Teams can reduce risk by automating security checks, limiting write access, and isolating release signing instead of adding manual gates everywhere. The key is to place controls where the highest trust transitions occur, such as commit, build, test, and sign. That preserves speed while shrinking the blast radius of a compromise.
Why This Matters for Security Teams
software supply chain risk is not just a build problem. It is an identity problem that shows up wherever code, credentials, and release authority intersect. The fastest path to compromise is often a leaked secret, a poisoned dependency, or an over-privileged CI/CD runner that can sign or ship without meaningful resistance. NHIMG research shows that CI/CD systems are already a major exposure point: in a 2025 supply chain attack, 59% of compromised machines were CI/CD runners rather than personal workstations, which is why release integrity needs to be treated as a privileged transition, not a routine developer task.
Current guidance suggests aligning controls to trust boundaries rather than adding manual approval gates to every step. That means limiting who can write to protected branches, isolating signing keys from general build infrastructure, and rotating secrets quickly enough that a leak does not become a durable foothold. This matches the control intent behind the OWASP Non-Human Identity Top 10 and the risk-management approach in NIST Cybersecurity Framework 2.0. In practice, many security teams discover supply chain weakness only after a leaked token or compromised runner has already been used to move laterally and alter release artifacts.
How It Works in Practice
The practical pattern is to narrow trust at each stage of delivery. Start with branch protection and code review for source integrity, then use isolated build environments with no standing access to sensitive secrets. Build jobs should receive only the credentials they need, only for the duration they need them. Where possible, use short-lived tokens, ephemeral signing access, and separate identities for build, test, and release. That reduces the blast radius if a dependency install, action, or plugin is compromised.
Release signing deserves special treatment. Signing keys should be removed from developer laptops and general-purpose runners, and placed behind a dedicated service or hardware-backed boundary. A compromise in the build layer should not automatically grant the ability to publish trusted artifacts. This is especially important because NHIMG has documented repeated secret exposure in supply chain contexts, including the Reviewdog GitHub Action supply chain attack and the Shai Hulud npm malware campaign. The lesson is simple: secret exposure is often the first step, not the last one.
- Use short-lived credentials for build and release jobs instead of shared long-lived secrets.
- Separate commit rights from merge rights and merge rights from signing rights.
- Keep signing keys outside general CI runners and general developer access.
- Scan repositories and pipeline logs for secrets, then revoke exposed credentials immediately.
This approach fits the control logic in The 52 NHI breaches Report and the governance direction in NIST Cybersecurity Framework 2.0, while also reflecting the real-world warning from 52 NHI Breaches Analysis that identity abuse tends to propagate through automation, not just through humans. These controls tend to break down when a single runner image, signing service, or shared secret is reused across many pipelines because one compromise then becomes a platform-wide compromise.
Common Variations and Edge Cases
Tighter release control often increases operational overhead, so organisations have to balance velocity against the cost of additional isolation and revocation. There is no universal standard for every delivery stack, especially where teams rely on third-party actions, ephemeral preview environments, or multi-tenant build services.
In mature environments, the right answer is usually not “more approvals.” It is better segmentation: per-pipeline identities, least-privilege access to artifact stores, and automated revocation when a job completes or a secret is exposed. Where the pipeline handles customer-facing production releases, the signing path should be the most constrained component in the chain. Where the environment is highly dynamic, current guidance suggests policy-driven controls and automated evidence collection rather than manual exception handling.
Teams should also treat internal repositories as high risk, not inherently safe. NHIMG research notes that internal repositories can still contain secrets at scale, and vendor guidance from the The State of Secrets in AppSec shows that remediation lags can leave leaked credentials active long after detection. That is why the security goal is not perfect prevention. It is rapid containment, fast rotation, and narrower trust at the points where delivery becomes real.
Standards & Framework Alignment
This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.
OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST AI RMF set the governance and control requirements practitioners need to meet.
| Framework | Control / Reference | Relevance |
|---|---|---|
| OWASP Non-Human Identity Top 10 | NHI-03 | Directly addresses secret sprawl and credential exposure in delivery paths. |
| NIST CSF 2.0 | PR.AC-4 | Least privilege is the core control for narrowing build and release trust. |
| NIST AI RMF | Automated delivery and policy checks need governance for trustworthy operation. |
Assign owners, define approval logic, and monitor automated delivery decisions for accountability.
Related resources from NHI Mgmt Group
- How should teams reduce the risk from overprivileged NHIs?
- How should security teams reduce the risk of secret theft from npm supply chain attacks?
- How should teams reduce identity risk in cloud supply chain attacks?
- How should security teams reduce AWS data security risk without slowing cloud operations?
