2.3 Build Instructions
2.3.1 Ensure all build steps are defined as code
Recommended Action
Convert pipeline instructions into code-based syntax, and upload them to the organization’s version control platform.
2.3.5 Ensure access to the build process’s triggering is minimized
Recommended Action
For every pipeline in use, grant only the necessary members permission to trigger it.
2.3.7 Ensure pipelines are automatically scanned for vulnerabilities
Recommended Action
For each pipeline, set automated vulnerabilities scanning.
2.3.8 Ensure scanners are in place to identify and prevent sensitive data in pipeline files
Recommended Action
For every pipeline that is in use, set scanners that will identify and prevent sensitive data in it.