Kudelski Security has developed an open-source solution named “YouShallNotPass” (YSNP) to enhance the security of GitLab and GitHub pipelines. YSNP validates CI/CD jobs by only allowing specific repos, Docker images, scripts, and users to run on its runners. These security checks are stored independently on HashiCorp Vault. The solution acts as a gateway to protect their secure network environment and clients’ security devices from potential threats.
Kudelski Security Research 