• rajesh273

Prevent Ransomware: its in your CI/CD pipeline

Updated: Feb 17

Wouldn't it be nice if you rarely had to roll back your newly deployed changes to the infrastructure due to security compliance (SOC2, HIPAA, PCI, etc.), or worse yet, the increased risk of ransomware?

The general flow of a CI/CD pipeline is

  1. The developer checks in code

  2. Some basic compilation and/or syntax verification checks are done

  3. Software gets pushed to a staging system built with Terraform

  4. Automated tests are run on the staging system

  5. The code gets pushed out to the operational system

Nowhere along the way security is a big concern to the pipeline. Or, shall we say, was.

Check out our case study.


Times are changing, and security is now a priority for businesses.

  1. Ransomware can destroy your business

  2. Security non-compliance can impact your business

  3. It is hard to estimate business risks of security issues; how do you even prioritize?

  4. Fixing security issues in an operational system is extremely expensive, slow, and laborious

  5. It is hard to find skilled security resources

  6. Cyber insurance is becoming more expensive

  7. Fixing issues upstream is really inexpensive compared to downstream.

How to get ahead of the cyber-crooks; a few rules which mainly revolve around moving your security testing and mitigations upstream; don't wait for the system to get deployed. For example (words in italics are new)

  • Use static code analysis, library scanning, etc. as soon as code is checked in

  • Perform Ransomware assessments of the staging system as soon as the software is installed

  • Perform Ransomware assessments of the staging system as soon as the software is installed

  • Use an automated infrastructure fixing system to fix issues

  • If there are still any unfixable issues that lead to crossing the threshold, inform the developer and don't deploy

  • Perform continuous testing

  • Push code out to the operational system

  • Perform Ransomware assessments of the staging system as soon as the software is installed

  • Perform Ransomware assessments of the staging system as soon as the software is installed

Isn't this too difficult?

Any modern system should automatically test your security and even fix issues for you to reduce your ransomware and compliance risk.


Tala Empath does the job for you, we have deployed our compliance engine in CI/CD pipelines and the results are amazing. We help reduce ransomware risks and also make sure you are always compliant. Auto remediation......Contact us today for a demo.




17 views0 comments

Recent Posts

See All

The latest White House development in cryptocurrencies, Executive Order (EO)on Ensuring Responsible Development of Digital Assets, is geared towards bringing the world of blockchain in general, and c