Skip to content

Commit

Permalink
Update CICD-SEC-02-Inadequate-Identity-And-Access-Management.md
Browse files Browse the repository at this point in the history
  • Loading branch information
@omer-cider
omer-cider committed Nov 14, 2022
1 parent d96fd45 commit 5c08ddd
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion Risks/CICD-SEC-02-Inadequate-Identity-And-Access-Management.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ Some of the major concerns and challenges around identity and access management

## Impact

The existence of hundreds (or sometimes thousands) of identities - both human and programmatic - across the CI/CD ecosystem, paired with a lack of strong identity and access management practices and common usage of overly permissive accounts, leads to a state where compromising nearly any user account on any system, could grant powerful capabilities to the environment, and could serve as a segway into the production environment.
The existence of hundreds (or sometimes thousands) of identities - both human and programmatic - across the CI/CD ecosystem, paired with a lack of strong identity and access management practices and common usage of overly permissive accounts, leads to a state where compromising nearly any user account on any system, could grant powerful capabilities to the environment, and could serve as a segue into the production environment.


## Recommendations
Expand Down

0 comments on commit 5c08ddd

Please sign in to comment.