CI/CD Security Checklist

Learn Six Best Practices to Proactively Address CI/CD Pipeline Weaknesses

CI/CD pipelines are a critical component of cloud-native software development, but CI/CD security is often overlooked. And because bad actors see CI/CD pipeline weaknesses as low-hanging fruit, they’ll frequently leverage those weaknesses to instigate attacks that corrupt both the CI/CD pipeline and the software supply chain.

But with the right approach — one that proactively implements some best practices — you can get ahead of CI/CD security risks and harden your pipelines over time.

This checklist will give you practical tips to help protect your CI/CD pipeline from attacks like pipeline poisoning, secrets exfiltration and dependency chain abuse.

Download the checklist to learn how to:

Apply a policy-as-code approach to your CI/CD pipeline configuration files.
Implement a secrets scanning strategy that minimizes noisy alerts and helps you quickly remove exposed credentials from your CI/CD pipeline.
Adopt least-privileged access by implementing governance controls and auditing procedures.
Establish a robust logging and monitoring program to give you proper visibility into your CI/CD pipeline.
And more!

Download Now

I would like to speak to a sales specialist.

Sign me up to receive news, product updates, sales outreach, event information and special offers about Palo Alto Networks and its partners.

By submitting this form, I understand my personal data will be processed in accordance with Palo Alto Networks Privacy Policy and Terms of Use.

If you were referred to this form by a Palo Alto Networks partner or event sponsor or attend a partner/event sponsor session, your registration information may be shared with that company.