Back to articles
CI/CD security: threat modeling using a MITRE-style threat matrix
Datadog | The Monitor blog

CI/CD security: threat modeling using a MITRE-style threat matrix

9 views

Summary

This article highlights the critical need to secure CI/CD pipelines, which are increasingly vulnerable to attacks allowing malicious code injection, access to secrets, and permission manipulation. It introduces a CI/CD-specific threat matrix based on the MITRE ATT&CK framework to help identify potential attack paths and proactively model threats. The authors will demonstrate threat modeling with GitHub in a follow-up, emphasizing the importance of treating the SCM tool as part of the CI/CD security boundary.
Read the Original Article

This article originally appeared on Datadog | The Monitor blog.

Read Full Article on Original Site

Popular from Datadog | The Monitor blog

1
Datadog achieves ISO 42001 certification for responsible AI
Datadog achieves ISO 42001 certification for responsible AI

Datadog | The Monitor blog Mar 26, 2026 26 views

2
Understand session replays faster with AI summaries and smart chapters
Understand session replays faster with AI summaries and smart chapters

Datadog | The Monitor blog Apr 2, 2026 20 views

3
Introducing Bits AI Dev Agent for Code Security
Introducing Bits AI Dev Agent for Code Security

Datadog | The Monitor blog Mar 26, 2026 19 views

4
Integrate Recorded Future threat intelligence with Datadog Cloud SIEM
Integrate Recorded Future threat intelligence with Datadog Cloud SIEM

Datadog | The Monitor blog Apr 9, 2026 18 views

5
Platform engineering metrics: What to measure and what to ignore
Platform engineering metrics: What to measure and what to ignore

Datadog | The Monitor blog Apr 9, 2026 17 views