Securing DevOps Using Deception and Denial
As organizations increasingly utilize DevOps for software development and IT operations, DevOps environments have become a priority target for would-be cybercriminals. Throughout the development process, it is critical to continually assess whether attackers have injected malicious code into the environment, and the nature of DevOps development can make this a challenge. DevOps works according to continuous integration/continuous delivery (CI/CD) mechanisms, and there are specific areas where attackers can interface with CI/CD. Identifying ways to derail those attacks is a critical part of DevSecOps, and deception and denial technology has emerged as a valuable tool capable of mitigating risk during each phase of DevOps development.
Deception and denial technology steps in to divert attack tactics such as credential access, when attackers steal credentials that point to CI/CD systems; AD reconnaissance, which can allow attackers to find CI/CD servers; and lateral movement and privilege escalation, which can enable attackers to own the CI/CD systems. Breaking down DevOps into four distinct phases (plan, build, deploy and operate) is a helpful way to illustrate the potential value of deception and denial. Each phase has areas where the technology can derail attackers attempting to infiltrate and exploit DevOps environments.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise