Data protection

Codebuild Github or Bitbucket doesnt use OAuth

Platform(s)
Compliance Frameworks

AWS Foundational Security Best Practices Controls, CCPA, CPRA, HITRUST, iso_27001_2022, iso_27002_2022, Mitre ATT&CK, mpa, New Zealand Information Security Manual, NIST 800-53, PDPA

Description

Codebuild compiles the source code, runs unit tests, and generates deployable artifacts. Using personal access tokens or a user name and password could expose credentials to unintended data exposure and unauthorized access. using OAuth to grant authorization for accessing GitHub or Bitbucket repositories, is better than using personal access tokens or user name and password
Need help?

Get a free Security Risk Assessment. Start today

A screenshot of the Orca platform dashboard summarizing all of your cloud security risks

Personalized Demo

See Orca Security in Action

Gain visibility, achieve compliance, and prioritize risks with the Orca Cloud Security Platform.

Get a Demo