- Understanding the Actor Behind a Request: Autoken is triggered by non-human actors, making it challenging to trace back to a human actor. It's important to understand that the event triggering the pipeline can be tracked by GitHub, even if the responsible person can't be traced directly.
- Proper Training: Autoken relies on the administrators of the GitHub repository to secure access within their repository. Misconfigured repositories can lead to misuse of the identity used to authenticate through Autoken. Therefore, proper training and guidance are crucial to mitigate this risk.
- Managing Critical Credentials: Autoken holds highly critical admin credentials for the resources it interacts with. Leakage of these credentials can have a high impact. Therefore, these credentials should be monitored for abnormal behavior and updated promptly to avoid security breaches.
- Preventing Information Leakage: Autoken leaves traces behind in every resource it interacts with, potentially exposing which projects use Autoken for authentication. To mitigate this risk, error messages should be thoroughly cleaned, or boilerplate responses should be used.
- Handling Dependencies on External Services: Autoken's functionality depends on the availability of the brokered resource. The risk associated with the resource's availability can be transferred to those responsible for the given resource.
- Dealing with Changes: Autoken is highly reliant on the resources it interacts with. Drastic changes in these resources can lead to unforeseen side effects. Therefore, breaking changes should be closely observed and personnel should actively monitor news of changes in the used resources.
- Managing 3rd Party Dependencies: Autoken uses 3rd party dependencies in its code, which can have vulnerabilities. These vulnerabilities can potentially put the entire application at risk. Therefore, Software Composition Analysis (SCA) should be performed to identify the used 3rd party open-source dependencies and their versions, enabling developers to be alerted of newly published vulnerabilities and update dependencies in a timely manner.