Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Securing CI/CD - Complexity and Inspiration from Runtime Security

OpenSSF via YouTube

Overview

Learn about securing CI/CD environments from runtime security principles in this technical talk that explores build environment vulnerabilities and secrets protection. Dive into the development of BOLT, an open-source security tool for GitHub Actions, and understand how runtime security concepts can be applied to CI/CD pipelines. Examine key challenges including domain-name based filtering requirements due to CDN usage and the complexities of handling multi-tenant system traffic. Discover how TLS interception and eBPF Linux kernel capabilities enable SSL traffic monitoring without decryption overhead, making security implementation seamless for developers. Explore the intricacies of implementing eBPF probing across various SSL libraries to create comprehensive security coverage for diverse CI pipelines.

Syllabus

Securing CI/CD: Complexity & Inspiration from Runtime Security - Abhimanyu Dhamija, KoalaLab

Taught by

OpenSSF

Reviews

Start your review of Securing CI/CD - Complexity and Inspiration from Runtime Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.