Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

NDC Conferences

GitHub Actions - Vulnerabilities, Attacks, and Counter-measures

NDC Conferences via YouTube

Overview

Explore the security implications of GitHub Actions in this comprehensive conference talk from NDC Security 2023. Dive deep into the vulnerabilities, potential attacks, and essential counter-measures associated with this popular continuous integration tool. Learn how GitHub Actions function and discover critical security measures to protect your workflows from misuse. Examine the risks of using GitHub-provided Runners and understand how attackers can exploit them for cryptocurrency mining and pivoting into other targets. Investigate the potential for malicious distribution of backdoors through the GitHub Actions Marketplace. Gain insights from detailed research on abuse case scenarios, including cryptocurrency mining and interactive command execution via reverse shell. Analyze the risks of third-party dependencies in the GitHub Actions ecosystem and learn how to safeguard your projects against supply-chain attacks. Equip yourself with the knowledge to secure your DevOps pipeline and mitigate potential threats in GitHub Actions.

Syllabus

GitHub Actions: Vulnerabilities, Attacks, and Counter-measures - Magno Logan - NDC Security 2023

Taught by

NDC Conferences

Reviews

Start your review of GitHub Actions - Vulnerabilities, Attacks, and Counter-measures

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.