Attacking DevOps Systems and What it Costs You

Explore real-world DevOps system vulnerabilities and their financial implications in this lightning talk from DevOpsDays Tel Aviv. Dive into research from the bug bounty community focusing on DevOps infrastructure attacks, including detailed case studies of successful ethical hacks against major companies. Learn how a DevOps engineer executed code inside Facebook's Github runners and discover the potential risks of new Github organization registrations. Through hands-on demonstrations and practical examples, gain insights into how attackers operate, the substantial bounties companies pay for vulnerability disclosures, and essential strategies to defend your systems. Led by Rotem Bar, Head of Marketplace at Cider Security, who brings over a decade of security expertise across penetration testing, application security, and tech management.