Prevent supply chain attacks on the development process and CI/CD pipelines
Software Development Company
Securely manage and share secrets within the development environment and CI/CD pipelines to prevent supply chain attacks.
An outsourcing software development company needed help with preventing supply chain attacks on continuous integration and continuous development (CI/CD) pipelines. To prevent supply chain attacks, they required an efficient and secure way to manage and share secrets including user logins, passwords, and SSH keys. Storing secrets in the source repository was unacceptable from a security standpoint, so they decided to search for a dedicated solution.
The company’s security engineers analyzed and compared several commercially available access management platforms. They chose Ekran System, as it provides robust capabilities for access and password management for both privileged and non-privileged accounts.
To improve defense against supply chain attacks, the Ekran System team suggested using the Application Credentials Broker and integrating the customer’s CI/CD pipelines with the Ekran System solution. Our experts also recommended the customer take advantage of Ekran System’s Password Management feature to safeguard access to CI/CD pipelines and various endpoints within the corporate network.
With the help of Ekran System, the customer was able to:
- Enhance security of access to various endpoints within the organization
- Establish a secure way to manage access to build and deployment processes
We are no strangers to cybersecurity, so we knew what solution would suit best to reinforce the security of the software development and continuous integration processes in our company. The [Ekran System] team did a great job meeting our specific needs. Apart from satisfying our major request, the [Ekran System] platform also helped us to securely share secrets with employees who need to access specific endpoints thanks to the secrets and vault functionality
Chief Information Officer
Outsourcing Software Development Company