ci/cd briefing

Share this post
[brief] Cycode, a CICD pipeline security startup, raises funding.
blog.cicd.com

[brief] Cycode, a CICD pipeline security startup, raises funding.

cicd.com
May 11, 2021
2
Share this post
[brief] Cycode, a CICD pipeline security startup, raises funding.
blog.cicd.com

Cycode, a security startup focusing on “securing DevOps pipeline”, raises new funding.

Recent supply chain attacks like the Codecov incident definitely brought people’s attention to CI pipelines. Many customers now know they can get their source code and secrets leaked by the effortless integration with a somewhat credible software vendor.

By looking at Cycode’s product feature page, I summarize my understanding of the features provided by Cycode here, in simple language:

  • Integrates with your CI/CD tools and organizes the pipelines into a centralized dashboard. —some access control and audit

  • Compares source code in different places of your system and check for mismatches. — integrity monitoring

  • Scans for secrets in repos. — detect bad practice, similar to what is already provided by some open source secret scanners.

Cycode has mentioned the Codecov incident multiple times in their product pages. Cycode’s claimed product features certainly could provide additional layers of monitoring and control to CI pipelines. However, it’s still unclear to me that how their product would have protected users of a hacked supplier.

Share this post
[brief] Cycode, a CICD pipeline security startup, raises funding.
blog.cicd.com
Comments

Create your profile

0 subscriptions will be displayed on your profile (edit)

Skip for now

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.

TopNew

No posts

Ready for more?

© 2022 cicd.com
Privacy ∙ Terms ∙ Collection notice
Publish on Substack Get the app
Substack is the home for great writing