Security is always an important topic, especially with IaaS.
Not only can the code get compromised but also your secret keys, customer data, etc..
Encryption everywhere seems to the solution to me.
In practice that means using TLS for network traffic, and various tools to encrypt passwords, code and user data.
You can do static code analysis to prevent data leaks during runtime.
To be honest, those are all good practices even if you work with an inhouse datacenter.
But I know that it can be a hazzle setting all this up yourself, especially the TLS certificates.
Codesphere will manage all of that for you out of the box when you stick to certain conventions.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
What about the privacy? I don’t think companies would like to share it’s source code.
Very good question. Source code must stay secure and that's the case in the pods. But there for sure will be limitations for some companies.
Most people already store their code in the cloud (Github, Gitlab, Bitbucket) ... there's not anything new here really.
Right you are! Only very few companies with super sensitive data might have limitations (maybe even only by law) to stay away from the cloud...
Security is always an important topic, especially with IaaS.
Not only can the code get compromised but also your secret keys, customer data, etc..
Encryption everywhere seems to the solution to me.
In practice that means using TLS for network traffic, and various tools to encrypt passwords, code and user data.
You can do static code analysis to prevent data leaks during runtime.
To be honest, those are all good practices even if you work with an inhouse datacenter.
But I know that it can be a hazzle setting all this up yourself, especially the TLS certificates.
Codesphere will manage all of that for you out of the box when you stick to certain conventions.