Kudelski Security has developed an open-source solution named “YouShallNotPass” (YSNP) to enhance the security of GitLab and GitHub pipelines. YSNP validates CI/CD jobs by only allowing specific repos, Docker images, scripts, and users to run on its runners. These security checks are stored independently on HashiCorp Vault. The solution acts as a gateway to protect their secure network environment and clients’ security devices from potential threats.
Author: Pierre Dumont
The State of the Internet
Scanning of services and ports on the Internet has been an area of focus of the Applied Research Team at Kudelski Security for the last