Protection of a CI/CD Chain
CI/CD (Continuous Integration/Continuous Deployment) chains are at the heart of software development. They allow for fast and efficient application delivery, but their automation can also introduce major security risks. Unverified source files, malicious external libraries, or compromised binaries can degrade the integrity and reliability of deliverables.
How can GLIMPS Malware help you?
GLIMPS Malware Detect integrates directly into CI/CD pipelines to automatically analyze each element of the development cycle:
- source code
- resources
- third-party libraries
- final deliverables
Thanks to advanced detection based on artificial intelligence and binary code analysis, this solution ensures continuous protection against threats.
The GLIMPS Malware Detect API can be integrated into any CI/CD chain for systematic file scanning at different stages:
- Analysis of source files and resources: Detection of hidden threats in source code, configuration files, or project resources.
- Inspection of external libraries and dependencies: Verification of third-party components to identify malicious injections.
- Control of deliverables: Thorough examination of generated binaries to detect any potential threat before production deployment.
This integration is performed seamlessly through GLIMPS REST APIs, which allow automatic triggering of analyses and return results that can be used by DevOps / DevSecOps teams.
GLIMPS provides Python and Go libraries to facilitate integration into the CI/CD chain. They are available on our public GitHub: https://github.com/glimps-re
Here are some examples of securing CI/CD pipelines with GLIMPS
Some modules used by a business application are developed by external service providers. These modules are integrated into the project through CI/CD.
To avoid “supply chain” attacks, files from these providers are systematically and automatically analyzed via the GLIMPS Malware Detect API through CI/CD.
The use of open-source libraries from unofficial repositories can expose applications to malicious code.
By integrating GLIMPS Malware Detect into the CI/CD chain, each new library is scanned, ensuring secure development.
Before each production deployment, it is essential to ensure that the final binary is not identified as malware.
GLIMPS Malware Detect allows this verification to be automated by controlling the deliverables generated at the end of CI/CD, ensuring reliable and threat-free deployment.
The key advantages
Proactive security
Identification of threats before they reach production environments
Ease of implementation
Seamless integration into existing CI/CD pipelines without slowing down deployments
Confidence and reliability
Strengthening trust and reliability by ensuring that each component is secure
Time savings and risk reduction
Rather than performing manual analyses (or no analysis at all), automation avoids errors and prevents security incidents upstream
Request a demo
Interested in our solutions? Would you like to see our products in action?
Request a demo