Who is Cimon
Cimon (pronounced "Simon") is the superhero for your CI/CD pipeline!
Cimon is a runtime security solution that detects and stops software supply-chain attacks on your pipeline, including those targeting SolarWinds and CodeCov, through easy onboarding and a developer-friendly experience.
By utilizing the revolutionary eBPF technology, Cimon monitors and mitigates attacks within the kernel, denying access to users' assets as soon as they arise.
SolarWinds and CodeCov attacks were sophisticated cyberattacks that compromised the security of tens of thousands of organizations, including government agencies and businesses. They allowed hackers to gain access to sensitive data. The entry point for these attacks was through the build system.
The investigation of all supply-chain incidents in recent years led us to conclude that while organizations and project maintainers strive to prevent attacks as soon as possible, there are no controls to prevent attackers from committing malicious behavior.
The number of supply chain attacks on the build server is rising. Whether it is TypoSquatting, Dependency Confusion, RepoJacking, or Dependency Poisoning, they all essentially try to execute the same thing:
- Exfiltrate sensitive data from the build server
- Tamper with sensitive data on the server
Rather than trying to prevent all entry points for attackers into the build environment, let's prevent them from performing these actions. As a result, attackers cannot exfiltrate your sensitive data regardless of how the build was compromised.
What Cimon Does
Cimon tasks are separated into two:
- Learning (detect mode) the CI pipeline behavior.
- Applying the learned data (prevent mode) and creating a preventive security policy.
Cimon will monitor and prevent the golden pillars of CI/CD pipeline security: process execution, network access, and file access. It enables us to detect a breach, identify the compromised pipeline runner, and take remedial measures.
Why do I need Cimon
Our philosophy is to provide maximum protection with minimal friction for developers. This is how we implemented Cimon.
For those seeking install-and-forget security, Cimon can ensure maximum security in five minutes without any further maintenance. If you seek a deeper understanding of your pipelines, Cimon provides deep inspection capabilities for security engineers to investigate possible attacks on their pipelines.
So get started!