In the context of modern DevOps, application security and the implementation of the principle of least privilege (PoLP) are becoming critical elements aimed at minimizing risks and improving the sustainability of IT systems. This article analyzes approaches to integrating security measures at all stages of the software development lifecycle, starting from the early phases, which reduces the likelihood of vulnerabilities. Special attention is paid to the principle of least privilege, which restricts access by users and system components to only the necessary rights, thereby increasing security and preventing unauthorized access. Strategies for minimizing permissions, ensuring infrastructure protection, and automating security checks in CI/CD pipelines are considered. The challenges associated with implementing these principles are also discussed, and ways to overcome them are proposed to improve the security and stability of software solutions.

ZENODO DOI:- https://doi.org/10.5281/zenodo.13959998

DevOps, application security, principle of least privilege, PoLP

Dawoud A. et al. Better Left Shift Security! Framework for Secure Software Development //2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW). – IEEE, 2024. – pp. 642-649.

Gonzalez D., Perez P. P., Mirakhorli M. Barriers to shift-left security: The unique pain points of writing automated tests involving security controls //Proceedings of the 15th ACM/IEEE International Symposium on Empirical Software Engineering and Measurement (ESEM). – 2021. – pp. 1-12.

Oka D. K., Fujikura T., Kurachi R. Shift left: Fuzzing earlier in the automotive software development lifecycle using hil systems //Proc. 16th ESCAR Europe. – 2018. – pp. 1-13.

Vaddadi S. A. et al. Shift left testing paradigm process implementation for quality of software based on fuzzy //Soft Computing. – 2023. – pp. 1-13.

Sanders M. W., Yue C. Mining least privilege attribute based access control policies //Proceedings of the 35th Annual Computer Security Applications Conference. – 2019. – pp. 404-416.

Billoir E. et al. Implementing the principle of least privilege using linux capabilities: Challenges and perspectives //2023 7th cyber security in networking conference (CSNet). – IEEE, 2023. – pp. 130-136.

Practicing the Principle of Least Privilege. [Electronic resource] Access mode: https://dev.to/kreuzwerker-/practicing-the-principle-of-least-privilege-1h04 (accessed 08/23/2024).

Singh A., Aggarwal A. Securing Microservice CICD Pipelines in Cloud Deployments through Infrastructure as Code Implementation Approach and Best Practices //Journal of Science & Technology. - 2022. – vol. 3. – No. 3. – pp. 51-65.

Deepak R. D. S., Swarnalatha P. Continuous Integration-Continuous Security-Continuous Deployment Pipeline Automation for Application Software (CI-CS-CD) //International Journal of Computer Science and Software Engineering. – 2019. – vol. 8. – No. 10. – pp. 247-253.

Mangla M. Securing CI/CD Pipeline: Automating the detection of misconfigurations and integrating security tools : dis. – Dublin, National College of Ireland, 2023.

Jammeh B. DevSecOps: Security Expertise a Key to Automated Testing in CI/CD Pipeline //Bournemouth University. – 2020.

Data leaks: current threats to companies in the first half of 2024. [Electronic resource] Access mode: https://www.ptsecurity.com/ww-en/analytics/data-leaks-current-threats-for-companies-in-H1-2024 / (accessed 08/23/2024).

Security from the beginning: the main challenges in implementing left-wing approaches to cybersecurity. [Electronic resource] Access mode: https://www.csoonline.com/article/997815/secure-from-the-get-go-top-challenges-in-implementing-shift-left-cybersecurity-approaches.html (accessed 08/23/2024).