"Why Microsegmentation is Critical for Securing CI/CD"

Cloud-native technology, microservices architectures, and DevOps or DevSecOps teams working in close collaboration throughout the development life cycle represent modern development environments. At the heart of this environment, the Continuous Integration (CI) and Continuous Delivery (CD) pipeline is becoming an increasingly valuable target for cybercriminals. SolarWinds and Kaseya supply chain attacks illustrate the significant dangers of failing to properly secure CI/CD tooling. Microsegmentation is a growing practice that serves as the foundation for zero trust security implementations. DevOps teams can achieve unprecedented security and reduce the impact of successful breaches by introducing microsegmentation into the CI/CD pipeline, especially in the context of Kubernetes. Microsegmentation is a method of directing traffic between servers in the same network segment, with an emphasis on server-to-server traffic. In order to reflect the roles and permissions within an organization, a specific server can be defined to only communicate with another server. In addition, a specific application can be defined to only communicate with another host. Policies and permissions for microsegmentation are based on resource identity and can be independent of the underlying infrastructure, thus distinguishing microsegmentation from network segmentation, which is tightly coupled to the infrastructure and relies on network IP addresses. Microsegmentation is an effective method for defining access rules within and between intelligent groups of workloads based on their characteristics. The concept of microsegmentation is a critical component of Zero Trust Network Access (ZTNA), the technology that underpins zero trust security implementations. It provides more robust and reliable network security because it does not rely on dynamically changing networks or the technical requirements imposed on them. It also simplifies network management by replacing hundreds of address-based rules with a few identity-based policies. This article continues to discuss the concept and benefits of microsegmentation. 

Security Boulevard reports "Why Microsegmentation is Critical for Securing CI/CD"