Vulnerability Management
Secure your Cloud Development Environment with comprehensive vulnerability scanning, patch management, and security hardening strategies.
CDE Security Landscape
Cloud Development Environments introduce unique security considerations - from shared infrastructure and ephemeral workspaces to AI-generated code running inside developer environments.
Container Images
Base images, dependencies, and build layers require continuous scanning
Network Exposure
Remote access, port forwarding, and ingress controls create attack surfaces
AI-Generated Code
Copilot and agent-written code introduces novel vulnerability patterns that traditional scanners miss
Multi-Tenant Risks
Shared infrastructure requires isolation and resource boundary enforcement
Ephemeral State
Short-lived workspaces need security checks at creation time
Vulnerability Scanning Strategy
Multi-layered scanning approach to catch vulnerabilities at every stage of the CDE lifecycle.
Scanning Pipeline Integration
Template Scan
Scan Terraform templates and base images before publishing
Build-Time Scan
CI/CD integration catches issues during workspace image builds
Runtime Scan
Continuous scanning of running workspaces for new CVEs
Dependency Scan
SCA scans of project dependencies in source code
AI Code Scan
Detect insecure patterns in AI-generated code from Copilot and agents
Vulnerability Scanning Tools
| Tool | Type | Best For | CDE Integration |
|---|---|---|---|
| Trivy | Container/IaC/SBOM | Comprehensive all-in-one scanner with VEX support | Native |
| Snyk | SCA/Container/IaC/Code | Developer-friendly with AI-powered fix suggestions | Plugin |
| Semgrep | SAST/AI Code Scanner | Custom rules for AI-generated code patterns, fast SAST | Native |
| Grype | Container/SBOM Scanner | Fast CLI scanning with deep SBOM integration | Native |
| Checkov | IaC/Policy Scanner | Terraform, Kubernetes, and supply chain policies | CI/CD |
| GitHub Advanced Security | SAST/SCA/Secrets | CodeQL, Dependabot, and secret scanning combined | CI/CD |
name: Scan CDE Templates
on:
push:
paths: ['templates/**']
schedule:
- cron: '0 6 * * *' # Daily at 6 AM
jobs:
scan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
scan-type: 'config'
scan-ref: 'templates/'
severity: 'CRITICAL,HIGH'
exit-code: '1'
format: 'sarif'
output: 'trivy-results.sarif'
- name: Scan container images in templates
run: |
for dockerfile in templates/*/build/Dockerfile; do
trivy image --severity HIGH,CRITICAL \
--exit-code 1 \
$(grep "^FROM" $dockerfile | head -1 | awk '{print $2}')
done
- name: Run Semgrep for AI-generated code patterns
uses: semgrep/semgrep-action@v1
with:
config: >-
p/default
p/owasp-top-ten
p/ai-code-review
publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
- name: Upload results to GitHub Security
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: 'trivy-results.sarif'AI-Generated Code Vulnerability Scanning
AI coding assistants and autonomous agents generate code at unprecedented speed inside CDEs. That velocity demands specialized scanning to catch the unique vulnerability patterns AI-written code introduces.
Why AI Code Requires Dedicated Scanning
Research consistently shows that AI-generated code contains security flaws at rates comparable to or higher than human-written code. The difference is volume - when developers use Copilot, Claude Code, Cursor, or autonomous agents inside CDE workspaces on platforms like Coder and Ona (formerly Gitpod), they produce code far faster than manual review can keep pace with. Traditional SAST tools catch some issues, but miss AI-specific patterns like hallucinated API calls, outdated library usage, and insecure defaults that LLMs learned from pre-training data.
Hallucinated APIs
LLMs invent function names and package references that do not exist, creating supply chain attack vectors when a malicious actor registers the hallucinated package name
Stale Patterns
Models trained on older code suggest deprecated crypto functions, insecure defaults, and outdated library versions that have known CVEs
Subtle Logic Flaws
AI code often looks correct at first glance but contains authorization bypasses, race conditions, or input validation gaps that pass superficial review
AI Code Scanning Tools
Semgrep with AI Rules
Custom rule packs that detect AI-specific anti-patterns including hallucinated imports and insecure defaults
GitHub CodeQL
Semantic code analysis that traces data flow through AI-generated code to find injection and taint vulnerabilities
Snyk Code
Real-time SAST that runs in the IDE during AI-assisted coding sessions with inline fix suggestions
Socket.dev
Detects when AI-suggested dependencies contain malware, typosquatting, or suspicious install scripts
CDE Integration Strategies
Pre-Commit Hooks in Workspace Templates
Bake Semgrep or similar scanners into CDE workspace images so every commit from AI tools is scanned before it reaches the repository
Real-Time IDE Scanning
Enable Snyk Code or SonarLint extensions in Ona and Coder workspace templates so AI suggestions are scanned as they appear
Dependency Verification Gates
Block workspace builds that include unvetted packages suggested by AI - use allowlists for approved registries
Agent Output Sandboxing
Isolate autonomous AI agent workspaces with stricter network and filesystem policies so generated code cannot execute until reviewed
AI Code Diff Tagging
Tag commits originating from AI tools so code review and scanning pipelines can apply stricter validation rules automatically
rules:
- id: ai-hallucinated-import
patterns:
- pattern: import $PKG from '$MODULE'
- metavariable-regex:
metavariable: $MODULE
# Flag imports not in the project lockfile
regex: ^(?!@company/).*$
message: >
Verify this import exists in your lockfile.
AI tools sometimes suggest packages that do not
exist or have been typosquatted.
severity: WARNING
languages: [javascript, typescript]
- id: ai-insecure-crypto-default
patterns:
- pattern-either:
- pattern: crypto.createCipher(...)
- pattern: new Buffer(...)
- pattern: md5(...)
message: >
Deprecated or insecure crypto pattern detected.
AI models often suggest outdated cryptographic
functions. Use crypto.createCipheriv() and
Buffer.from() instead.
severity: ERROR
languages: [javascript, typescript]CDE Patch Management
Structured approach to keeping workspace templates and running environments up to date.
Template Patching Strategy
Weekly Base Image Updates
Rebuild templates weekly with latest base images
Critical CVE Response
24-hour SLA for critical vulnerabilities
Staged Rollout
Dev -> Staging -> Prod template promotion
Developer Notification
Alert developers to recreate workspaces
Running Workspace Updates
Ephemeral by Default
Set workspace TTL to 24-48 hours for automatic refresh
Deprecation Notices
Notify users of outdated workspace versions
Force Recreation
Block workspaces older than max age (7-14 days)
In-Place Updates
Security-only apt/yum updates via startup scripts
Patch SLA Matrix
| Severity | CVSS Score | Template Update | Workspace Refresh | Communication |
|---|---|---|---|---|
| Critical | 9.0 - 10.0 | 24 hours | 48 hours (forced) | Immediate + Slack/Email |
| High | 7.0 - 8.9 | 72 hours | 7 days (reminder) | Daily digest |
| Medium | 4.0 - 6.9 | 7 days | Next workspace rebuild | Weekly report |
| Low | 0.1 - 3.9 | Next scheduled update | Natural refresh cycle | Monthly report |
Workspace Hardening Checklist
Security controls to implement in your CDE templates and runtime configuration.
Container Security
- Run as non-root user (UID 1000+)
- Drop all capabilities, add only needed
- Read-only root filesystem
- No privileged mode
- Seccomp/AppArmor profiles
Network Security
- Network policies (deny by default)
- Egress filtering to allowed domains
- mTLS for service communication
- No hostNetwork access
- Encrypted tunnel for remote access
Resource Limits
- CPU/Memory limits and requests
- Ephemeral storage limits
- PID limits per container
- ResourceQuotas per namespace
- LimitRanges for defaults
Access Control
- SSO/OIDC authentication
- RBAC with least privilege
- Session timeout (8 hours max)
- MFA required for access
- Audit logging enabled
Image Security
- Signed images only (Cosign/Notary)
- Private registry only
- No :latest tags in production
- SBOM generation with VEX statements
- Image pull secrets rotated
Data Protection
- Encrypted persistent volumes
- No sensitive data in env vars
- Workspace data wiped on delete
- PVC retention policies
- No code on local disk
Secrets Management in CDEs
Secure injection and management of credentials, API keys, AI service tokens, and sensitive configuration.
Recommended Practices
- External Secrets Operator
Sync secrets from Vault/AWS Secrets Manager to K8s
- Short-lived credentials
Use OIDC federation for cloud access (no static keys)
- Secrets mounted as files
More secure than environment variables
- Per-user/per-workspace secrets
Inject user-specific credentials at workspace creation
- Automatic rotation
Rotate secrets every 90 days minimum
- Scoped AI service tokens
Issue per-workspace tokens for AI coding tools with read-only repo access and no production scope
Anti-Patterns to Avoid
- Secrets in template code
Never hardcode credentials in Terraform/Dockerfiles
- Shared service accounts
Each developer should have unique credentials
- Long-lived API keys
Prefer temporary tokens with automatic expiration
- Secrets in workspace backup
Exclude credential files from PVC snapshots
- Secrets in Git history
Use pre-commit hooks to prevent accidental commits
- AI tool tokens with broad scope
Scope Copilot and agent API keys to minimum permissions - never grant write access to production
# External Secrets for Vault integration
resource "kubernetes_manifest" "workspace_secrets" {
manifest = {
apiVersion = "external-secrets.io/v1beta1"
kind = "ExternalSecret"
metadata = {
name = "workspace-${data.coder_workspace.me.name}-secrets"
namespace = var.namespace
}
spec = {
refreshInterval = "1h"
secretStoreRef = {
name = "vault-backend"
kind = "ClusterSecretStore"
}
target = {
name = "workspace-secrets"
}
data = [
{
secretKey = "npm_token"
remoteRef = {
key = "secret/data/dev/${data.coder_workspace_owner.me.name}"
property = "npm_token"
}
},
{
secretKey = "github_token"
remoteRef = {
key = "secret/data/dev/${data.coder_workspace_owner.me.name}"
property = "github_token"
}
}
]
}
}
}
# Mount secrets in workspace pod
resource "kubernetes_pod" "workspace" {
# ... other config ...
spec {
container {
volume_mount {
name = "secrets"
mount_path = "/run/secrets"
read_only = true
}
}
volume {
name = "secrets"
secret {
secret_name = "workspace-secrets"
}
}
}
}Compliance & Audit Readiness
Ensure your CDE meets regulatory requirements with comprehensive audit trails and compliance controls.
CDE Compliance Requirements by Framework
| Control Area | SOC 2 | HITRUST | GDPR | FedRAMP |
|---|---|---|---|---|
| Access Control & MFA | ||||
| Audit Logging | ||||
| Encryption at Rest | ||||
| Vulnerability Scanning | ||||
| Data Retention Policy | ||||
| Incident Response | ||||
| AI Code Provenance | ||||
| Supply Chain Security (SBOM) |
Required Audit Events
Log Retention Requirements
Continue Your Security Journey
Explore related guides to build a comprehensive CDE security strategy.
Compliance Guide
HITRUST, SOC 2, and GDPR requirements for CDE deployments.
Learn moreAI Agent Security
Sandboxing, permissions, and guardrails for AI agents running in CDEs.
Learn moreRisk Management
Risk assessment matrices, rollback procedures, and exit strategies.
Learn moreMonitoring & Observability
Security monitoring, alerting, and incident response for CDEs.
Learn more