Securing Your CI/CD Pipeline

MJ Kaufmann

MJ Kaufmann

Security Specialist

Move from DevOps to DevSecOps with Cloud PAM

The need for speed has never been greater than it is today. From productivity hacks to efficiency mandates, everyone is looking for ways to get more done faster. As a result, software and app users aren’t content to put their work on hold to wait for updates. 

The continuous integration (CI) and continuous delivery (CD) pipeline is the best way to deliver dynamic updates without downtime or maintenance windows — but it comes with security risks. According to the Verizon 2020 Data Breach Investigations Report (DBIR), 43% of breaches involved web applications.

This post explores the evolution of DevOps, the risks that come with  privileged access management in the context of continuous integration and continuous delivery, as well as how governance works in the cloud to secure the CI/CD pipeline.

DevSecOps and the CI/CD Pipeline

Gone are the days of linear software development. To speed deployment, today’s developers build, integrate, and address errors iteratively in the cloud. The focus on high productivity through continuous integration and continuous delivery formed the foundation of cloud DevOps. DevOps’ main objective is convenience and agility. Unfortunately, when the CI/CD pipeline was conceptualized, security wasn’t a top consideration.

This has further been complicated by the addition of containerization into the CI/CD pipeline during software deployment. Containerization makes it even more important to ensure security is baked into the process. Security issues will be propagated out in containers and could be deployed in numerous areas simultaneously.

But that doesn’t mean that companies can’t take advantage of agile development and rapid deployment offered by the continuous integration and continuous delivery model. They simply need to bake security into the CI/CD pipeline by transitioning DevOps to DevSecOps. In addition to creating an agile and secure development environment, DevSecOps enables better compliance while achieving governance goals.

Overseeing Privilege Securely

One of the primary reasons the CI/CD process is so essential to protect was recently put on display when the SolarWinds breach came to light. For SolarWinds, the build system for their Orion monitoring product was compromised in late 2020. This compromise allowed bad actors to insert malicious code that would be run by their customers. This supply chain attack is exceptionally devastating as organizations trust purchased products from large and established companies such as SolarWinds. When updates came out, customers generally deployed them as safe and trusted code, not knowing the time bomb they were placing on their networks. 

Attacks like SolarWinds come about through abuses of privileged accounts or misconfigurations. Privileged accounts with rights to deploy code into the environment are typically manually configured, and they too often persist indefinitely. Compromising these credentials creates the opportunity for bad actors to insert malicious code into trusted codebases. Not all malicious code will have the broad-reaching impact that SolarWinds did, but it is still untracked and unmonitored. 

Misconfigurations and mismanagement are often obvious, which compounds these problems — meaning bad actors don’t have to look very hard to find opportunities. For example, earlier this year, media outlet CyberNews discovered that a European banking giant’s website included a JSON file that exposed a set of critical keys, leaving customers wide open to fraud. 

To ensure security, cloud environments, especially those leveraging the continuous integration and continuous delivery model, must conform to governance rules with consistent policies and tracking.

The Solution to Privilege Vulnerabilities: Cloud PAM

Let’s dive deeper into how privileged accounts create vulnerabilities and ways Cloud PAM technology solves the problem. Conflicts of interest are always possible when humans are involved in a process. And the CI/CD pipeline depends on human involvement. 

Users produce the code, promote it for testing, and promote it again to production. This can lead to situations where individuals may be required to take multiple roles, creating a conflict of interest. Developers should never be promoting code to production themselves. But without visibility into who has what access when, it’s difficult to prevent this — particularly when staffing shortages occur. Cloud PAM tools provide the means to grant access appropriately, oversee how access is being used, and take it away after the task has been completed.

In the CI/CD pipeline, standing privilege is dangerous. A single individual can easily promote bugs or security holes from code to production that can have far-reaching consequences. And hackers who gain access to keys or credentials that persist indefinitely can do extensive damage since they have all the time in the world to do so.

Read The Evolution of Privileged Access Management to learn more about Cloud PAM and how you can use it to secure your cloud infrastructure and resources beyond the CI/CD pipeline

Secrets Management is Critical

Secrets management is crucial for security because stolen secrets can provide clues to the architecture or give cybercriminals the direct ability to open up vast cloud infrastructure portions. Ensuring secrets such as access keys get generated when necessary —and destroyed once they are no longer needed — is critical because they are prime targets for cybercriminals.

Secrets and access keys left in the code undermine security. It is not uncommon for programmers to leave additional notes and information in the code. But it is imperative to remove any keys or passwords that have been used to expedite testing. 

Criminals are constantly scanning online code bases for information that might contain secrets. Cloud PAM takes care of this problem, with the ability to tightly scope secret distribution and limited lifespans of credentials to limit the period where attacks can take place if credentials are compromised — and minimize the damage.

Overseeing Privileged Activity

Too often, the cloud is a Wild West when it comes to governance. But governance is crucial in the cloud space if companies expect to protect their infrastructure and resources. Organizations must extend compliance frameworks and organizational rules into the cloud.

Tracking access is essential not only to maintain compliance but also to prevent audit headaches. Privileged access activity monitoring helps identify suspicious activity and flag it for further review. For example, unusual activity patterns such as an erratic change in code deployment from a department with a normally consistent deployment schedule can trigger an alert.

Good logging of all privileged access not only makes it easier to prove continual compliance, but can also be a proactive tool in prevention.

Cloud PAM is Vital to Securing the CI/CD Pipeline

Agile companies can safely leverage the cloud to quickly and efficiently develop solutions if they’re baking in security from the start. Integrating a Cloud PAM tool to extend your on-premises security into the cloud prevents bad actors from getting their hands into your codebase. Cloud PAM limits access, providing visibility and auditability into the entire CI/CD pipeline. 

Securing the DevOps process is just a piece of staying ahead of the curve as a company. Learn more about Identity and Security trends for 2021 and beyond to be prepared for the new landscape of IT. 

 

Source: DevOps, IBM Cloud Education, Oct 2019

Schedule a Demo

Ready to see our solution in action?
Sign up for your demo today.

Saviynt named a Gartner® Peer Insights™ Customers’ Choice: IGA Learn More >