pipeline-security
Safeguard articles tagged "pipeline-security" — guides, analysis, and best practices for software supply chain and application security.
29 articles
GitLab CI/CD Security Configuration
Hardening GitLab CI/CD pipelines with protected variables, secure runners, and built-in security scanning.
Azure DevOps Pipeline Security Hardening: A Practical Guide
How to lock down your Azure DevOps pipelines against supply chain attacks, credential leaks, and unauthorized deployments.
Environment Variable Injection in CI/CD: The Invisible Attack Surface
CI/CD pipelines trust environment variables implicitly. Injecting or modifying them can hijack builds, steal secrets, and compromise deployments.
CI/CD Pipeline Audit Logging: What to Capture and Why
Your CI/CD pipeline is a high-value target. Without proper audit logging, you will not know when it has been compromised until it is too late.
Securing CI/CD Pipelines from Supply Chain Attacks
CI/CD pipelines are the new attack surface. From poisoned dependencies to compromised build tools, here's how to lock down your software delivery infrastructure.