After CircleCI breach, it is a good moment for any team relying on CI/CD infrastructure to review their pipeline security as there are some steps they can take to be proactive.

The ongoing rise in open source vulnerabilities and software supply chain attacks poses a growing threat to businesses, which heavily rely on applications for success. Between 70 and 90 percent of organizations’ code base is open source, while vulnerabilities such as Log4j have significantly exposed organizations to cyberattacks.

The basic idea behind DevSecOps is to introduce security as early as possible in the software development life cycle (SDLC). At the same time, the model can lead to increased collaboration between development and security teams as part of the effort to integrate security into the SDLC. In other words, DevSecOps provides an excellent foundation for an effective vulnerability management strategy.

Yesterday, CircleCI, a Continuous Integration/Continuous Delivery (CI/CD) service, notified the world it had been breached via a critical advisory from its CTO. As a major software delivery pipeline service, CircleCI users store myriad credentials for various services in CircleCI’s “Secrets Store” infrastructure.

Audit Policy: Object Access: SAM is a setting in the Windows operating system that controls the auditing of security events related to access to the Security Accounts Manager (SAM) database. The SAM database is used to store user account information, including login credentials, on a Windows system. When the setting is enabled, the system will generate an audit event in the security log of the event viewer every time an attempt is made to access the SAM database.

The ongoing rise in open source vulnerabilities and software supply chain attacks poses a significant risk, and it will only increase. According to the Mend Open Source Risk Report, modern security best practices such as software composition analysis (SCA) are vital for stemming the rising tide of open source vulnerabilities in applications and software.

Regulatory demands now make an SBOM an essential in any organization. The Biden Administration released a memo in September 2022 that directs federal agencies to adopt guidelines from the National Institute of Standards and Technology (NIST) for securing software used by the federal government and attest to its security.

Network security: LAN Manager authentication level setting in Windows controls the level of authentication used by the LAN Manager (NTLM) protocol. LAN Manager (LM) and NTLM are the Microsoft Windows implementations of the challenge-response protocols used for authentication.

Audit Policy: Object Access: Certification Services” is a setting in the Windows operating system that controls whether or not the system generates audit events when a certificate is requested or used for authentication purposes.