Stronger CI/CD security sought by new Cycode solution

SiliconAngle reports that Israel-based DevOps security startup Cycode is seeking to avert software supply chain attacks through improved continuous integration and delivery security with its new free Cimon solution. Software supply chain attacks have been caused by limited CI/CD pipeline visibility, which Cimon addresses through the use of an extended Berkeley Packet Filter that could provide insight into the malicious behavior-combating build system, according to Cycode, which also touted Cimon's capability to examine the CI pipeline's network connections, file modifications, and running processes. Cycode also noted the Cimon could enable instant detection of malicious packages, dependency confusion, typosquatting, dependency hijacking, repo jacking, and other attacks. "We offer free and easy integration with many CI/CD tools for organizations to secure their pipelines without delay time or errors. As Cimon saves time in vulnerability and threat response procedures, teams can implement and adopt security measures without worry of error or exhaustion," said Cycode founder and Chief Technology Officer Ronen Slavin.