsroom
  • Product Certifications
Report a Vulnerability
Create an account or login

Copyright © 2023 Palo Alto Networks. All rights reserved