Total Tests:

Why DevOps pipelines are under attack and how to fight back

By Maria Korolov for CSO
Tuesday, February 22, 2022

NotPetya proved the effectiveness of an attack on the software supply chain, and attackers are targeting it more now. Here's advice to reduce risk to your DevOps processes.

Many security controls and processes are available that don't cost a lot and don't create too much overhead, but do require some thoughtful planning or training, says Ilia Kolochenko, CEO at cybersecurity vendor ImmuniWeb. For example, AWS offers built-in security controls and tools that are not expensive or even free, he says. "People don’t go for them because they’re unaware, don’t think they need them, or it's too difficult to dig into them and leverage them."

The cloud makes it easier to deploy tools like continuous security monitoring and incident response, he says. "You can detect suspicious activity, immediately stop it, replace it with a clean image, and continue your operations without going offline. The cloud provides many great opportunities to automate your continuous security monitoring and incident response, but people don't use it." Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential