Creation and securing of CI/CD pipeline in the environment of a payment company

This work deals with the creation of a secure CI/CD pipeline for use in the environment of a company delivering payment systems. The main objective of the work is to analyse the current state of the CI/CD pipeline used in the company and subsequently propose and implement its successor. The theoretical part of the work is dedicated to describing the OWASP project, which is an integral part of this work from a security perspective, including the area of DevOps and modern principles associated with it - continuous integration, continuous delivery, continuous deployment, and application deployment strategies. The practical part of the work begins with the description of the current state of the CI/CD pipeline of four product teams, followed by an analysis of deficiencies and the creation of a list of requirements for the new CI/CD pipeline. This part also describes the principles and possibilities of securing the technological and infrastructure elements used here. A significant portion of the work is then devoted to the creation of the new CI/CD pipeline - from its architectural design to implementation and subsequent presentation to stakeholders within the company. In the conclusion of the work, the fulfilment of requirements for the new CI/CD pipeline is validated, and potential future improvements are suggested for further development. The contribution of this work is a CI/CD pipeline secured according to the standards set by the OWASP project, which can be used for deploying applications not only in the field of payment services and payment systems.