|
|
|
|
|
|
by pbronez
2006 days ago
|
|
|
I wonder if you could gain security while preserving agility by having build servers with exceptional (and annoying) security maintained offline. Do your CI/CD work, then chop off a weekly release and build it from source on a machine that’s been powered off in a secure room the whole time. Still doesn’t help you if the attack is sufficiently upstream.. |
|
|