Relevant bibliographies by topics / CI/CD Security

Contents

  1. Journal articles
  2. Dissertations / Theses
  3. Books
  4. Book chapters
  5. Conference papers
  6. Reports

Academic literature on the topic 'CI/CD Security'

Author: Grafiati
Published: 21 September 2024
Last updated: 26 July 2025

Create a spot-on reference in APA, MLA, Chicago, Harvard, and other styles

Select a source type:

Consult the lists of relevant articles, books, theses, conference reports, and other scholarly sources on the topic 'CI/CD Security.'

Next to every source in the list of references, there is an 'Add to bibliography' button. Press on it, and we will generate automatically the bibliographic reference to the chosen work in the citation style you need: APA, MLA, Harvard, Chicago, Vancouver, etc.

You can also download the full text of the academic publication as pdf and read online its abstract whenever available in the metadata.

Journal articles on the topic "CI/CD Security"

1

Malipeddi, Anil Kumar, and Sreekanth Pasunuru. "Securing DevOps CI/CD pipelines with Agent-Based and Agentless Solutions." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 12 (2024): 1–7. https://doi.org/10.55041/isjem01319.

Full text
Abstract:
As organizations increasingly adopt containerized applications and Continuous Integration/Continuous Deployment (CI/CD) pipelines, managing and securing secrets becomes critical to maintaining robust security. CI/CD pipelines are critical to modern software development, enabling rapid delivery of software updates. However, these pipelines often handle sensitive secrets such as credentials, API keys, and tokens, making them an attractive target for adversaries. This paper explores two distinct approaches to secrets management in DevOps environments: agent- based solutions, such as CyberArk Cred
APA, Harvard, Vancouver, ISO, and other styles
2

Researcher. "SECURING CI/CD PIPELINES: STRATEGIES FOR MITIGATING RISKS IN MODERN SOFTWARE DELIVERY." International Journal of Engineering and Technology Research (IJETR) 9, no. 2 (2024): 1–9. https://doi.org/10.5281/zenodo.13365012.

Full text
Abstract:
This comprehensive article explores the critical challenge of securing Continuous Integration and Continuous Deployment (CI/CD) pipelines in modern software development. It addresses the common security threats faced by organizations, including credential leaks, supply chain attacks, and unauthorized access, while offering actionable strategies to mitigate these risks. The paper delves into best practices for enhancing CI/CD security, covering crucial aspects such as secret management, encryption techniques, secure CI/CD tools, immutable infrastructure, and comprehensive security testing metho
APA, Harvard, Vancouver, ISO, and other styles
3

Ravi, Chandra Thota. "Cloud-Native DevSecOps: Integrating Security Automation into CI/CD Pipelines." INTERNATIONAL JOURNAL OF INNOVATIVE RESEARCH AND CREATIVE TECHNOLOGY 10, no. 6 (2024): 1–19. https://doi.org/10.5281/zenodo.15036934.

Full text
Abstract:
As software has become deployed more rapidly in the current fast pace of software development, security has become important, particularly in cloud-native environments where CI/CD pipelines play an important role in operations. Many ways we use to secure traditional systems do not keep up with the fluidity and the fact that they are automated in modern DevOps workflows. As a result, DevSecOps—combining security with the DevOps process—has become the key strategy to maintain the software's security while retaining speed and agility. This article discusses how security automation can
APA, Harvard, Vancouver, ISO, and other styles
4

Ho-Dac, Hung, and Van-Len Vo. "An Approach to Enhance CI/CD Pipeline with Open-Source Security Tools." European Modern Studies Journal 8, no. 3 (2024): 408–13. http://dx.doi.org/10.59573/emsj.8(3).2024.30.

Full text
Abstract:
Continuous Integration (CI) and Continuous Deployment (CD) are important aspects in software engineering today. In modern software production organizational models, CI/CD pipeline has become a mandatory element to improve speed and reduce team effort in developing, integrating, and deploying. In the context of increasing information security risks, deploying security tools for the CI/CD pipeline has become an inevitable trend. Deploying information security tools throughout the pipeline according to the "Shift Left" philosophy will help detect information security issues early for timely handl
APA, Harvard, Vancouver, ISO, and other styles
5

Sumanth Kadulla. "Zero trust in cloud infrastructure: Implementing secure CI/CD Pipelines." World Journal of Advanced Research and Reviews 26, no. 2 (2025): 450–57. https://doi.org/10.30574/wjarr.2025.26.2.1662.

Full text
Abstract:
Zero Trust architecture represents a fundamental shift in securing cloud infrastructure, particularly within CI/CD pipelines where traditional perimeter-based security approaches increasingly fail against sophisticated threats. This technical article explores how implementing Zero Trust principles—"never trust, always verify"—creates robust protection throughout the software delivery lifecycle. The implementation spans across multiple dimensions: securing modern CI/CD tools including GitHub Actions, Azure DevOps, and GitLab; establishing comprehensive identity and access management with just-i
APA, Harvard, Vancouver, ISO, and other styles
6

Kamalakar, Reddy Ponaka. "Secure Secret Management in DevOps CI/CD Pipelines." European Journal of Advances in Engineering and Technology 7, no. 2 (2020): 73–76. https://doi.org/10.5281/zenodo.13919341.

Full text
Abstract:
As organizations increasingly adopt DevOps practices, the security of sensitive data such as secrets, API keys, and credentials becomes a significant concern. Continuous Integration and Continuous Deployment (CI/CD) pipelines automate software development but also require robust secret management. This paper presents an approach for securely managing secrets using JWT authentication between GitLab CI and HashiCorp Vault, providing a scalable, fine-grained, and secure solution for modern DevOps environments.
APA, Harvard, Vancouver, ISO, and other styles
7

Ponaka, Kamalakar Reddy. "Systematic Approach to Prevent Code Vulnerabilities using CI/CD Pipelines." INTERANTIONAL JOURNAL OF SCIENTIFIC RESEARCH IN ENGINEERING AND MANAGEMENT 08, no. 11 (2024): 1–6. http://dx.doi.org/10.55041/ijsrem7171.

Full text
Abstract:
This paper discusses a systematic approach to integrating Static Application Security Testing (SAST), Software Composition Analysis (SCA), Code Coverage, and Code Quality Checks into Continuous Integration/Continuous Delivery (CI/CD) pipelines. Modern CI/CD pipelines accelerate software delivery but introduce significant security and quality challenges. By incorporating SAST and SCA for security testing, along with code coverage and quality checks, organizations can prevent code vulnerabilities and ensure the maintainability and reliability of their applications. This approach helps developmen
APA, Harvard, Vancouver, ISO, and other styles
8

Sarathe Krisshnan Jutoo Vijayaraghavan. "Security as code: Transforming DevSecOps through CI/CD Integration." World Journal of Advanced Engineering Technology and Sciences 15, no. 1 (2025): 2219–25. https://doi.org/10.30574/wjaets.2025.15.1.0446.

Full text
Abstract:
Security as Code (Sac) represents a transformative approach to addressing the critical challenge of balancing rapid software delivery with robust security measures. By embedding security directly into continuous integration and continuous deployment pipelines, Sac enables organizations to automate, standardize, and scale security practices throughout the software development lifecycle. This integration transforms security from a bottleneck into an enabler of development velocity while significantly enhancing risk posture. The article explores the theoretical framework of Sac, including its fou
APA, Harvard, Vancouver, ISO, and other styles
9

Baladari, Venkata. "End-to-End CI/CD Deployment of RESTful Microservices in the Cloud." International Journal of Core Engineering and Management 6, no. 8 (2020): 262–68. https://doi.org/10.5281/zenodo.15020514.

Full text
Abstract:
Implementing RESTful microservices across various cloud platforms necessitates automation to guarantee consistency, security, and scalability. Continuous Integration/Continuous Deployment (CI/CD) pipelines optimize the integration, testing, and deployment of services, thereby minimizing manual intervention and operational risks. This study introduces a comprehensive framework for fully automated CI/CD processes, integrating Infrastructure as Code (IaC), security protocols, and monitoring software solutions. The proposal tackles crucial issues like multi-cloud compatibility, vendor lock-in, and
APA, Harvard, Vancouver, ISO, and other styles
10

Akilnath, Bodipudi. "Integrating Vulnerability Scanning with Continuous Integration/Continuous Deployment (CI/CD) Pipelines." European Journal of Advances in Engineering and Technology 9, no. 2 (2022): 49–55. https://doi.org/10.5281/zenodo.13622978.

Full text
Abstract:
In the era of DevOps, the integration of Continuous Integration and Continuous Deployment (CI/CD) pipelines has revolutionized the software development lifecycle, ensuring rapid and reliable delivery of applications. However, this accelerated development pace introduces significant security challenges, particularly in maintaining the security posture of local servers. This paper investigates the integration of vulnerability scanning into CI/CD pipelines, aiming to enhance the security of applications and underlying infrastructure throughout the development process. We explore various vulnerabi
APA, Harvard, Vancouver, ISO, and other styles
More sources

Dissertations / Theses on the topic "CI/CD Security"

1

Persson, Simone. "List of Security Concerns within Continuous Software Evolution." Thesis, KTH, Skolan för elektroteknik och datavetenskap (EECS), 2018. http://urn.kb.se/resolve?urn=urn:nbn:se:kth:diva-254881.

Full text
Abstract:
The amount of data being collected is increasing astronomically. Hence questions about privacy and data security are becoming more important than ever. A fast-changing culture is also reflected in the demands and requirements placed on software systems. Products and services need to evolve with the demands and feedback from customers to stay relevant on the market. Working methods and technologies have been refined to afford updating software continuously. However, rapidly changing software cause concern for the quality and level of security in the release. This thesis is a comprehensive lite
APA, Harvard, Vancouver, ISO, and other styles
2

Moriconi, Florent. "Amélioration du cycle de développement logiciel via des approches basées sur les données." Electronic Thesis or Diss., Sorbonne université, 2024. http://www.theses.fr/2024SORUS164.

Full text
Abstract:
Cette thèse explore les approches basées sur les données pour l'analyse automatique des causes profondes des échecs de construction dans les systèmes d'intégration continue et de déploiement continu (CI/CD), en se concentrant sur l'identification des échecs non déterministes, la localisation des messages de cause profonde dans les journaux de construction, et la caractérisation de la performance et de la sécurité des systèmes CI/CD. Basée sur des ensembles de données publics et industriels, nous explorons les propriétés des flux de travail CI/CD, telles que les temps d'exécution et les modèles
APA, Harvard, Vancouver, ISO, and other styles
3

Brás, André Emanuel Raínho. "Container security in CI/CD pipelines." Master's thesis, 2021. http://hdl.handle.net/10773/31292.

Full text
Abstract:
The rising of the DevOps movement and the transition from a product economy to a service economy drove significant changes in the software development life cycle paradigm, among which the dropping of the waterfall in favor of agile methods. Since DevOps is itself an agile method, it allows us to monitor current releases, receiving constant feedback from clients, and improving the next software releases. Despite its extraordinary development, DevOps still presents limitations concerning security, which needs to be included in the Continuous Integration or Continuous Deployment pipelines
APA, Harvard, Vancouver, ISO, and other styles
4

Zhygulskyy, Mykyta. "AUTOMATED, SCHEDULED AND CI /CD WEB INJECTION." Master's thesis, 2021. http://hdl.handle.net/10400.8/5786.

Full text
Abstract:
This report is made within the Curricular Unit (UC) Project, in the 2nd year of the Master in Cyber-security and Forensic Informatics (MCIF) provided by the Polytechnic Institute of Leiria (IPL). The purpose of this project is to study SQL Injection vulnerabilities in web applications. According to OWASP (Open Web Application Security Project) [20][19], this is one of the more prevalent attacks on web applications. As part of this work a web application was implemented, which can from a URL address, go through all the endpoints of the target application and test for SQL Injection vulner
APA, Harvard, Vancouver, ISO, and other styles

Books on the topic "CI/CD Security"

1

Cherukuri, Sai Sravan. Securing the CI/CD Pipeline: Best Practices for DevSecOps. Bellevue Publishers, 2024.

Find full text
APA, Harvard, Vancouver, ISO, and other styles

Book chapters on the topic "CI/CD Security"

1

Dingare, Pranoday Pramod. "Managing Security with Jenkins." In CI/CD Pipeline Using Jenkins Unleashed. Apress, 2022. http://dx.doi.org/10.1007/978-1-4842-7508-5_7.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Dakic, Vedran, Jasmin Redzepagic, and Matej Basic. "CI/CD Toolset Security." In DAAAM Proceedings. DAAAM International Vienna, 2022. http://dx.doi.org/10.2507/33rd.daaam.proceedings.022.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Bobbert, Yuri, and Maria Chtepen. "Problems of CI/CD and DevOps on Security Compliance." In Strategic Approaches to Digital Platform Security Assurance. IGI Global, 2021. http://dx.doi.org/10.4018/978-1-7998-7367-9.ch007.

Full text
Abstract:
In this chapter, the authors define the main problems when working on products in DevOps Teams and on CI/CD pipelines with regard to security and risk management. It focusses on the regulatory requirements and cyberthreats that have impact on organisations. Regulator requirements vary from industry and country. Working with multiple teams on products requires proper alignment in frameworks, controls, and architecture principles in order to be end-to-end protected throughout the connected platforms. This chapter examines the multiple compliance frameworks and architectural principles that can b
APA, Harvard, Vancouver, ISO, and other styles
4

Nanda, Ashok Kumar, Abhishek Sharma, P. John Augustine, B. Rex Cyril, Venneti Kiran, and Boopathi Sampath. "Securing Cloud Infrastructure in IaaS and PaaS Environments." In Improving Security, Privacy, and Trust in Cloud Computing. IGI Global, 2024. http://dx.doi.org/10.4018/979-8-3693-1431-9.ch001.

Full text
Abstract:
Cloud computing has revolutionized IT infrastructure deployment and management, but it also presents security and resilience challenges. The study delves into the principles and strategies of cloud security to safeguard cloud environments and guarantee business continuity. It explains the concepts of infrastructure as a service (IaaS) and platform as a service (PaaS), their benefits and challenges, and the complex web of security principles within the cloud, including the shared responsibility model, best practices, and identity and access management. The guide explores cloud threats, focusing
APA, Harvard, Vancouver, ISO, and other styles
5

Bobbert, Yuri, and Maria Chtepen. "Research Findings in the Domain of CI/CD and DevOps on Security Compliance." In Strategic Approaches to Digital Platform Security Assurance. IGI Global, 2021. http://dx.doi.org/10.4018/978-1-7998-7367-9.ch008.

Full text
Abstract:
This chapter studies the mapping of governance and security control objectives impacted by DevOps to the corresponding DevOps control objectives. These DevOps objectives introduce either an opportunity or a risk for the achievement of the security and governance control objectives. Finally, the artifact defines a list of SecDevOps controls that have proven to be effective in combining the agility of the DevOps paradigm with the security compliance assurance. The authors examine in collaboration with experts the multiple frameworks to be suitable. The authors define SecDevOps controls that have
APA, Harvard, Vancouver, ISO, and other styles
6

Nagmoti, Nikhil Subodh, Ishita Srivastava, and Madhavi Damle. "AI-Driven Enhancements in Cloud-Native DevOps Boosting Automation, Deployment, and Monitoring." In Advances in Computational Intelligence and Robotics. IGI Global, 2025. https://doi.org/10.4018/979-8-3693-9356-7.ch008.

Full text
Abstract:
This paper looks into the incorporation of Artificial Intelligence into cloud-native DevOps practices dealing in automation, workflow optimization, and proactive monitoring. The paper also outlines AI-based tools that support some of the main points in DevOps practice areas like CI/CD, infrastructure management, security, and observability. Additionally, it elaborates on new developments that shorten workflows in cloud environments. This study on AI-driven automation shows how these systems can help mitigate repetitive works, speed CI/CD Processes, and increase deployment efficiency. It furthe
APA, Harvard, Vancouver, ISO, and other styles
7

Pandey, Pravin, and Advait Patel. "Integrating Security in Cloud-Native Development." In Data Governance, DevSecOps, and Advancements in Modern Software. IGI Global, 2025. https://doi.org/10.4018/979-8-3373-0365-9.ch009.

Full text
Abstract:
Cloud-native technologies, such as microservices, containers, and serverless computing, have evolved over the years to become staples in software development, but at the same time, they present several new security risks. DevSecOps has been discussed briefly in this chapter, as well as the practices needed to secure cloud-native applications, focusing on prevention, compliance checks, and sustained monitoring. It explores the automation aspects of CI/CD pipelines, Kubernetes clusters, serverless workloads firewalls, and security policy enforcement through IaC. The chapter also considers novel
APA, Harvard, Vancouver, ISO, and other styles
8

Bobbert, Yuri, and Maria Chtepen. "Findings and Core Practices in the Domain of CI/CD and DevOps on Security Compliance." In Strategic Approaches to Digital Platform Security Assurance. IGI Global, 2021. http://dx.doi.org/10.4018/978-1-7998-7367-9.ch009.

Full text
Abstract:
In this chapter, the authors describe the findings and conclusions on “The SecDevOps Capability Artifact.” It is validated by means of an extensive academic literature review and interviews with multiple domain experts and practitioners. An additional validation was performed by comparing the findings of this study with high-level implementation and operational guidance of the DoD enterprise DevSecOps reference design report. The report has as a purpose to describe the DevSecOps lifecycle and supporting pillars, in line with NIST cybersecurity framework, which is a high-level framework buildin
APA, Harvard, Vancouver, ISO, and other styles
9

Ratnam, Karthik. "The Role of Artificial Intelligence in Bridging DevOps and SecOps for Cloud Infrastructure." In Data Governance, DevSecOps, and Advancements in Modern Software. IGI Global, 2025. https://doi.org/10.4018/979-8-3373-0365-9.ch012.

Full text
Abstract:
With the movement of IT assets to the cloud, strong security and resilience are more important than ever. This paper discusses DevOps and SecOps integration, or DevSecOps, to increase security while enabling fast deployments. Encouraging collaboration between development, operations, and security teams, organizations can find and fix vulnerabilities early in the software lifecycle. The paper highlights the main idea of embedding automated security checks throughout the CI/CD pipeline using 24/7 monitoring, real-time threat detection, and agile incident response. This can be taken further with
APA, Harvard, Vancouver, ISO, and other styles
10

Eigenbrode, Shelbee, and Suheil Nassar. "Design and Implementation of Service Management in DevOps Enabled Cloud Computing Models." In Handbook of Research on End-to-End Cloud Computing Architecture Design. IGI Global, 2017. http://dx.doi.org/10.4018/978-1-5225-0759-8.ch014.

Full text
Abstract:
This chapter examines the importance of including value-add service management practices early in the Continuous Integration/Continuous Delivery (CI/CD) pipeline. The authors will also address the importance of establishing a balance between the development and delivery of features with the development and delivery of practices that support overall infrastructure and service management capabilities. Without fully encompassing all of these practices, the DevOps benefits of reducing time-to-market for a set of features can be negated by a potential increase in security exposures as well as overa
APA, Harvard, Vancouver, ISO, and other styles

Conference papers on the topic "CI/CD Security"

1

Afifah, Angelita Salsabila, Herman Kabetta, I. Komang Setia Buana, and Hermawan Setiawan. "Code Obfuscation in CI/CD Pipelines for Enhanced DevOps Security." In 2024 International Conference on Artificial Intelligence, Blockchain, Cloud Computing, and Data Analytics (ICoABCD). IEEE, 2024. http://dx.doi.org/10.1109/icoabcd63526.2024.10704536.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Saleh, Sabbir, Nazim Madhavji, and John Steinbacher. "Towards a Blockchain-Based CI/CD Framework to Enhance Security in Cloud Environments." In 20th International Conference on Evaluation of Novel Approaches to Software Engineering. SCITEPRESS - Science and Technology Publications, 2025. https://doi.org/10.5220/0013298200003928.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Meliala, Rehmia, Charles Lim, and Joseph Andreas. "Integrating Security Testing in CI/CD Pipelines: Current Trends from Literature and Market." In 2024 Ninth International Conference on Informatics and Computing (ICIC). IEEE, 2024. https://doi.org/10.1109/icic64337.2024.10957011.

Full text
APA, Harvard, Vancouver, ISO, and other styles
4

Cheenepalli, Jayaprakashreddy, John D. Hastings, Khandaker Mamun Ahmed, and Chad Fenner. "Advancing DevSecOps in SMEs: Challenges and Best Practices for Secure CI/CD Pipelines." In 2025 13th International Symposium on Digital Forensics and Security (ISDFS). IEEE, 2025. https://doi.org/10.1109/isdfs65363.2025.11011960.

Full text
APA, Harvard, Vancouver, ISO, and other styles
5

Thompson, Mark, and Michael Alex Kyer. "Securing the Containerized Environment Along the CI/CD Pipeline." In 2025 IEEE 15th Annual Computing and Communication Workshop and Conference (CCWC). IEEE, 2025. https://doi.org/10.1109/ccwc62904.2025.10903704.

Full text
APA, Harvard, Vancouver, ISO, and other styles
6

Saleh, Sabbir M., Nazim Madhavji, and John Steinbacher. "Blockchain for Securing CI/CD Pipeline: A Review on Tools, Frameworks, and Challenges." In 2024 7th Conference on Cloud and Internet of Things (CIoT). IEEE, 2024. http://dx.doi.org/10.1109/ciot63799.2024.10757084.

Full text
APA, Harvard, Vancouver, ISO, and other styles
7

Freitas, Matheus B., and Lincoln S. Rocha. "GASH – The GitHub Actions Smell Hunter." In Workshop de Visualização, Evolução e Manutenção de Software. Sociedade Brasileira de Computação - SBC, 2024. http://dx.doi.org/10.5753/vem.2024.3911.

Full text
Abstract:
The CI/CD pipeline configuration is a challenging and error-prone task. Its misconfiguration threatens the project’s security, maintenance, and quality. Such configuration problems called “configuration smells” are patterns in the configuration that, while not necessarily incorrect, indicate potential issues that could compromise the pipeline efficiency, reliability, or security. Detecting these smells is key to managing and addressing them for maintaining high-quality and secure CI/CD workflows. This paper introduces GASH (GitHub Actions Smell Hunter), a Pythonic tool devoted to detecting con
APA, Harvard, Vancouver, ISO, and other styles
8

Shevchuk, Ruslan, Mikolaj Karpinski, Mykhailo Kasianchuk, Ihor Yakymenko, Andriy Melnyk, and Roman Tykhyi. "Software for Improve the Security of Kubernetes-based CI/CD Pipeline." In 2023 13th International Conference on Advanced Computer Information Technologies (ACIT). IEEE, 2023. http://dx.doi.org/10.1109/acit58437.2023.10275654.

Full text
APA, Harvard, Vancouver, ISO, and other styles
9

Marandi, Manohar, A. Bertia, and Salaja Silas. "Implementing and Automating Security Scanning to a DevSecOps CI/CD Pipeline." In 2023 World Conference on Communication & Computing (WCONF). IEEE, 2023. http://dx.doi.org/10.1109/wconf58270.2023.10235015.

Full text
APA, Harvard, Vancouver, ISO, and other styles
10

Rangnau, Thorsten, Remco v. Buijtenen, Frank Fransen, and Fatih Turkmen. "Continuous Security Testing: A Case Study on Integrating Dynamic Security Testing Tools in CI/CD Pipelines." In 2020 IEEE 24th International Enterprise Distributed Object Computing Conference (EDOC). IEEE, 2020. http://dx.doi.org/10.1109/edoc49727.2020.00026.

Full text
APA, Harvard, Vancouver, ISO, and other styles

Reports on the topic "CI/CD Security"

1

D'Onofrio, Dominic. CI/CD Pipeline and DevSecOps Integration for Security and Load Testing. Office of Scientific and Technical Information (OSTI), 2023. http://dx.doi.org/10.2172/2430395.

Full text
APA, Harvard, Vancouver, ISO, and other styles
2

Chandramouli, Ramaswamy. Strategies for Integration of Software Supply Chain Security in DevSecOps CI/CD Pipelines. National Institute of Standards and Technology, 2023. http://dx.doi.org/10.6028/nist.sp.800-204d.

Full text
APA, Harvard, Vancouver, ISO, and other styles
3

Hendrick, Stephen, and Martin Mckeay. Addressing Cybersecurity Challenges in Open Source Software. The Linux Foundation, 2022. https://doi.org/10.70828/jxey9389.

Full text
Abstract:
While open source software is ubiquitous and generally regarded as being secure, software development practices vary widely across projects regarding application development practices, protocols to respond to defects, or lack of standardized selection criteria to determine which software components are more likely to be secure. Consequently, software supply chains are vulnerable to attack, with implications and challenges for open source project communities. To help improve the state of software supply chain security, new research was conducted in partnership with the Open Source Security Foun
APA, Harvard, Vancouver, ISO, and other styles
You might also be interested in the extended bibliographies on the topic 'CI/CD Security' for particular source types:
Journal articles
We offer discounts on all premium plans for authors whose works are included in thematic literature selections. Contact us to get a unique promo code!

To the bibliography