Predict your next investment

INTERNET | Internet Software & Services / Testing
codeship.com

See what CB Insights has to offer

Founded Year

2013

Stage

Acquired | Acquired

Total Raised

$11.28M

About Codeship

Codeship offers a hosted Continuous Integration platform that integrates with the existing DevOps stack and enables customers to test and deploy new software and accelerate time-to-market of products and features.

Codeship Headquarter Location

50 Milk St

Boston, Massachusetts, 02110,

United States

855-790-8079

Latest Codeship News

DevOps solutions provider CloudBees discloses data breach

Oct 1, 2020

DevOps solutions provider CloudBees discloses data breach By Juha Saarinen on Oct 1, 2020 12:49PM Malicious actor accessed failover database for a year. Users of CloudBees' CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovered a long-lasting data breach affecting the continuous integration and deployment (CI/CD) system. The data breach came to light after open source code repository Github alerted CloudBees to suspicious activities against business accounts connected via the CodeShip app OAuth authentication tokes. Cloudbees revoked all Github related tokens and secure shell (SSH) keys upon learning of the suspicious activity, requiring users to reauthenticate CodeShip with the code repositoriy provider immediately to avoid service outage. Further investigation by Cloudbees revealed that an attacker had accessed a failover database instance between June 2019 and June 2020, after which the malicious activity is believed to have stopped, the company's chief executive Sacha Labourey  said . CodeShip Basic account hoiders may have had all information stored in their pipelines exposed, including scripts, environment variables, access tokens and similar data, Cloudbees said. Advanced Encryption Standard (AES) keys for CodeShip Pro users may have been exposed too. All CodeShip users' hashed account passwords, one-time password recovery codes and OTP secret keys could have been accessed by the threat actors. Furthermore, CodeShip Pro user data such as business invoicing information comprising names and contact details and value-added tax numbers, postal addresses and phone numbers may have been exposed as well. No payments data or logging system were accessed for any customers, and Cloudbees said the data breach only affects CodeShip and no other products. CodeShip users should rotate keys and other secrets used in their pipelines immediately, Cloudbees advised. They should also review if any systems accessible via CodeShip have been subject to unauthorised access, and verify the integrity of source code in repositories linked to their accounts. Labourey said Cloudbees has rotated all application internal secrets and rebuilt its Amazon Web Services machine images. Cloudbees is also tighten up security for CodeShip with systematically implemented product threat modelling and large-scope security reviews, and enhance strict restrictions for access to production data and the segregation of sensitive information.

Predict your next investment

The CB Insights tech market intelligence platform analyzes millions of data points on venture capital, startups, patents , partnerships and news mentions to help you see tomorrow's opportunities, today.

Expert Collections containing Codeship

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

Codeship is included in 2 Expert Collections, including Sequoia's Microservices Ecosystem.

S

Sequoia's Microservices Ecosystem

129 items

Get small to get big. Microservices is an approach to building software that shifts away from large monolithic applications towards small, loosely coupled and composable autonomous pieces.

D

Development & Operations

381 items

Development & Operations offer designers, developers, engineers, and IT professionals ways to increase efficiency, reduce costs, and improve quality.

CB Insights uses Cookies

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.