CircleCI Breach: What You Need To Know
Rotate your secrets in CircleCI NOW. Also a universal takeaway for future SaaS breaches.
Another day, another breach. I don’t normally send breach notifications, however I felt a little compelled since, unfortunately, this one is at the core of your DevOps.
CircleCI Had A Breach And You Need To Rotate Secrets NOW
Basically delete and rotate ALL your secrets and authorized apps associated with CircleCI.
After following the above steps, here are some additional things to do:
Check Your Audit Logs
CircleCI has enabled audit logs for all customers, including free ones. So go ahead and checks your logs for any suspicious activity.
Universal Advice: Make Sure To Update Your Notification Email For ALL SaaS Apps
This applies whether you have CircleCI or not… make sure notifications for AWS, GitHub, Slack, and other critical CI/CD tools go to a group inbox or other shared inbox.
You want to avoid critical warnings and messages going to one person, who happens to be on vacation, or worse is no longer with the company, and then not knowing about it.
Thank you for reading Last Week As A vCISO. This post is public so feel free to share it.