DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports
Events Video Library
Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
View Events Video Library
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks

CI/CD Pipeline Security: Learn 9 key steps for administering comprehensive security on your CI/CD pipelines with an open-source tech stack.

Full-Stack Observability Essentials: Explore the fundamentals of system-wide observability and key components of the OpenTelemetry standard.

Cloud-Native AppSec: Check out the re-release of DZone's Refcard on patterns and anti-patterns for securing your cloud-native applications.

  1. DZone
  2. Events
  3. Video Library
  4. Security Best Practices in your CI/CD pipeline

Security Best Practices in your CI/CD pipeline

Details

CI/CD pipelines play a critical role in accelerating software delivery and driving rapid innovation. However, the rapid pace of these environments come with an equally heightened risk of security missteps, requiring a new set of security best practices to ensure CI/CD integrity. While performing image scans to check for known vulnerabilities remains a cornerstone of CI/CD security, it should be one of many security initiatives that should be implemented in your pipeline to protect your application. 

Join us in this Fireside Chat, as we delve into some of the key considerations and best practices when securing your CI/CD pipelines in cloud native environments.

We will discuss: 

  • Common CI/CD threats and the attack surface, including insecure code, poisoned pipeline execution, exposed secrets, use of third party service, and more

  • Best practices to harden your environment related to:

    • Authentication and access control

    • Dev environment best practices, such as keeping tools, software, and OS up to date

    • Development best practices including embedding security scanning into the CI/CD pipeline, generating SBOMs, and more

Presenters:

Presenter Avatar

Burr Sutter

Chief Developer Evangelist, Red Hat

Presenter Avatar

Ix-chel Ruiz

Developer Advocate, JFrog

Presenter Avatar

Jesse Davis

Chief Technologist, DZone

Join Now for More Content & Events

For event and sponsorship inquiries, please email: sales@dzone.com

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Core Program
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 3343 Perimeter Hill Drive
  • Suite 100
  • Nashville, TN 37211
  • support@dzone.com

Let's be friends: