Runner compromise is the unauthorized control or abuse of a CI/CD runner or job execution worker used in build and deployment workflows. It matters because runners often handle code, secrets, artifacts, and deployment permissions in one place.
What is Runner Compromise?
An attacker who controls a runner may alter builds, steal secrets, pivot into internal systems, or sign malicious outputs. Security depends on isolation, ephemeral execution, network boundaries, trusted inputs, and strict job permissions.
What Runner Compromise Commonly Supports
Common uses include CI/CD hardening, software supply chain defense, secret protection, and pipeline threat modeling.
Runner Compromise vs. Trusted Isolated Runner Operation
Runner compromise turns automation infrastructure into an attack platform. Trusted isolated runners keep jobs constrained and reduce persistence or lateral movement paths.
Frequently Asked Questions
Why are runners high-value targets?
Because they often combine source access, secret access, and artifact creation in a single automated environment.
How do teams reduce runner risk?
Ephemeral runners, network isolation, least privilege, and controlled third-party code execution are major controls.
Related Cybersecurity Terms
- Self-Hosted Runner Security
- Third-Party Action Risk
- Pipeline Secret Exposure
- Build Pipeline Security
