Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of those conditions by scanning pipeline configuration and repository settings directly. What Plumber checks Plumber reads a project’s .gitlab-ci.yml file and queries the GitLab API to produce a compliance report. It includes eight controls that teams can … More → The post Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps appeared first on Help Net Security.
http://news.poseidon-us.com/TRf0Jm

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

Like this:

Related

More Posts

ATO to upgrade its IBM mainframe again in quiet $104.8m deal

Yarra Valley Water betting on AI to predict asset failures

Pentagon to adopt Palantir AI as core US military system

US, Germany, Canada disrupt botnets

"CanisterWorm" supply chain malware attacks npm

Share this: