SECURING CI/CD PIPELINES USING AUTOMATED ENDPOINT SECURITY HARDENING
Abstract
This research emphasizes the need to secure CI/CD pipelines with automatic endpoint security hardening. Static analysis, dynamic analysis, and configuration management technologies are evaluated to determine the best security risk mitigation measures. SonarQube and Checkmarks target code-level vulnerabilities, while OWASP ZAP and Burp Suite target runtime threats. Configuration management systems like Ansible, Puppet, and Chef ensure uniform infrastructure security. Combining all three methods into one configuration management solution provides the most comprehensive security, according to comparative studies. The future of pipeline security should include AI and machine learning integration, real-time threat intelligence, and DevSecOps collaboration.