Home / Companies / Harness / Blog / Post Details
Content Deep Dive

Zero Trust Architecture for Secure Software Delivery

Blog post from Harness

Post Details
Company
Date Published
Author
Eric Minick All this author’s posts
Word Count
1,569
Company Posts That Month
57
Language
English
Hacker News Points
-
Summary

Harness is advancing security in continuous integration and continuous delivery (CI/CD) by introducing a Zero Trust model to supplement traditional Role-Based Access Control (RBAC) and Open Policy Agent (OPA) methods, which are often insufficient against insider threats or compromised accounts. This model involves the Harness Delegate, a runner in the delivery infrastructure, which pauses execution to send task details to a Zero Trust Validator controlled by a security team, ensuring actions are verified at execution time rather than at initial access. This approach aims to enhance security by blocking potentially malicious actions before they can execute, acting as a vital "Last Line of Defense" against threats while allowing engineers to maintain high-speed innovation. By integrating this model, Harness aims to address the vulnerabilities highlighted by incidents like the Checkmarx GitHub Action attack, reinforcing its commitment to a hardened architecture that supports enterprises' security demands in software delivery.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
Kubernetes 13 2,306 381 103 +25%
Zero Trust 8 91 42 21 -41%
Observability 2 4,496 812 176 +40%
Real-time 2 6,296 1,346 246 -2%
Secrets Management 2 1,821 338 111 +22%
Developer Experience 1 611 275 100 +27%