Chapter 5. Build Security in SCE

SCE helps you prepare for security failures in your systems, but different phases of the software delivery life cycle involve different types of failures. We’ll be discussing “build security” in this chapter, referring to the security of software delivery beginning at the design phase and including the development work leading up to actual deployment of code on running systems. Postdeployment and ongoing operation of software and services will be covered in Chapter 6, “Production Security in SCE”. In this chapter, we’ll discuss how to think about build-phase security as well as explore examples of failure in build pipelines and in the design and configuration of microservices.

When we think about security failure, we tend to think about situations, like data breaches, that occur after the build phase. But security failure starts within the design and development of software and services. Failure is a result of interrelated components behaving in unexpected ways, which can—and almost always do!—start much further back in system design, development processes, and other policies that inform how our systems ultimately look and operate.

Failure in the Build Phase

In the true spirit of SCE, we must conduct experiments to uncover potential failures. This leads to the question: What experiments should you conduct to uncover how your system handles build-time security failures? What happens if there is an outage in your vulnerability scanner or other ...