Continue your mission
CI/CD pipeline compromise targets automated build infrastructure to inject backdoors, steal deployment credentials, and distribute malicious code through legitimate release channels.
CI/CD pipeline compromise targets the automated build, test, and deployment infrastructure that transforms source code into running applications. Attackers who gain access to continuous integration or continuous deployment systems can inject malicious code into software artifacts, steal secrets stored for deployment, or modify release processes to distribute compromised software to production environments and end users.
Attack vectors against CI/CD pipelines include compromised source code repositories that trigger malicious build steps, stolen credentials for CI/CD platforms, poisoned build dependencies resolved during the build process, and manipulation of pipeline configuration files. Once inside the pipeline, attackers can modify build scripts to inject backdoors, exfiltrate environment variables containing API keys and deployment credentials, alter test configurations to skip security checks, and modify deployment targets to push code to attacker-controlled infrastructure. Supply chain attacks through CI/CD are particularly effective because the pipeline has legitimate access to production deployment credentials and code signing keys. Pipeline-as-code configurations stored in repositories can be modified through pull requests that appear to contain innocuous changes.
CI/CD pipelines are the most privileged systems in modern software development. They hold deployment credentials, code signing keys, cloud provider access tokens, and database connection strings. A compromised pipeline can distribute malicious code through legitimate release channels, signed with legitimate certificates, making detection extremely difficult for downstream consumers. The CodeCov, SolarWinds, and 3CX incidents demonstrated how pipeline compromise enables supply chain attacks at massive scale. Organizations often apply less security rigor to build infrastructure than production systems despite comparable privilege levels.
CDA treats CI/CD security as a Vulnerability and Surface Defense priority. Our missions cover pipeline hardening, secret management in build systems, build provenance verification with SLSA framework compliance, and detection of unauthorized pipeline modifications that could indicate compromise.
CDA Theater missions that address topics covered in this article.
Rogue access point detection identifies unauthorized wireless APs on the network using WIPS sensors, wired-side monitoring, and signal triangulation to prevent network bypass.
LLM security risks include data leakage, prompt injection, model supply chain attacks, and unauthorized tool execution, requiring organizations to treat AI models as high-privilege components.
Written by CDA Editorial
Found an issue? Help improve this article.