Codeship is a software-as-a-service (SaaS) company. The company offers services that help engineering teams build and test software at scale, automate deployment pipelines, manage feature rollouts, and improve software delivery effectiveness. It primarily serves sectors such as automotive, federal government, financial services, insurance, retail, and software. It was founded in 2011 and is based in Boston, Massachusetts. In February 2018, Codeship was acquired by CloudBees.
Latest Codeship News
Oct 1, 2020
DevOps solutions provider CloudBees discloses data breach By Juha Saarinen on Oct 1, 2020 12:49PM Malicious actor accessed failover database for a year. Users of CloudBees' CodeShip are advised to immediately rotate any keys and other secrets in their pipelines after the DevOps solutions provider discovered a long-lasting data breach affecting the continuous integration and deployment (CI/CD) system. The data breach came to light after open source code repository Github alerted CloudBees to suspicious activities against business accounts connected via the CodeShip app OAuth authentication tokes. Cloudbees revoked all Github related tokens and secure shell (SSH) keys upon learning of the suspicious activity, requiring users to reauthenticate CodeShip with the code repositoriy provider immediately to avoid service outage. Further investigation by Cloudbees revealed that an attacker had accessed a failover database instance between June 2019 and June 2020, after which the malicious activity is believed to have stopped, the company's chief executive Sacha Labourey said . CodeShip Basic account hoiders may have had all information stored in their pipelines exposed, including scripts, environment variables, access tokens and similar data, Cloudbees said. Advanced Encryption Standard (AES) keys for CodeShip Pro users may have been exposed too. All CodeShip users' hashed account passwords, one-time password recovery codes and OTP secret keys could have been accessed by the threat actors. Furthermore, CodeShip Pro user data such as business invoicing information comprising names and contact details and value-added tax numbers, postal addresses and phone numbers may have been exposed as well. No payments data or logging system were accessed for any customers, and Cloudbees said the data breach only affects CodeShip and no other products. CodeShip users should rotate keys and other secrets used in their pipelines immediately, Cloudbees advised. They should also review if any systems accessible via CodeShip have been subject to unauthorised access, and verify the integrity of source code in repositories linked to their accounts. Labourey said Cloudbees has rotated all application internal secrets and rebuilt its Amazon Web Services machine images. Cloudbees is also tighten up security for CodeShip with systematically implemented product threat modelling and large-scope security reviews, and enhance strict restrictions for access to production data and the segregation of sensitive information.
Codeship Frequently Asked Questions (FAQ)
When was Codeship founded?
Codeship was founded in 2011.
Where is Codeship's headquarters?
Codeship's headquarters is located at 50 Milk Street, Boston.
What is Codeship's latest funding round?
Codeship's latest funding round is Acquired.
How much did Codeship raise?
Codeship raised a total of $11.28M.
Who are the investors of Codeship?
Investors of Codeship include CloudBees, F-Prime Capital, Boston Seed Capital, Sigma Prime Ventures, Ascent Venture Partners and 5 more.
Who are Codeship's competitors?
Competitors of Codeship include CircleCI.
Compare Codeship to Competitors
Bitrise develops a mobile continuous integration and delivery platform. It offers automation, a visual workflow editor, an automatic repository scan, and workflow configuration to build, test, and deploy applications. The platform enables developers to build applications for mobile platforms. The company was founded in 2015 and is based in London, United Kingdom.
CloudBees is a software as a service (SaaS) solution. It empowers engineering teams to implement and optimize continuous integration (CI) and continuous delivery (CD) in the cloud. It provides solutions that enable information technology (IT) organizations to optimize software delivery and accelerate innovation. It offers analytics, continuous integration, continuous delivery, feature flagging, and release orchestration. It serves automotive, financial and insurance services, and retail industries. The company was founded in 2010 and is based in San Jose, California.
Liquibase is a company that focuses on database change management and CI/CD automation in the technology sector. The company offers services that automate the database change process, enabling developers to code at full speed, collaborate freely, and deliver continuously with confidence. It primarily serves the financial services sector, the public sector, and the technology industry. Liquibase was formerly known as Datical, Inc.. It was founded in 2012 and is based in Austin, Texas.
Harness focuses on the software delivery market. The company offers an intelligent software delivery platform that enables engineers to deliver software more efficiently and with higher quality. This platform includes services such as continuous integration, continuous delivery, feature flags, cloud cost management, service reliability management, security testing orchestration, and chaos engineering. The company primarily sells to sectors that are accelerating their cloud initiatives and adopting containers and orchestration tools. It was founded in 2017 and is based in San Francisco, California.
Earthly provides software development solutions. The company builds syntax combining the features of Dockerfile and Makefile. Its products enable developers to execute continuous integration (CI) pipelines on laptops without having to commit any code. It focuses on containers, open-source, microservices, and modern code structures. It was founded in 2020 and is based in San Francisco, California.
CircleCI focuses on software delivery, specifically in the domain of continuous integration and continuous delivery (CI/CD). The company offers a platform that enables teams to build, test, and deploy their software. This platform is designed to work with various languages and execution environments, and it integrates with popular services like AWS, Slack, and Atlassian. It was founded in 2011 and is based in San Francisco, California.