Three Overlooked Steps to Securing A Software Supply Chain

CloudBees provides feature flagging capabilities, which allow engineers to instantly specific sections of code for customers without issuing a new download. Process steps and gates—which must be enforced every time—across your entire pipeline will minimize the opportunities for a bad actor to slip in malicious code. 1. PUT PROCESS GATES AND CONTROLS AT EVERY STEP OF THE SOFTWARE SUPPLY CHAIN In SolarWinds’ case, the attacker gained access to one of their GitHub repositories and found a shared secret—perhaps a password—in plain text.
Source: CloudBees

Leave a Reply

Your email address will not be published.