{"id":90,"date":"2026-01-16T16:00:53","date_gmt":"2026-01-16T15:00:53","guid":{"rendered":"https:\/\/secure-pipelines.com\/?page_id=90"},"modified":"2026-03-25T10:48:22","modified_gmt":"2026-03-25T09:48:22","slug":"topics","status":"publish","type":"page","link":"https:\/\/secure-pipelines.com\/ar\/topics\/","title":{"rendered":"\u0627\u0644\u0645\u062c\u0627\u0644\u0627\u062a"},"content":{"rendered":"<p>\u062a\u0642\u062f\u0645 \u0647\u0630\u0647 \u0627\u0644\u0635\u0641\u062d\u0629 \u0646\u0638\u0631\u0629 \u0639\u0627\u0645\u0629 \u0639\u0644\u0649 \u0623\u0628\u0631\u0632 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0627\u0644\u062a\u0642\u0646\u064a\u0629 \u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u062a\u0646\u0627\u0648\u0644\u0647\u0627 \u0639\u0644\u0649 \u0645\u0648\u0642\u0639 Secure Pipelines.<\/p>\n<p>\u064a\u0645\u062b\u0644 \u0643\u0644 \u0645\u0648\u0636\u0648\u0639 \u0645\u062c\u0627\u0644\u0627\u064b \u0623\u0633\u0627\u0633\u064a\u0627\u064b \u0645\u0646 \u0645\u062c\u0627\u0644\u0627\u062a \u0623\u0645\u0646 \u062e\u0637\u0648\u0637 CI\/CD \u0648\u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a\u060c \u0648\u064a\u062a\u0636\u0645\u0646 \u0645\u0642\u0627\u0644\u0627\u062a \u0645\u062a\u0639\u0645\u0642\u0629\u060c \u0648\u0623\u062f\u0644\u0629 \u0625\u0631\u0634\u0627\u062f\u064a\u0629 \u0645\u0646\u0638\u0645\u0629\u060c \u0648\u0645\u062e\u062a\u0628\u0631\u0627\u062a \u0639\u0645\u0644\u064a\u0629.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u0623\u0645\u0646 CI\/CD<\/h2>\n<p>\u064a\u0631\u0643\u0632 \u0647\u0630\u0627 \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0639\u0644\u0649 \u062a\u0623\u0645\u064a\u0646 \u062e\u0637\u0648\u0637 CI\/CD \u0636\u062f \u0627\u0644\u0639\u0628\u062b\u060c \u0648\u0633\u0648\u0621 \u0627\u0644\u0627\u0633\u062a\u062e\u062f\u0627\u0645\u060c \u0648\u0627\u0644\u062a\u063a\u064a\u064a\u0631\u0627\u062a \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u0647\u0627.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/complete-guide-ci-cd-pipeline-security\/\">\u2190 \u0627\u0642\u0631\u0623 \u0627\u0644\u062f\u0644\u064a\u0644 \u0627\u0644\u0634\u0627\u0645\u0644 \u0644\u0623\u0645\u0646 \u062e\u0637\u0648\u0637 CI\/CD<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-execution-models-trust-assumptions-security-guide-2\/\">\u0646\u0645\u0627\u0630\u062c \u062a\u0646\u0641\u064a\u0630 \u062e\u0637\u0648\u0637 CI\/CD \u0648\u062d\u062f\u0648\u062f \u0627\u0644\u062b\u0642\u0629<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/separation-of-duties-least-privilege-ci-cd-pipelines\/\">\u0627\u0644\u0635\u0644\u0627\u062d\u064a\u0627\u062a\u060c \u0627\u0644\u0647\u0648\u064a\u0627\u062a\u060c \u0648\u0627\u0644\u062a\u062d\u0643\u0645 \u0641\u064a \u0627\u0644\u0648\u0635\u0648\u0644<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/secrets-management-ci-cd-pipelines-patterns-vault-2\/\">\u062a\u0639\u0631\u0636 \u0627\u0644\u0623\u0633\u0631\u0627\u0631 \u0648\u0633\u0628\u0644 \u062d\u0645\u0627\u064a\u062a\u0647\u0627<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/secure-deployment-workflows-ci-cd-pipeline-production\/\">\u062a\u062f\u0641\u0642\u0627\u062a \u0646\u0634\u0631 \u0622\u0645\u0646\u0629<\/a><\/li>\n<\/ul>\n<p><em>\u0623\u062f\u0644\u0629:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/policy-as-code-ci-cd-opa-rego-security-gates-2\/\">Policy as Code<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/short-lived-credentials-workload-identity-federation-ci-cd\/\">\u0627\u062a\u062d\u0627\u062f \u0647\u0648\u064a\u0629 \u0623\u062d\u0645\u0627\u0644 \u0627\u0644\u0639\u0645\u0644<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/defensive-patterns-mitigations-ci-cd-pipeline-attacks\/\">\u0623\u0646\u0645\u0627\u0637 \u0627\u0644\u062f\u0641\u0627\u0639<\/a><br \/><em>\u0645\u0631\u0627\u062c\u0639 \u0633\u0631\u064a\u0639\u0629:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/owasp-top-10-ci-cd-risks-explained-real-world-examples\/\">OWASP Top 10 CI\/CD Risks<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/slsa-levels-explained-practical-compliance-checklist\/\">\u0642\u0627\u0626\u0645\u0629 \u062a\u062d\u0642\u0642 \u0645\u0633\u062a\u0648\u064a\u0627\u062a SLSA<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a<\/h2>\n<p>\u064a\u0647\u062f\u0641 \u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a \u0625\u0644\u0649 \u0636\u0645\u0627\u0646 \u0633\u0644\u0627\u0645\u0629 \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f\u064a\u0627\u062a \u0648\u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u0628\u0646\u0627\u0621 \u0648\u0627\u0644\u0645\u0646\u062a\u062c\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/software-supply-chain\/software-supply-chain-security-comprehensive-guide\/\">\u2190 \u0627\u0642\u0631\u0623 \u0627\u0644\u062f\u0644\u064a\u0644 \u0627\u0644\u0634\u0627\u0645\u0644 \u0644\u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/dependency-confusion-artifact-poisoning-attacks-defenses\/\">\u0645\u062e\u0627\u0637\u0631 \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f\u064a\u0627\u062a \u0648\u0627\u0644\u062b\u0642\u0629 \u0627\u0644\u0639\u0627\u0628\u0631\u0629<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/build-integrity-reproducible-builds-ci-cd\/\">\u0633\u0644\u0627\u0645\u0629 \u0639\u0645\u0644\u064a\u0627\u062a \u0627\u0644\u0628\u0646\u0627\u0621 \u0648\u0627\u0644\u0628\u0646\u0627\u0621 \u0627\u0644\u0642\u0627\u0628\u0644 \u0644\u0625\u0639\u0627\u062f\u0629 \u0627\u0644\u0625\u0646\u062a\u0627\u062c<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/artifact-provenance-attestations-slsa-in-toto\/\">\u0645\u0635\u062f\u0631 \u0627\u0644\u0645\u0646\u062a\u062c\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0648\u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062a\u0639\u0631\u064a\u0641\u064a\u0629 (Attestations)<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/signing-verifying-container-images-sigstore-cosign\/\">\u062a\u0648\u0642\u064a\u0639 \u0627\u0644\u0645\u0646\u062a\u062c\u0627\u062a \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0648\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646\u0647\u0627<\/a><\/li>\n<\/ul>\n<p><em>\u0645\u062e\u062a\u0628\u0631\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-signing-verifying-container-images-cosign-github-actions\/\">\u062a\u0648\u0642\u064a\u0639 Cosign<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-generating-verifying-slsa-provenance-container-images\/\">\u062a\u062a\u0628\u0639 SLSA<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-sbom-pipeline-generate-attest-verify-syft-cosign\/\">\u062e\u0637 \u0625\u0646\u062a\u0627\u062c SBOM<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-reproducible-container-builds-pinning-verifying-diffing\/\">\u0628\u0646\u0627\u0621 \u0642\u0627\u0628\u0644 \u0644\u0625\u0639\u0627\u062f\u0629 \u0627\u0644\u0625\u0646\u062a\u0627\u062c<\/a><br \/><em>\u0645\u0642\u0627\u0631\u0646\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/container-image-signing-tools-compared-cosign-notation-gpg\/\">\u0623\u062f\u0648\u0627\u062a \u0627\u0644\u062a\u0648\u0642\u064a\u0639<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/sbom-tools-compared-syft-trivy-cyclonedx-cli\/\">\u0623\u062f\u0648\u0627\u062a SBOM<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u062a\u062d\u0635\u064a\u0646 \u062e\u0637\u0648\u0637 \u0627\u0644\u062a\u0633\u0644\u064a\u0645<\/h2>\n<p>\u064a\u063a\u0637\u064a \u0647\u0630\u0627 \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0627\u0644\u062a\u0642\u0646\u064a\u0627\u062a \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u0629 \u0644\u062a\u0639\u0632\u064a\u0632 \u0628\u064a\u0626\u0627\u062a \u062a\u0646\u0641\u064a\u0630 \u062e\u0637\u0648\u0637 \u0627\u0644\u062a\u0633\u0644\u064a\u0645.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/pipeline-hardening\/pipeline-hardening-secure-ci-cd-build-deployment-environments\/\">\u2190 \u0627\u0642\u0631\u0623 \u062f\u0644\u064a\u0644 \u062a\u062d\u0635\u064a\u0646 \u062e\u0637\u0648\u0637 \u0627\u0644\u062a\u0633\u0644\u064a\u0645<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-ephemeral-self-hosted-runners-actions-runner-controller\/\">\u0639\u0632\u0644 \u0627\u0644\u0640 Runners \u0648\u0648\u0643\u0644\u0627\u0621 \u0627\u0644\u0628\u0646\u0627\u0621<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/network-filesystem-restrictions-ci-cd-build-environments\/\">\u0642\u064a\u0648\u062f \u0627\u0644\u0634\u0628\u0643\u0629 \u0648\u0646\u0638\u0627\u0645 \u0627\u0644\u0645\u0644\u0641\u0627\u062a<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/separation-of-duties-least-privilege-ci-cd-pipelines\/\">\u0646\u0645\u0627\u0630\u062c \u0627\u0644\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u0642\u0627\u0626\u0645\u0629 \u0639\u0644\u0649 \u0645\u0628\u062f\u0623 \u0623\u0642\u0644 \u0627\u0645\u062a\u064a\u0627\u0632<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/securing-github-actions-runners\/\">\u062a\u062d\u0635\u064a\u0646 \u0627\u0644\u0640 Runners \u0627\u0644\u0645\u0634\u062a\u0631\u0643\u0629 \u0648\u0627\u0644\u0645\u0633\u062a\u0636\u0627\u0641\u0629 \u0630\u0627\u062a\u064a\u0627\u064b<\/a><\/li>\n<\/ul>\n<p><em>\u0645\u062e\u062a\u0628\u0631\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-hardening-github-actions-workflows-permissions-pinning-secrets\/\">\u062a\u062d\u0635\u064a\u0646 GHA<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-detecting-preventing-secret-leaks-ci-cd-pipelines\/\">\u062a\u0633\u0631\u064a\u0628 \u0627\u0644\u0623\u0633\u0631\u0627\u0631<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-enforcing-kubernetes-policies-opa-conftest-ci-cd\/\">OPA Conftest<\/a><br \/><em>\u0645\u0642\u0627\u0631\u0646\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-security-scanners-compared-trivy-grype-snyk-checkov\/\">\u0645\u0627\u0633\u062d\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-policy-engines-compared-opa-kyverno-sentinel-cedar\/\">\u0645\u062d\u0631\u0643\u0627\u062a \u0627\u0644\u0633\u064a\u0627\u0633\u0627\u062a<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">GitHub Actions<\/h2>\n<p>\u064a\u0631\u0643\u0632 \u0647\u0630\u0627 \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0639\u0644\u0649 \u062a\u0623\u0645\u064a\u0646 \u062a\u062f\u0641\u0642\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0627\u0644\u0645\u0628\u0646\u064a\u0629 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 GitHub Actions.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/github-actions-security-definitive-guide\/\">\u2190 \u0627\u0642\u0631\u0623 \u0627\u0644\u062f\u0644\u064a\u0644 \u0627\u0644\u0634\u0627\u0645\u0644 \u0644\u0623\u0645\u0627\u0646 GitHub Actions<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/github-actions-security-cheat-sheet\/\">\u0635\u0644\u0627\u062d\u064a\u0627\u062a \u062a\u062f\u0641\u0642\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0648\u0646\u0637\u0627\u0642 \u0627\u0644\u0631\u0645\u0648\u0632 (Tokens)<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-detecting-malicious-github-actions-static-analysis\/\">\u062a\u0623\u0645\u064a\u0646 \u0627\u0644\u0625\u062c\u0631\u0627\u0621\u0627\u062a \u0627\u0644\u062a\u0627\u0628\u0639\u0629 \u0644\u062c\u0647\u0627\u062a \u062e\u0627\u0631\u062c\u064a\u0629<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-ephemeral-self-hosted-runners-actions-runner-controller\/\">\u0623\u0645\u0646 \u0627\u0644\u0640 Runners \u0648\u0639\u0632\u0644\u0647\u0627<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-configuring-oidc-workload-identity-github-actions-aws\/\">\u0647\u0648\u064a\u0629 \u0623\u062d\u0645\u0627\u0644 \u0627\u0644\u0639\u0645\u0644 OIDC \u0645\u0639 AWS<\/a><\/li>\n<\/ul>\n<p><em>\u0645\u062e\u062a\u0628\u0631\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-hardening-github-actions-workflows-permissions-pinning-secrets\/\">\u062a\u062d\u0635\u064a\u0646 \u062a\u062f\u0641\u0642\u0627\u062a \u0627\u0644\u0639\u0645\u0644<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-signing-verifying-container-images-cosign-github-actions\/\">\u062a\u0648\u0642\u064a\u0639 Cosign<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-generating-verifying-slsa-provenance-container-images\/\">\u062a\u062a\u0628\u0639 SLSA<\/a><br \/><em>\u0645\u0631\u062c\u0639 \u0633\u0631\u064a\u0639:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/github-actions-security-cheat-sheet\/\">\u0645\u0631\u062c\u0639 \u0633\u0631\u064a\u0639 \u0644\u0623\u0645\u0627\u0646 GitHub Actions<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">GitLab CI<\/h2>\n<p>\u064a\u062a\u0646\u0627\u0648\u0644 \u0647\u0630\u0627 \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0627\u0639\u062a\u0628\u0627\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0627\u0646 \u0627\u0644\u062e\u0627\u0635\u0629 \u0628\u0640 GitLab CI\/CD.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/gitlab-ci-cd-security-definitive-guide\/\">\u2190 \u0627\u0642\u0631\u0623 \u0627\u0644\u062f\u0644\u064a\u0644 \u0627\u0644\u0634\u0627\u0645\u0644 \u0644\u0623\u0645\u0627\u0646 GitLab CI\/CD<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-securing-gitlab-ci-pipelines-protected-variables-runners-environments\/\">\u0623\u0645\u0646 \u062e\u0637\u0648\u0637 \u0627\u0644\u062a\u0633\u0644\u064a\u0645 \u0648\u0627\u0644\u0645\u0647\u0627\u0645 (Jobs)<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/gitlab-ci-security-cheat-sheet\/\">\u062a\u0643\u0648\u064a\u0646 \u0627\u0644\u0640 Runners \u0648\u0639\u0632\u0644\u0647\u0627<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/secrets-management-ci-cd-pipelines-patterns-vault-2\/\">\u0625\u062f\u0627\u0631\u0629 \u0627\u0644\u0623\u0633\u0631\u0627\u0631 \u0641\u064a \u062e\u0637\u0648\u0637 GitLab<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/secure-deployment-workflows-ci-cd-pipeline-production\/\">\u062a\u062f\u0641\u0642\u0627\u062a \u0646\u0634\u0631 \u0622\u0645\u0646\u0629<\/a><\/li>\n<\/ul>\n<p><em>\u0645\u062e\u062a\u0628\u0631:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-securing-gitlab-ci-pipelines-protected-variables-runners-environments\/\">\u062a\u0623\u0645\u064a\u0646 \u062e\u0637\u0648\u0637 GitLab CI<\/a><br \/><em>\u0645\u0631\u062c\u0639 \u0633\u0631\u064a\u0639:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/gitlab-ci-security-cheat-sheet\/\">\u0645\u0631\u062c\u0639 \u0633\u0631\u064a\u0639 \u0644\u0623\u0645\u0627\u0646 GitLab CI<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a \u0648\u0627\u0644\u0647\u062c\u0645\u0627\u062a<\/h2>\n<p>\u064a\u064f\u0639\u062f \u0641\u0647\u0645 \u0643\u064a\u0641\u064a\u0629 \u0627\u0633\u062a\u0647\u062f\u0627\u0641 \u062e\u0637\u0648\u0637 CI\/CD \u0623\u0645\u0631\u0627\u064b \u0623\u0633\u0627\u0633\u064a\u0627\u064b \u0644\u062a\u0645\u0643\u064a\u0646 \u0627\u0644\u062f\u0641\u0627\u0639 \u0639\u0646\u0647\u0627 \u0628\u0641\u0639\u0627\u0644\u064a\u0629.<\/p>\n<p><strong><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-threats-attacks-what-attackers-target-how-to-defend\/\">\u2190 \u0627\u0642\u0631\u0623 \u062f\u0644\u064a\u0644 \u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a \u0648\u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0639\u0644\u0649 CI\/CD<\/a><\/strong><\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-pipelines-primary-attack-surface\/\">\u0645\u0633\u0627\u0631\u0627\u062a \u0627\u0644\u0647\u062c\u0648\u0645 \u0627\u0644\u0634\u0627\u0626\u0639\u0629 \u0639\u0644\u0649 CI\/CD<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/dependency-confusion-artifact-poisoning-attacks-defenses\/\">\u062a\u0642\u0646\u064a\u0627\u062a \u0627\u0644\u0647\u062c\u0648\u0645 \u0639\u0644\u0649 \u0633\u0644\u0633\u0644\u0629 \u0627\u0644\u062a\u0648\u0631\u064a\u062f<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-exploiting-defending-poisoned-pipeline-execution-ppe\/\">\u062a\u0646\u0641\u064a\u0630 \u062e\u0637 \u0627\u0644\u062a\u0633\u0644\u064a\u0645 \u0627\u0644\u0645\u0633\u0645\u0648\u0645<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/owasp-top-10-ci-cd-risks-explained-real-world-examples\/\">OWASP Top 10 CI\/CD Risks<\/a><\/li>\n<\/ul>\n<p><em>\u0645\u062e\u062a\u0628\u0631\u0627\u062a:<\/em> <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-exploiting-defending-poisoned-pipeline-execution-ppe\/\">\u0647\u062c\u0648\u0645 PPE<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-simulating-dependency-confusion-attack-sandbox\/\">\u0627\u0644\u062a\u0628\u0627\u0633 \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f\u064a\u0627\u062a<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-detecting-malicious-github-actions-static-analysis\/\">\u0625\u062c\u0631\u0627\u0621\u0627\u062a \u062e\u0628\u064a\u062b\u0629<\/a> | <a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-artifact-tampering-detection-swapping-container-images-registry\/\">\u0627\u0644\u0639\u0628\u062b \u0628\u0627\u0644\u0645\u0646\u062a\u062c\u0627\u062a<\/a><\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">Policy as Code<\/h2>\n<p>\u064a\u062a\u064a\u062d \u0645\u0641\u0647\u0648\u0645 Policy as Code \u062a\u0637\u0628\u064a\u0642 \u0636\u0648\u0627\u0628\u0637 \u0623\u0645\u0627\u0646 \u0622\u0644\u064a\u0629 \u0648\u0642\u0627\u0628\u0644\u0629 \u0644\u0644\u062a\u0646\u0641\u064a\u0630 \u062f\u0627\u062e\u0644 \u062e\u0637\u0648\u0637 CI\/CD.<\/p>\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/policy-as-code-ci-cd-opa-rego-security-gates-2\/\">\u0645\u0628\u0627\u062f\u0626 \u062a\u0635\u0645\u064a\u0645 \u0627\u0644\u0633\u064a\u0627\u0633\u0627\u062a \u0648 OPA\/Rego<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/lab-enforcing-kubernetes-policies-opa-conftest-ci-cd\/\">\u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0627\u0644\u062a\u0643\u0648\u064a\u0646\u0627\u062a \u0648\u062a\u062f\u0641\u0642\u0627\u062a \u0627\u0644\u0639\u0645\u0644 \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 Conftest<\/a><\/li>\n<li><a href=\"https:\/\/secure-pipelines.com\/ar\/ci-cd-security\/ci-cd-policy-engines-compared-opa-kyverno-sentinel-cedar\/\">\u0645\u0642\u0627\u0631\u0646\u0629 \u0645\u062d\u0631\u0643\u0627\u062a \u0627\u0644\u0633\u064a\u0627\u0633\u0627\u062a: OPA \u0645\u0642\u0627\u0628\u0644 Kyverno \u0645\u0642\u0627\u0628\u0644 Sentinel \u0645\u0642\u0627\u0628\u0644 Cedar<\/a><\/li>\n<\/ul>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u0643\u064a\u0641\u064a\u0629 \u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639<\/h2>\n<p>\u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u0643\u0634\u0627\u0641 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0628\u0634\u0643\u0644 \u0645\u0633\u062a\u0642\u0644\u060c \u0623\u0648 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627 \u0643\u0646\u0642\u0627\u0637 \u062f\u062e\u0648\u0644 \u0625\u0644\u0649 \u0645\u062d\u062a\u0648\u0649 \u0623\u0643\u062b\u0631 \u062a\u0646\u0638\u064a\u0645\u0627\u064b.<\/p>\n<p>\u064a\u0631\u062a\u0628\u0637 \u0643\u0644 \u0645\u0648\u0636\u0648\u0639 \u0628\u0645\u0627 \u064a\u0644\u064a:<\/p>\n<ul class=\"wp-block-list\">\n<li>\u0645\u0642\u0627\u0644\u0627\u062a \u0630\u0627\u062a \u0635\u0644\u0629 \u0648\u0623\u062f\u0644\u0629 \u0625\u0631\u0634\u0627\u062f\u064a\u0629 \u0623\u0633\u0627\u0633\u064a\u0629<\/li>\n<li>\u0623\u062f\u0644\u0629 \u0625\u0631\u0634\u0627\u062f\u064a\u0629 \u0645\u062a\u0639\u0645\u0642\u0629<\/li>\n<li>\u0645\u062e\u062a\u0628\u0631\u0627\u062a \u0639\u0645\u0644\u064a\u0629<\/li>\n<li>\u0645\u0631\u0627\u062c\u0639 \u0633\u0631\u064a\u0639\u0629 \u0648\u0645\u0648\u0627\u0631\u062f \u0645\u0642\u0627\u0631\u0646\u0629<\/li>\n<\/ul>\n<p>\u062a\u0634\u0643\u0644 \u0647\u0630\u0647 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0645\u062c\u062a\u0645\u0639\u0629 \u0631\u0624\u064a\u0629 \u0634\u0627\u0645\u0644\u0629 \u0644\u0623\u0645\u0646 \u062e\u0637\u0648\u0637 CI\/CD \u0648\u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a.<\/p>\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n<h2 class=\"wp-block-heading\">\u0627\u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u0628\u064a\u0626\u064a \u0627\u0644\u0645\u0631\u062a\u0628\u0637<\/h2>\n<p>\u0644\u0644\u062c\u0648\u0627\u0646\u0628 \u0627\u0644\u0645\u062a\u0639\u0644\u0642\u0629 \u0628\u0627\u0644\u0627\u0645\u062a\u062b\u0627\u0644 \u0648\u0627\u0644\u062d\u0648\u0643\u0645\u0629 \u0648\u0627\u0644\u0645\u062a\u0637\u0644\u0628\u0627\u062a \u0627\u0644\u062a\u0646\u0638\u064a\u0645\u064a\u0629 \u0641\u064a DevSecOps \u0648 CI\/CD\u060c \u064a\u0631\u062c\u0649 \u0632\u064a\u0627\u0631\u0629 <strong><a href=\"https:\/\/regulated-devsecops.com\" target=\"_blank\" rel=\"noopener\">regulated-devsecops.com<\/a><\/strong>.<\/p>\n<p>\u064a\u0631\u0643\u0632 Secure Pipelines \u0639\u0644\u0649 \u0627\u0644\u062a\u0646\u0641\u064a\u0630 \u0627\u0644\u062a\u0642\u0646\u064a\u060c \u0628\u064a\u0646\u0645\u0627 \u064a\u0631\u0643\u0632 Regulated DevSecOps \u0639\u0644\u0649 \u0627\u0644\u062d\u0648\u0643\u0645\u0629 \u0648\u0642\u0627\u0628\u0644\u064a\u0629 \u0627\u0644\u062a\u062f\u0642\u064a\u0642.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u062a\u0642\u062f\u0645 \u0647\u0630\u0647 \u0627\u0644\u0635\u0641\u062d\u0629 \u0646\u0638\u0631\u0629 \u0639\u0627\u0645\u0629 \u0639\u0644\u0649 \u0623\u0628\u0631\u0632 \u0627\u0644\u0645\u0648\u0627\u0636\u064a\u0639 \u0627\u0644\u062a\u0642\u0646\u064a\u0629 \u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u062a\u0646\u0627\u0648\u0644\u0647\u0627 \u0639\u0644\u0649 \u0645\u0648\u0642\u0639 Secure Pipelines. \u064a\u0645\u062b\u0644 \u0643\u0644 \u0645\u0648\u0636\u0648\u0639 \u0645\u062c\u0627\u0644\u0627\u064b \u0623\u0633\u0627\u0633\u064a\u0627\u064b \u0645\u0646 \u0645\u062c\u0627\u0644\u0627\u062a \u0623\u0645\u0646 \u062e\u0637\u0648\u0637 CI\/CD \u0648\u0623\u0645\u0646 \u0633\u0644\u0633\u0644\u0629 \u062a\u0648\u0631\u064a\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0627\u062a\u060c \u0648\u064a\u062a\u0636\u0645\u0646 \u0645\u0642\u0627\u0644\u0627\u062a \u0645\u062a\u0639\u0645\u0642\u0629\u060c \u0648\u0623\u062f\u0644\u0629 \u0625\u0631\u0634\u0627\u062f\u064a\u0629 \u0645\u0646\u0638\u0645\u0629\u060c \u0648\u0645\u062e\u062a\u0628\u0631\u0627\u062a \u0639\u0645\u0644\u064a\u0629. \u0623\u0645\u0646 CI\/CD \u064a\u0631\u0643\u0632 \u0647\u0630\u0627 \u0627\u0644\u0645\u0648\u0636\u0648\u0639 \u0639\u0644\u0649 \u062a\u0623\u0645\u064a\u0646 \u062e\u0637\u0648\u0637 CI\/CD \u0636\u062f \u0627\u0644\u0639\u0628\u062b\u060c \u0648\u0633\u0648\u0621 \u0627\u0644\u0627\u0633\u062a\u062e\u062f\u0627\u0645\u060c \u0648\u0627\u0644\u062a\u063a\u064a\u064a\u0631\u0627\u062a \u063a\u064a\u0631 \u0627\u0644\u0645\u0635\u0631\u062d \u0628\u0647\u0627. &#8230; <a title=\"\u0627\u0644\u0645\u062c\u0627\u0644\u0627\u062a\" class=\"read-more\" href=\"https:\/\/secure-pipelines.com\/ar\/topics\/\" aria-label=\"Read more about \u0627\u0644\u0645\u062c\u0627\u0644\u0627\u062a\">\u0627\u0642\u0631\u0623 \u0627\u0644\u0645\u0632\u064a\u062f<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":1,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-90","page","type-page","status-publish"],"_links":{"self":[{"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/pages\/90","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/comments?post=90"}],"version-history":[{"count":2,"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/pages\/90\/revisions"}],"predecessor-version":[{"id":852,"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/pages\/90\/revisions\/852"}],"wp:attachment":[{"href":"https:\/\/secure-pipelines.com\/ar\/wp-json\/wp\/v2\/media?parent=90"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}