What are the best practices for securing CI CD pipelines against vulnerabilities

0 votes
This question considers the best practice in place to ensure vulnerabilities that might affect the pipeline of CI/CD cannot affect the software development life cycle. An excellent answer ought to reflect on the relevant practices that include secure reviews of codes, automated use of security scans, realization of RBAC, secret management, and integration for vulnerability scanning tools. Additional considerations include how to monitor the activity of a pipeline and respond quickly in case of a perceived security threat. The following best practices can also be further explored in keeping dependencies and images up-to-date:.
Oct 28 in DevOps Tools by Anila
• 3,390 points 79 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.

Related Questions In DevOps Tools

0 votes
1 answer

What are your go-to scripting languages for automating CI/CD pipelines, and can you share a sample script?

A general script automation choice in CI/CD ...READ MORE

answered Oct 16 in DevOps Tools by Gagana
 • 2,450 points 165 views
0 votes
0 answers

What are the best practices for writing Dockerfiles, and could you share a well-structured example?

It asks about the best practices in ...READ MORE

Oct 11 in DevOps Tools by anonymous
 • 3,390 points
edited Oct 21 by anonymous 101 views
0 votes
1 answer

What are your best practices for managing dependencies in your applications, and can you share coding examples?

Manage Dependencies Effectively Dependency management is a ...READ MORE

answered Oct 23 in DevOps Tools by Gagana
 • 2,450 points 119 views
0 votes
0 answers

What steps do you take to secure your Jenkins instance and pipelines? Could you share some security best practices for authentication, authorization, and plugin management?

What steps do you take to secure ...READ MORE

6 days ago in DevOps Tools by Anila
• 3,390 points 22 views
0 votes
0 answers

What are your best practices for container orchestration with Kubernetes when dealing with high-availability applications?

What are your best practices for container ...READ MORE

1 day ago in DevOps Tools by Anila
• 3,390 points 15 views
0 votes
1 answer

What CI/CD tools do you prefer for automating deployments, and can you share a configuration example?

For a tool for the automation of ...READ MORE

answered Oct 23 in DevOps Tools by Gagana
 • 2,450 points 209 views
+5 votes
7 answers

Docker swarm vs kubernetes

Swarm is easy handling while kn8 is ...READ MORE

answered Aug 27, 2018 in Docker by Mahesh Ajmeria
 3,925 views
+6 votes
1 answer

Web UI (Dashboard): https://kubernetes.io/docs/tasks/access-application-cluster/web-ui-dashboard/

Hey @nmentityvibes, you seem to be using ...READ MORE

answered Dec 13, 2018 in Kubernetes by Kalgi
 • 52,350 points 7,933 views
+15 votes
2 answers

Git management technique when there are multiple customers and need multiple customization?

Consider this - In 'extended' Git-Flow, (Git-Multi-Flow, ...READ MORE

answered Mar 27, 2018 in DevOps & Agile by DragonLord999
 • 8,450 points 4,034 views
+4 votes
1 answer

How do I go from development docker-compose.yml to deployed docker-compose.yml in AWS

It can work if you try to put ...READ MORE

answered Jun 7, 2018 in AWS by Cloud gunner
 • 4,670 points 5,335 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.