SecDocker: Hardening the Continuous Integration Workflow

by   David Fernández González, et al.

Current Continuous Integration processes face significant intrinsic cybersecurity challenges. The idea is not only to solve and test formal or regulatory security requirements of source code but also to adhere to the same principles to the CI pipeline itself. This paper presents an overview of current security issues in CI workflow. It designs, develops, and deploys a new tool for the secure deployment of a container-based CI pipeline flow without slowing down release cycles. The tool, called for its Docker-based approach, is publicly available in GitHub. It implements a transparent application firewall based on a configuration mechanism avoiding issues in the CI workflow associated with intended or unintended container configurations. Integrated with other DevOps Engineers tools, it provides feedback from only those scenarios that match specific patterns, addressing future container security issues.



There are no comments yet.


page 11


An Empirical Analysis of Practitioners' Perspectives on Security Tool Integration into DevOps

Background: Security tools play a vital role in enabling developers to b...

Towards a Secure and Reliable IT-Ecosystem in Seaports

Digitalization in seaports dovetails the IT infrastructure of various ac...

Continuous Flow Analysis to Detect Security Problems

We introduce a tool that supports continuous flow analysis in order to d...

Three Practical Workflow Schedulers for Easy Maximum Parallelism

Runtime scheduling and workflow systems are an increasingly popular algo...

The complexity of soundness in workflow nets

Workflow nets are a popular variant of Petri nets that allow for algorit...

Making Secure Software Insecure without Changing Its Code: The Possibilities and Impacts of Attacks on the DevOps Pipeline

Companies are misled into thinking they solve their security issues by u...

RCE: An Integration Environment for Engineering and Science

We present RCE (Remote Component Environment), an open-source framework ...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.