In traditional software development workflows, developers often prioritize creating functionalities while relegating system protection and code scanning to the final stages. This approach is feasible because, during development, the environment remains isolated. However, when developing services on public clouds, resources are immediately exposed to internet threats upon creation. The consequences can be far more severe than expected if the development environment is compromised.

In this section, we will explore the potential threats facing cloud development environments and the necessary protections to mitigate these risks.