INTEGRATING SOFTWARE CONFIGURATION MANAGEMENT AND SECURITY TOOLS INTO CI/CD PIPELINES: ENHANCING AUTOMATION, TRACEABILITY, AND RELIABILITY
Keywords:
CI/CD Pipeline, Vulnerability Database, API Integration, Security Automation, GitHub Security AdvisoriesAbstract
This article analyzes the role of Software Configuration Management (SCM) and security tool integration within Continuous Integration/Continuous Deployment (CI/CD) pipelines. It is determined that embedding vulnerability databases and automated security checks into the pipeline significantly improves the reliability and security of software development processes. Key SCM processes—such as change tracking, version control, and auditing—are examined in the context of CI/CD, and their impact on automation, traceability, and cross-team collaboration is substantiated. The study identifies the benefits of integrating tools such as Git, Docker, and Terraform alongside vulnerability databases (e.g., NVD, Snyk, GitHub Security Advisories).
References
Securing the Software Supply Chain: Recommended Processes for Developers. CISA, NSA, & ODNI, 2022.
3 Ways to Mitigate Risks Using Private Package Feeds. Microsoft, 2021.
R.Zulunov, U.Akhundjanov, B.Soliyev, A.Kayumov, M.Asraev, Kh.Musayev. Building and predicting a neural network in PYTHON. E3S Web of Conferences, 508, 04005 (2024).
R.Zulunov. Pythonda neyron tarmoqni qurish va bashorat qilish. Al-Farg'oniy avlodlari, 2023, 1/4, c. 22-26.
R.Zulunov, Z.Samatova. Bulutli texnologiyalarda kiberxavfsizlik taminlashda CASB yechimlari. Потомки Аль-Фаргани, 2024, 1(1), с. 93–98.
VV Byts', RM Zulunov. Specification of matrix algebra problems by reduction. Journal of Mathematical Sciences. T. 71, 2719–2726 (1994).
Hnatiienko, H., Hnatiienko, V., Zulunov R., Babenko, T., Myrutenko, L. Method for Determining the Level of Criticality Elements when Ensuring the Functional Stability of the System based on Role Analysis of Elements. CEUR Workshop Proceedings, 2024, 3654, p. 301–311
R.Zulunov, B.Soliyev, A.Kayumov, M.Asraev, Kh.Musayev, D.Abdurasulova. Detecting mobile objects with ai using edge detection and background subtraction techniques. E3S Web of Conferences, 508, 03004 (2024).
R.Zulunov, Z.Samatova. Kiber xavfsizlik muammolari va uni ta'minlash usullari. Потомки Аль-Фаргани, 2024, 1(2), 322–326.
R.Zulunov, B.Soliev. Z.Ermatova. Enhancing Clarity with Techniques for Recognizing Blurred Objects in Low Quality Images Using Python. Потомки Аль-Фаргани, 2024, 1(2), 336–340.
U.Akhundjanov, R.Zulunov, A.Kayumov, X.Goipova, Z.Ermatova, M.Sobirov. Handwritten signature preprocessing for off-line recognition systems. E3S Web Conf., 587 (2024) 03019.
Downloads
Additional Files
Published
How to Cite
License
Copyright (c) 2025 Ravshanbek Zulunov
This work is licensed under a Creative Commons Attribution 4.0 International License.
