Pwning the CI
Speaker
About this talk
Presenter: Stephen Giguere, Cloud Security Advocate, Palo Alto Networks Our path to an open source, GitOps heaven has exposed new security challenges as our CI solutions are exposed to the outside world. The soft underbelly of our pipeline is as visible to willing contributors as it is to malicious subversives. In this talk, we'll look at examples of known exploits to GitHub Actions workflows showing how simple bad practices can open our supply chain to attackers. https://www.rsaconference.com/usa/agenda/session/Pwning%20the%20CI%20GitHub%20Actions%20Edition
More talks to watch
Destroying Long-Lived Cloud CredentialsWorkload Identity Federation
The Risks of Biometric Patterns Exposed in Social MediaPerilous Posts
Establishing an Effective Cyber Risk AppetiteBon Appetit
RSA Conference 2023 Innovation SandboxAstrix Security
Rethinking a Data StrategyZero Trust Privacy
Board-Level Accountability in CybersecurityDo Better