Back to articles
CI/CD security: threat modeling using a MITRE-style threat matrix
Datadog | The Monitor blog

CI/CD security: threat modeling using a MITRE-style threat matrix

18 views

Summary

This article highlights the critical need to secure CI/CD pipelines, which are increasingly vulnerable to attacks allowing malicious code injection, access to secrets, and permission manipulation. It introduces a CI/CD-specific threat matrix based on the MITRE ATT&CK framework to help identify potential attack paths and proactively model threats. The authors will demonstrate threat modeling with GitHub in a follow-up, emphasizing the importance of treating the SCM tool as part of the CI/CD security boundary.
Read the Original Article

This article originally appeared on Datadog | The Monitor blog.

Read Full Article on Original Site

Popular from Datadog | The Monitor blog

1
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions
Datadog LLM Observability natively supports OpenTelemetry GenAI Semantic Conventions

Datadog | The Monitor blog Dec 1, 2025 95 views

2
Introducing Bits AI Dev Agent for Code Security
Introducing Bits AI Dev Agent for Code Security

Datadog | The Monitor blog Mar 26, 2026 78 views

3
Monitoring MongoDB performance metrics (MMAP)
Monitoring MongoDB performance metrics (MMAP)

Datadog | The Monitor blog May 25, 2016 70 views

4
Understand session replays faster with AI summaries and smart chapters
Understand session replays faster with AI summaries and smart chapters

Datadog | The Monitor blog Apr 2, 2026 69 views

5
Introducing ARFBench: A time series question-answering benchmark based on real incidents
Introducing ARFBench: A time series question-answering benchmark based on real incidents

Datadog | The Monitor blog Apr 24, 2026 66 views