CI/CD Attack Scenarios: How to Protect Your Production Environment

Automating systems like CI/CD processes have enabled engineers to ship code more quickly, but this change has also created multiple new avenues for attackers to reach production assets. From bypassing branch protection rules to more complex attack scenarios like Poisoned Pipeline Execution - attackers have found that CI/CD is a quick way to invoke malicious attacks on production environments and gain control. This talk will walk you through some of the more common (and complex!) attack scenarios in CI/CD pipelines, and what you can do to ensure your delivery pipeline doesn't become the entry point for attackers.

• #science_technology
• #dzone
• #dzonecom
• #developer
• #software
• #softwaredevelopment