How to Shift-Left and Find Critical Authorization Vulnerabilities Throughout Your CI/CD Pipeline

Learn how to detect and prevent critical authorization vulnerabilities throughout CI/CD pipelines in this 35-minute LASCON conference talk. Explore real-world examples like Gitlab's CODEOWNERS bypass vulnerability while discovering a framework designed to identify five common types of authorization flaws during code review, pull requests, and CI/CD dynamic testing stages. Master practical techniques for implementing a shift-left security approach that helps catch and fix these persistent vulnerabilities early in the development process, ultimately strengthening application security across multiple roles, APIs, and systems.