Sign up or log in to watch the video
Securing Your Web Application Pipeline From Intruders
Milecia McGregor - 4 years ago
During the life cycle of a project, it can be easy to build a CI/CD pipeline with just speed and resources in mind. This also makes it easy to leave the security of your pipeline as an afterthought because of how tedious it can be to build a pipeline to begin with. In this talk, we'll look into the different ways an intruder can compromise your pipeline and how you can build in security as you create and update your pipelines. Some things we will consider include how easy it would be for an intruder to get your environment variables, how well defined your permissions are, and if there are any third party services or bugs that could be exploited. We'll look at a comparison of a few CI/CD tools and how you can handle these concerns in their respective ecosystems. By the end of this talk, you should feel comfortable doing a quick pipeline security audit and fixing some security concerns in multiple CI/CD products.
Jobs with related skills
DevOps Engineer Linux
inovex GmbH
·
1 month ago
Munich, Germany
+7
Team Lead (m/f/x) for configuration as code tooling
Dynatrace
·
1 month ago
Vienna, Austria
+5
Hybrid
Frontend Developer Adobe Analytics & OneTrust
ALDI SÜD
·
4 days ago
Mülheim, Germany
Hybrid
Newest jobs
IT-Software Developer (m/w/d)- ERP-Systems
VEGA Grieshaber KG
·
2 days ago
Schiltach, Germany
Hybrid
Related Videos