Skip to main content

Introduction

Who is Cimon

Cimon (pronounced "Simon") is the superhero for your CI/CD pipeline!

Cimon is a runtime security solution that detects and stops software supply-chain attacks on your pipeline, including those targeting SolarWinds and CodeCov, through easy onboarding and a developer-friendly experience.

By utilizing the revolutionary eBPF technology, Cimon monitors and mitigates attacks within the kernel, denying access to users' assets as soon as they arise.

SolarWinds & CodeCov

SolarWinds and CodeCov attacks were sophisticated cyberattacks that compromised the security of tens of thousands of organizations, including government agencies and businesses. They allowed hackers to gain access to sensitive data. The entry point for these attacks was through the build system.

Why Cimon

The investigation of all supply-chain incidents in recent years led us to conclude that while organizations and project maintainers strive to prevent attacks as soon as possible, there are no controls to prevent attackers from committing malicious behavior.

The number of supply chain attacks on the build server is rising. Whether it is TypoSquatting, Dependency Confusion, RepoJacking, or Dependency Poisoning, they all essentially try to execute the same thing:

  • Exfiltrate sensitive data from the build server
  • Tamper with sensitive data on the server

Rather than trying to prevent all entry points for attackers into the build environment, let's prevent them from performing these actions. As a result, attackers cannot exfiltrate your sensitive data regardless of how the build was compromised.

What Cimon Does

Cimon tasks are separated into two:

  • Learning (detect mode) the CI pipeline behavior.
  • Applying the learned data (prevent mode) and creating a preventive security policy.

Cimon will monitor and prevent the golden pillars of CI/CD pipeline security: process execution, network access, and file access. It enables us to detect a breach, identify the compromised pipeline runner, and take remedial measures.

Why do I need Cimon

Our philosophy is to provide maximum protection with minimal friction for developers. This is how we implemented Cimon.

For those seeking install-and-forget security, Cimon can ensure maximum security in five minutes without any further maintenance. If you seek a deeper understanding of your pipelines, Cimon provides deep inspection capabilities for security engineers to investigate possible attacks on their pipelines.

So get started!

Cimon With Cycode

Cycode enhances the capabilities of Cimon and allows the following:

  • Browse all reports to gain visibility across the organization.
  • Establishing workflows for incident response and remediation when violations occur.
  • Easier configuration creation through company-wide allow-lists.
  • Build policy can be managed remotely within the platform.
  • Incorporating the latest compliance frameworks, such as SLSA and SSDF, into Cimon's capabilities.
  • And more.

If you are interested, please contact us via book a demo.