Joint CISA-NSA publication offers security guidance for continuous cloud software development

CISA and the National Security Agency provide best practices in a recent publication addressing the virtual cloud software development pipeline, with a focus on mitigating risks in authentication and access, development environments and development processes.

The joint publication details security concerns associated with continuous integration and continuous development, which allow software developers to build, test and deploy code changes in an automated environment to increase the efficiency of application deployments.

“The virtual cloud environment relies on software, making development and...