Zero Trust Architecture for Secure Software Delivery
Blog post from Harness
Harness is advancing security in continuous integration and continuous delivery (CI/CD) by introducing a Zero Trust model to supplement traditional Role-Based Access Control (RBAC) and Open Policy Agent (OPA) methods, which are often insufficient against insider threats or compromised accounts. This model involves the Harness Delegate, a runner in the delivery infrastructure, which pauses execution to send task details to a Zero Trust Validator controlled by a security team, ensuring actions are verified at execution time rather than at initial access. This approach aims to enhance security by blocking potentially malicious actions before they can execute, acting as a vital "Last Line of Defense" against threats while allowing engineers to maintain high-speed innovation. By integrating this model, Harness aims to address the vulnerabilities highlighted by incidents like the Checkmarx GitHub Action attack, reinforcing its commitment to a hardened architecture that supports enterprises' security demands in software delivery.
| Trend | Post Mentions | Total Month Mentions | Posts | Companies | MoM |
|---|---|---|---|---|---|
| Kubernetes | 13 | 2,306 | 381 | 103 | +25% |
| Zero Trust | 8 | 91 | 42 | 21 | -41% |
| Observability | 2 | 4,496 | 812 | 176 | +40% |
| Real-time | 2 | 6,296 | 1,346 | 246 | -2% |
| Secrets Management | 2 | 1,821 | 338 | 111 | +22% |
| Developer Experience | 1 | 611 | 275 | 100 | +27% |