Policy-driven infrastructure hardening using CI/CD pipelines in enterprise environments

Rohith Aitharaju *

Independent Researcher, USA.
 
Research Article
International Journal of Science and Research Archive, 2022, 07(01), 591-602.
Article DOI: 10.30574/ijsra.2022.7.1.0280
Publication history: 
Received on 28 June 2022; revised on 21 October 2022; accepted on 29 October 2022
 
Abstract: 
The way modern businesses are speeding up software implementation using CI/CD, securely managing infrastructure automatically has never been more essential. Old methods of protecting systems, made by hand and only done when problems arise, cannot catch up to what DevOps pipelines require. This research looks at using Policy-as-Code (PaC) in CI/CD pipelines to apply policy-driven hardening to infrastructure which helps maintain compliance, consistency and robustness. The research further examines basic ideas like Infrastructure as Code (IaC), managing configurations and the important security benchmarks CIS and NIST. It guides readers on how to use the following tools to ensure security when deployments are undertaken: Jenkins, GitHub Actions, Open Policy Agent (OPA) and HashiCorp Sentinel. False positives, complicated integration and resistance in the organization are discussed and solutions are given using a unified DevSecOps approach and intelligent policy engines. With this strategy, real-time enforcement of safety and compliance rules makes security an asset that helps enterprises scale, remain automated and use contextual protection. The findings end by sharing useful tips and possibilities for the future, helping businesses integrate strong security into their CI/CD workflows
 
Keywords: 
Policy-as-code(PaC); CI/CD Pipelines; Infrastructure as Code ( IaC); Security Hardening; Open Policy Agent
 
Full text article in PDF: 
 
Copyright information: 

Copyright © 2022 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0