Pipeline Hardening

Expression Security: Preventing Injection and Hardening Your YAML

Expression Security: Preventing Injection and Hardening Your YAML

“Enter your environment name: prod; rm -rf /”. If that input reached your pipeline, would it crash your production server? Most DevOps engineers worry about network firewalls and SSH keys, but they leave a massive back door open: Expression Injection. In the rush to build …