XSS attacks are now more widespread because of the complexity of these developer tools, such as Jenkins – the automation server, Docker containers, and the operation of virtual machines through platforms like VMWare. The CI / CD craze is fueling the fire with new innovations and new risks emerging daily.Īs the popularity of continuous integration (CI) and continuous delivery (CD) of software explodes, the many and diverse platforms used to script and operate CI and CD pipelines likewise increase the number of exploits available to hackers. Most new breach announcements typically feature the threat to users’ private data, such as the exposure of employee personal info at NASA, however a tech-savvy CIO recognizes an even deeper simultaneous threat: if the network is penetrated, then very likely the enterprise’s Java source code will be exposed as well.
The Vital Source: Protecting Java Source Code
