CI/CD pipelines live at the heart of your business logic, processes, and intellectual property. Travis CI protects your source code at the infrastructure level and gives you easy extensibility for ramping up your own security measures.
Travis Security
How do we protect Travis CI and your builds
We designed every part of the Travis CI infrastructure to minimize the information Travis CI needs to generate builds or deploy on your behalf, and protect that mission-critical data with absolute care.
Minimized Access to your Source Code
Travis CI uses OAuth tokens for read-only access to repository data and write permissions to set up SSH keys, configure service hooks, and update build statuses.
Read More
Compliance
Travis CI is GDPR- and Privacy Shield-compliant for the strictest of data protection standards for minimizing risk to your data and build artifacts.
Data Encryption
Travis CI deploys in geographically diverse areas, with redundant facilities, to guarantee that your build history and artifacts are always securely held and accessible. We encrypt all data in transit with SSL/TLS.
Build Isolation
Every job runs in an isolated virtual machine or container to prevent interference between concurrent builds.
Post-Job Log Scans
Our mandatory automated process scans all raw job files using Trivy and detect-secrets to identify unmasked secrets, hide the offending credential, and produce a log scan report with the context your team needs to remediate.
Security-Minded Partners
Travis CI uses AWS EC2, MacStadium, and GCE data centers for virtualized servers, providing the highest standards in data center protection. All essential credentials are stored securely in HashiCorp Vault.
Clean VMs
Every virtualized build is destroyed after completion, and each new build begins with a fresh image for absolute guarantees against residual data.
PCI Certification
We leverage Stripe, a PCI Level 1 certified payments processor, for billing and payment data—Travis CI never receives or stores your credit card information.
How can you extend Travis CI to protect your supply chain
Travis CI’s extensibility and developer experience help you implement better security practices across your software development lifecycle—without deploying extensive infrastructure or writing up new integrations in-house.
