Security Support in Continuous Deployment Pipeline

Continuous Software Engineering has gained significant attraction in the software development industry. One of the key areas of Continuous Software Engineering is Development and Operation (DevOps) – according to which development and operations teams are brought together for better coordination, collaboration, and communication. DevOps is characterised by Continuous Development, Continuous Delivery, and Continuous Deployment (CD). Continuous Deployment means continuously and automatically deploy software changes into production. Continuous Deployment Pipeline (CDP) supports CD practice by transferring the changes from the repository to production. CDP can be a significant target for cyber attacks. Hence, it is important that CDP is design and operated with security requirements in mind. We have recently published a paper paper that describe a few design tactics and their implementation for designing a security sensitive CDP. We hope that this work will interest to those who are interested in gathering patterns and tactics for designing secure deployment pipeline to support DevOps. We welcome comments and enquiries for collaboration in this area.