LATEST INTELLIGENCE

PRESENTED BY

Download whitepaper here

CI / CD environments , processes and systems are the beating heart of any modern software organization . They deliver code from an engineer ’ s workstation to production . Combined with the rise of the DevOps discipline and microservice architectures , CI / CD systems and processes have reshaped the engineering ecosystem :

• The technical stack is more diverse , both in relation to coding languages as well as to technologies and frameworks adopted further down the pipeline ( e . g . GitOps , K8s ).

• Adoption of new languages and frameworks is increasingly quicker , without significant technical barriers .

• There is an increased use of automation and Infrastructure as Code ( IaC ) practices .

• 3rd parties , both in the shape of external providers as well as dependencies in code , have become a major part of any CI / CD ecosystem , with the integration of a new service typically requiring no more than adding 1 – 2 lines of code

These characteristics allow faster , more flexible and diverse software delivery . However , they have also reshaped the attack surface with a multitude of new avenues and opportunities for attackers .

Adversaries of all levels of sophistication are shifting their attention to CI / CD , realizing CI / CD services provide an efficient path to reaching an organization ’ s crown jewels . The industry is witnessing a significant

20 INTELLIGENTCIO APAC www . intelligentcio . com