Explore a comprehensive conference talk from LASCON that delves into the critical security challenges facing CI/CD pipelines in modern software development. Learn about the top OWASP-identified CI/CD security risks, understanding how attackers execute these exploits, their potential impacts, and underlying motivations. Discover practical defensive strategies to fortify CI/CD pipeline security and transform potential vulnerabilities into robust security assets. Through this 48-minute presentation, gain valuable insights into securing traditionally overlooked development pipeline vulnerabilities that have become increasingly attractive targets for malicious actors.
Strengthening Defenses Against CI/CD Security Threats - Understanding and Mitigating Pipeline Vulnerabilities
Overview
Syllabus
Farshad Abasi - Untapped Territory: Strengthening Defenses Against CI/CD Security Threats
Taught by
LASCON
Related Courses
-
Continuous Integration and Delivery (CI/CD)
-
The Complete Jenkins DevOps CI/CD Pipeline Bootcamp
-
Command Injection Vulnerabilities in CI/CD Pipelines - Securing Bazel GitHub Actions
-
Building a Cloud Native CI/CD Pipeline
-
OIDC and CI/CD: Reducing Security Threats in Your CI Pipeline
-
GitOps and CI/CD: Maintaining Security in the Age of Automation
