"Secure Build Systems: Hardening CI, Runners, and Artifacts Against Tampering"
Modern attackers don't need to breach production to ship malware—they only need to compromise your build. This book is written for experienced engineers, security practitioners, and platform teams responsible for CI/CD, release engineering, and software supply-chain risk. It provides an attacker-centric framework for reasoning about trust boundaries across repos, CI control planes, runners, and artifact stores, so hardening work is driven by evidence instead of folklore.
You'll learn how to lock down pipeline definitions and release gates, design runner isolation and ephemerality, and eliminate secret sprawl by moving from long-lived keys to OIDC-based workload identity. The book goes deep on dependency integrity and hermetic inputs, then shows how to make integrity verifiable through provenance and attestations, SLSA-aligned requirements, and in-toto models for multi-step supply chains. Finally, it covers artifact signing strategies (including Sigstore keyless flows), transparency logs, registry immutability, and deploy-time policy-as-code verification gates—plus practical incident response patterns for CI compromise, trust resets, and artifact recall.
Expect implementation-focused decision criteria, failure modes, and operational playbooks. Familiarity with CI/CD systems, cloud IAM, and container/package ecosystems is assumed; the emphasis is on building resilient, auditable, tamper-evident release pipelines at scale.
