Protect Your Company's Source Code by Using Cloud Development Environments

Protect Your Company's Source Code by Using Cloud Development Environments

When considering security breaches, we typically think about the exposure of private user data. But as of late, we’re continuing to see a trend indicating that source code is an equally-lucrative target for hackers:

"For CISOs, the incident demonstrates that your source code is no less a target than your customer data, as it can reveal valuable information about your application’s underlying architecture.”  -Tim Keary on the recent LastPass breach (VentureBeat)

In addition to super-secret algorithms and intellectual property, the theft of source code allows attackers to discover software vulnerabilities that they can expose to further compromise a system:

  • With direct access to a system’s code, attackers are able to identify and leverage previously-unknown vulnerabilities in a service or application.
  • Source code may contains secrets/credentials that would allow an attacker privileged access to sensitive data.

With cloud-based development environments, we can dramatically reduce the risk of source code attacks by:

  • Not storing source code directly on developer computers: when a developer uses cloud-based environments, source code is never stored on their machine; common attack paths (e.g phishing, malware) no longer provide direct access to code and, as a result, are far less likely to succeed
  • Requiring enterprise-level authentication: we can drastically decrease the attack surface for a developer’s laptop by providing tighter access control to remote development environments; e.g. by enforcing 2FA and minimizing session duration, we shorten the exposure window that would-be attackers have access to source code

In summary, cloud-based development environments add a meaningful buffer between an individual developer’s laptop and their company’s proprietary source code, considerably reducing the overall vulnerability of a company in the case of increasingly-popular source code attacks.

Other posts