A CI/CD pipeline potentially exposes sensitive information. Project teams often overlook the importance of securing their pipelines. They should have a comprehensive plan for securing their pipelines.
Access to a pipeline should be restricted. Everyone should have the least privileges required to perform their assigned jobs and no more.
To protect sensitive information and prevent it from getting exposed, all data at rest including logs should be encrypted.
Build and deployment logs should be treated with the same importance as application logs. These logs should be monitored regularly to make sure that there are no security vulnerabilities.
[
add
]
[
|
|
...
]