Sponsored Feature There’s no question that fast-feedback software delivery offers multiple advantages by streamlining processes for developers. But in software development, as in life, there is no such thing as a free lunch.
Automated continuous integration/continuous delivery (CI/CD) pipelines created by tools like Jenkins and Concourse are there to help, of course, but the potential downside is that they can increase the likelihood of security vulnerabilities. And as development teams expand into Infrastructure as Code (IaC), the practice of deploying CI/CD pipelines to manage configuration files for engineering the actual infrastructure on which their applications run is gaining popularity.
These trends necessitate developers ensure they can effectively manage the secrets required to run corporate applications and systems. Secrets that have the potential to put critical systems at risk. Associated vulnerabilities can manifest themselves along the length of extended DevOps pipelines, which, in today’s hybrid corporate infrastructures, typically span a range of different internal and externally hosted applications, services and data repositories.
Adding further…
