CIO Influence
CIO Influence News IT and DevOps Security

Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Software Supply Chain Attacks

Cycode Launches CI/CD Pipeline Monitoring Solution (Cimon) to Prevent Software Supply Chain Attacks

Cycode, the leading application security platform, announced the launch of Cimon, a seamless solution that enhances the security of CI/CD pipelines to prevent software supply chain attacks such as those that targeted SolarWinds and Codecov.

aws cloud

CI/CD pipelines currently lack visibility, making them the most sensitive link in the SDLC, and many organizations have thousands of unmonitored pipelines prone to supply chain attacks. Cimon stops these attacks by utilizing the innovative solution of eBPF (extended Berkeley Packet Filter), a technology that provides visibility into the build system, including thwarting malicious behavior, with minimal disruption.

CIO INFLUENCE: World Password Day: Password advice for CIOs

With this visibility, Cimon can inspect network connections to learn standard behaviors by running processes and file modifications within the CI pipeline. This knowledge enables Cimon to detect and prevent abnormalities, including real-time threats and zero-day attacks.

“There is a great deal of confusion about the scope of the software supply chain and all the attack vectors; consequently, most organizations are unaware of their exposure and are inadequately protected, leaving them prone to supply chain attacks.The innovation delivered by the Cycode Cimon solution provides the community with a new and straightforward way to monitor and safeguard their CI/CD software pipelines,” said Jim Mercer, Research Vice President of DevOps and DevSecOps at IDC.

CIO INFLUENCE: CIO Influence Interview with Lior Yaari, CEO and Co-Founder at Grip Security

With Cimon, organizations can expect:

  • Prevention of CI Attacks: With low effort and seamless integration, users remain protected against all possible attacks on the CI pipeline, including zero-day attacks.
  • Instant Threat Detection: Cimon prevents attacks such as malicious package installation, typosquatting, repojacking, dependency confusion, dependency hijacking and other dependency attacks.
  • Easy Integration: Cimon is developer friendly and is easily integrated with popular CI/CD tools. Cimon provides comprehensive documentation and requires minimal configuration and integration with the development environment, such as GitHub.

“Organizations can easily integrate Cimon with all their CI/CD tools for free and secure their pipelines without any delay or errors,” said Ronen Slavin, co-founder and CTO of Cycode. “As Cimon saves time in vulnerability and threat response procedures, teams can implement and adopt security measures without any worry of error or exhaustion.”

CIO INFLUENCE: CIO Influence Interview with Russ Ernst, Chief Technology Officer at Blancco

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Privacera Joins Snowflake Data Governance Accelerated Program to Simplify and Govern Multi-Cloud Data Sharing

CIO Influence News Desk

Huawei Unveils 8 5.5G Innovation Practices to Help Operators Start Commercial 5.5G Launch

CIO Influence News Desk

PragmatIC Semiconductor Secures $80 Million Funding

CIO Influence News Desk