← Cybersecurity Alphabet Soup

CI/CD

Continuous Integration / Continuous Delivery

appseceasy

CI/CD is the automated pipeline that builds, tests, and deploys code every time developers push changes. It is where most application security tooling now lives, with SAST, SCA, and secret scanning running as automated gates on every commit. The pipeline itself is also an attack target, since compromising it lets attackers ship malicious code, which is why OWASP publishes a Top 10 just for CI/CD security risks.

Sources

More in appsec