What is it about?
This study examines how software teams develop and deploy cloud applications securely using Continuous Integration and Deployment (CI/CD) pipelines. It examines 66 research papers to identify common threats such as code leaks, insecure APIs, and misconfigured tools, and evaluates security tools and techniques used to prevent these issues. The goal is to help engineers and researchers improve cloud software security during development and deployment.
Featured Image
Why is it important?
Modern applications are deployed rapidly using automated pipelines. But this speed often comes at the cost of security. Our work reveals critical blind spots and recommends practical solutions, helping DevOps and security teams build safer, more reliable cloud systems. With the growing prevalence of cyber threats, this research is both timely and essential for building trust in cloud software delivery.
Perspectives
As a researcher working on cloud security, I believe strong security must be embedded early in the development pipeline, not patched later. This paper is part of a broader mission to bridge the gap between automation and assurance in modern software engineering.
Sabbir M. Saleh
Western University
Read the Original
This page is a summary of: A Systematic Literature Review on Continuous Integration and Deployment (CI/CD) for Secure Cloud Computing, January 2024, Scitepress,
DOI: 10.5220/0013018500003825.
You can read the full text:
Contributors
The following have contributed to this page
