Discover what’s really driving the shift toward unified security
Discover how geopolitical tensions are fueling advanced cyber campaigns
Is the Quantum Threat Closer Than You Think?
  • Sign In
    • Customer
    • Partner
    • Employee
    • Login to download
    • Join us to become a member
  • EN
  • magnifying glass search icon to open search field
  • Contact Us
  • What's New
  • Get Support
  • Under Attack?
Palo Alto Networks logo
  • Products
  • Solutions
  • Services
  • Partners
  • Company
  • More
  • Sign In
    Sign In
    • Customer
    • Partner
    • Employee
    • Login to download
    • Join us to become a member
  • EN
    Language
  • Contact Us
  • What's New
  • Get support
  • Under Attack?
  • Demos and Trials
Video

What Is CI/CD

Oct 15, 2024

CI/CD Basics

CI/CD stands for “continuous integration and continuous delivery.” It’s a modern software development practice that automates the various steps it takes for code written by a developer to be pushed live into production.

Thanks to the automation of CI/CD pipelines, organizations are able to deploy both new code and essential security features—sometimes up to hundreds of times per day—to keep the cloud applications you rely on running without a hiccup.

CI/CD pipelines are extremely beneficial. But, of course, there’s a catch. By design, CI/CD pipelines need to have enormous privileges and access to highly sensitive data to make changes to a live app. This makes them very attractive targets for cybercriminals — which brings us to CI/CD security.

What is CI/CD Security?

CI/CD security refers to the practices, processes, and technologies organizations use to ensure the security and integrity of the CI/CD pipeline.

CI/CD security includes:

  • Protecting secrets and sensitive data
  • Implementing access controls, and
  • Conducting security testing throughout the CI/CD pipeline.

Ideally, CI/CD security is part of an organization’s overall application security (or AppSec) program, which is designed to keep all angles of a cloud-native application secure.

How to Secure the CI/CD Pipeline

Attackers know that the CI/CD pipeline is an easy way to gain access to an organization and its secrets. Organizations can focus on several key areas to keep their CI/CD pipeline secure:

  • Implementing secure access controls
  • Ensuring code and artifact integrity
  • Applying secure configuration practices
  • Integrating automated security testing
  • Managing and securing third-party dependencies
  • Implementing secrets management

Learn more about CI/CD

To learn more about how CI/CD and how to harden your pipelines against attack, watch the latest episode of What’s That with Prisma Cloud.

Share page on facebook Share page on linkedin Share page by an email
Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement.

Products and Services

  • AI-Powered Network Security Platform
  • Secure AI by Design
  • Prisma AIRS
  • AI Access Security
  • Cloud Delivered Security Services
  • Advanced Threat Prevention
  • Advanced URL Filtering
  • Advanced WildFire
  • Advanced DNS Security
  • Enterprise Data Loss Prevention
  • Enterprise IoT Security
  • Medical IoT Security
  • Industrial OT Security
  • SaaS Security
  • Next-Generation Firewalls
  • Hardware Firewalls
  • Software Firewalls
  • Strata Cloud Manager
  • SD-WAN for NGFW
  • PAN-OS
  • Panorama
  • Secure Access Service Edge
  • Prisma SASE
  • Application Acceleration
  • Autonomous Digital Experience Management
  • Enterprise DLP
  • Prisma Access
  • Prisma Access Browser
  • Prisma SD-WAN
  • Remote Browser Isolation
  • SaaS Security
  • AI-Driven Security Operations Platform
  • Cloud Security
  • Cortex Cloud
  • Application Security
  • Cloud Posture Security
  • Cloud Runtime Security
  • Prisma Cloud
  • AI-Driven SOC
  • Cortex XSIAM
  • Cortex XDR
  • Cortex XSOAR
  • Cortex Xpanse
  • Unit 42 Managed Detection & Response
  • Managed XSIAM
  • Threat Intel and Incident Response Services
  • Proactive Assessments
  • Incident Response
  • Transform Your Security Strategy
  • Discover Threat Intelligence

Company

  • About Us
  • Careers
  • Contact Us
  • Corporate Responsibility
  • Customers
  • Investor Relations
  • Location
  • Newsroom

Popular Links

  • Blog
  • Communities
  • Content Library
  • Cyberpedia
  • Event Center
  • Manage Email Preferences
  • Products A-Z
  • Product Certifications
  • Report a Vulnerability
  • Sitemap
  • Tech Docs
  • Unit 42
  • Do Not Sell or Share My Personal Information
PAN logo
  • Privacy
  • Trust Center
  • Terms of Use
  • Documents

Copyright © 2025 Palo Alto Networks. All Rights Reserved

  • Youtube
  • Podcast
  • Facebook
  • LinkedIn
  • Twitter
  • Select your language