Security Topics
Types of Attacks
PPE - Poisoned Pipeline Execution
- Definition and article - https://www.cidersecurity.io/top-10-cicd-security-risks/poisoned-pipeline-execution-ppe/
Definition
Poisoned Pipeline Execution (PPE) risks refer to the ability of an attacker with access to source control systems – and without access to the build environment, to manipulate the build process by injecting malicious code/commands into the build pipeline configuration, essentially ‘poisoning' the pipeline and running malicious code as part of the build process.