BLOG
DEVOPS

Securing DevOps platform environments

The business demand to release new or upgraded software in ever faster cycles has seen a rise in the uptake of DevOps practices. A new eBook published by Sogeti and Microsoft in the series of guides to Modern App Development and Enterprise DevOps considers the security implications for enterprises that rely on DevOps platforms for deployment.

How secure are your DevOps platforms, including the pipelines and production environments your developers require to be productive? It’s an important question because pipelines and production environments are extremely attractive to hackers. In Securing Enterprise DevOps Environments, we reveal that DevOps platform environments are one of three threat surfaces in need of urgent attention as hackers become ever more ingenious and malicious.

All tools that help enterprise DevOps teams to function represent key entry points for attackers, from pipeline automation to code validation, and code repositories. A common example occurs when company code is infected by hackers before it reaches production systems and thereby passes through cyber security checkpoints. On top of pipeline and personal access token scenarios, enterprises need to verify the security of their third-party tool integrations.

So where do you start? As our eBook points out, begin by ensuring that granular control and audit trails are available across each environment. You’ll also need to implement least privilege access when you can and ensure the right level of read/write permissions. The goal is to build a secure setup, minimizing exposure of secrets and parameters.

This chapter offers guidance for securing the DevOps platform environment with six key actions:

Read the eBook

Want to know how to move ahead with all of these recommended actions? This chapter of Securing Enterprise DevOps Environments not only gives more detail on the ‘what’ to do to secure your DevOps platform environments but offers invaluable advice on ‘how’ to do it.

 

Read the eBook here

Read the eBook

Want to know how to move ahead with all of these recommended actions? This chapter of Securing Enterprise DevOps Environments not only gives more detail on the ‘what’ to do to secure your DevOps platform environments but offers invaluable advice on ‘how’ to do it.

 

Read the eBook here

 

Blog author

Clemens Reijnen, Sogeti Global CTO Cloud Services, is the co-author of Securing Enterprise DevOps Environments in partnership with Microsoft.

Clemens Reijnen
Clemens Reijnen
Global CTO of Cloud Services
Print Email