Discover what’s really driving the shift toward unified security
Discover how geopolitical tensions are fueling advanced cyber campaigns
Is the Quantum Threat Closer Than You Think?
  • Sign In
    • Customer
    • Partner
    • Employee
    • Login to download
    • Join us to become a member
  • EN
  • magnifying glass search icon to open search field
  • Contact Us
  • What's New
  • Get Support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Login to download
    • Join us to become a member
  • EN
    Language
  • Contact Us
  • What's New
  • Get support
  • Under Attack?
  • Demos and Trials

Whitepaper
May 26, 2023

Top 10 CI/CD Security Risks: The Technical Guide

Top 10 CI/CD Security Risks: The Technical Guide

English
Download
Download
asset thumbnail

In-Depth Research and Recommendations from 16 Experts

CI/CD pipelines are the heartbeats of software development, serving as the foundation in which developers store, compile and deploy code. And given their critical role in cloud-native organizations, it’s no surprise that CI/CD pipeline weaknesses are common targets for bad actors looking to instigate an attack. 

The CI/CD attack surface has also changed considerably in recent years, due to trends like the rise of DevOps, automation and dependencies in code. In this complex security landscape, it can be challenging to know where to get started with CI/CD security. 

With this guide, you’ll learn the most important risks to prioritize at the start of your CI/CD security journey. You’ll get practical tips that will enable you to proactively identify and remediate the most critical CI/CD pipeline weaknesses so that you can prevent issues like data leakage and malicious code injection.

Download the guide to learn how to:

  • Implement strong logging and monitoring capabilities.

  • Maintain the principle of least privilege within your CI/CD ecosystem.

  • Mitigate dependency chain abuse.

  • Prevent poisoned pipeline execution (PPE) attacks.

  • Identify and remediate insecure system configurations.

  • And more!

Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Products and Services

  • AI-Powered Network Security Platform
  • Secure AI by Design
  • Prisma AIRS
  • AI Access Security
  • Cloud Delivered Security Services
  • Advanced Threat Prevention
  • Advanced URL Filtering
  • Advanced WildFire
  • Advanced DNS Security
  • Enterprise Data Loss Prevention
  • Enterprise IoT Security
  • Medical IoT Security
  • Industrial OT Security
  • SaaS Security
  • Next-Generation Firewalls
  • Hardware Firewalls
  • Software Firewalls
  • Strata Cloud Manager
  • SD-WAN for NGFW
  • PAN-OS
  • Panorama
  • Secure Access Service Edge
  • Prisma SASE
  • Application Acceleration
  • Autonomous Digital Experience Management
  • Enterprise DLP
  • Prisma Access
  • Prisma Access Browser
  • Prisma SD-WAN
  • Remote Browser Isolation
  • SaaS Security
  • AI-Driven Security Operations Platform
  • Cloud Security
  • Cortex Cloud
  • Application Security
  • Cloud Posture Security
  • Cloud Runtime Security
  • Prisma Cloud
  • AI-Driven SOC
  • Cortex XSIAM
  • Cortex XDR
  • Cortex XSOAR
  • Cortex Xpanse
  • Unit 42 Managed Detection & Response
  • Managed XSIAM
  • Threat Intel and Incident Response Services
  • Proactive Assessments
  • Incident Response
  • Transform Your Security Strategy
  • Discover Threat Intelligence

Company

  • About Us
  • Careers
  • Contact Us
  • Corporate Responsibility
  • Customers
  • Investor Relations
  • Location
  • Newsroom

Popular Links

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Manage Email Preferences
  • Products A-Z
  • Product Certifications
  • Report a Vulnerability
  • Sitemap
  • Tech Docs
  • Unit 42
  • Do Not Sell or Share My Personal Information
PAN logo
  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Copyright © 2025 Palo Alto Networks. All Rights Reserved

  • Youtube
  • Podcast
  • Facebook
  • LinkedIn
  • Twitter
  • Select your language