Back to articles
CI/CD security: How to secure your GitHub ecosystem
Datadog | The Monitor blog

CI/CD security: How to secure your GitHub ecosystem

18 views

Summary

This article details how to apply threat modeling to GitHub to improve CI/CD security. It identifies key inputs (authentication, source code, configurations, secrets) and associated risks like unauthorized access and data exfiltration, outlining how to detect these threats using tools like static code analysis and cloud SIEMs. The article also examines historical attacks, such as the Shai Hulud worms and OAuth token compromises, to highlight preventative measures and detection strategies for a more secure GitHub environment.
Read the Original Article

This article originally appeared on Datadog | The Monitor blog.

Read Full Article on Original Site

Popular from Datadog | The Monitor blog

1
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions

Datadog | The Monitor blog Dec 1, 2025 95 views

2
Introducing Bits AI Dev Agent for Code Security
Introducing Bits AI Dev Agent for Code Security

Datadog | The Monitor blog Mar 26, 2026 77 views

3
Monitoring MongoDB performance metrics (MMAP)
Monitoring MongoDB performance metrics (MMAP)

Datadog | The Monitor blog May 25, 2016 70 views

4
Understand session replays faster with AI summaries and smart chapters
Understand session replays faster with AI summaries and smart chapters

Datadog | The Monitor blog Apr 2, 2026 69 views

5
Introducing ARFBench: A time series question-answering benchmark based on real incidents
Introducing ARFBench: A time series question-answering benchmark based on real incidents

Datadog | The Monitor blog Apr 24, 2026 66 views