NCI WEBSITE
NORMA eResearch @NCI Library

Securing CI/CD Pipeline: Automating the detection of misconfigurations and integrating security tools

Tools

Mangla, Muskan (2023) Securing CI/CD Pipeline: Automating the detection of misconfigurations and integrating security tools. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
Preview
 PDF (Master of Science)
Download (903kB) | Preview
[thumbnail of Configuration manual]
Preview
 PDF (Configuration manual)
Download (811kB) | Preview

Abstract

In recent years, the adoption of DevOps technology has become widespread in enterprises and private sectors. DevOps emphasizes communication and collaboration between development and operations teams to accelerate the delivery of software. One key component of DevOps is the use of continuous integration and continuous delivery (CI/CD) pipelines, which automate the process of building, testing, and deploying software. However, the use of CI/CD pipelines' lack of security oversights that introduces security risks due to the potential for security misconfigurations. These misconfigurations can lead to vulnerabilities that can be exploited by a malicious actor and thus making it important to identify and address them as part of the CI/CD process.

To address these security concerns, a DevSecOps approach was adopted, which integrates security into the CI/CD pipeline and ensures that the software being deployed is secure and free of vulnerabilities. This was achieved by continuous detection of security misconfigurations automatically in every stage of the CI/CD Pipeline and addressing them as part of the CI/CD process. By adopting a DevSecOps approach, organizations can provide continuous security assurance and strengthen the security of their CI/CD pipelines.

Item Type: Thesis (Masters)
Supervisors:
Name
Email
Sahni, Vikas
UNSPECIFIED
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 28 Apr 2023 16:10
Last Modified: 28 Apr 2023 16:10
URI: https://norma.ncirl.ie/id/eprint/6529

Actions (login required)

View Item View Item