turbot/github_compliance
GitHub
Loading controls...

Benchmark: 2.4 Pipeline Integrity

Overview

This section consists of security recommendations for keeping pipeline integrity.

Integrity means ensuring that the pipelines, the dependencies they use, and their artifacts are all authentic and what they intended to be. Securing the pipeline integrity is to verify that every change and process running during the build pipeline run is what it is supposed to be. One way to do that, for example, is to lock each dependency to a certain secured version. It is important to insist on securing that because this is the way to set trust with the customer.

Usage

Browse dashboards and select 2.4 Pipeline Integrity:

steampipe dashboard

Or run the benchmarks in your terminal:

steampipe check github_compliance.benchmark.cis_supply_chain_v100_2_4

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share github_compliance.benchmark.cis_supply_chain_v100_2_4

Controls

Tags