Your code might be secure, but what about your pipeline? Challenges of securing build/deployment environment.


Authors:   Marcin Szydłowski


Abstract:​Traditionally Change Management is a very well-defined process. You can find hundreds of articles on the Internet explaining how each change should be properly requested, developed, tested and approved before being moved to the production environment.Obviously, each of these steps requires documentation and formal approval (sign-off) from the appropriate person. This process was giving security engineers several chances to ensure that changes do not introduce any new vulnerabilities and infrastructure to which the application is deployed is hardened and patched.Security around the Change Management process gets a little bit more complicated for agile software development and DevOps methodologies where tens of small changes are introduced every day. Each of these small changes is being automatically tested from various perspectives and if everything goes as expected it gets deployed to the environment of your choice without human intervention.Without any manual review in place, change management and security controls rely heavily on the fact that:- humans cannot access sensitive environments in an uncontrolled manner- application’s and infrastructure’s code is independently reviewed to avoid unauthorized changes and detect flaws- pre-approved and verified artifacts are used while building applications to decrease the risk of insecure dependencies or malicious artifacts- automated tests are performed by pipeline to detect defects or security issuesIt goes without saying, that ability to circumvent any of the above mentioned controls may introduce unauthorized changes and security issues to the application.This presentation will describe often ignored area of application security which is related to security of development environment. Presenter will share some common misconfigurations of build/deployment environment which can have a significant negative impact on source code integrity and as an ultimate result on security of application itself.​​​