Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Abuse of Repository Webhooks to Access Hundreds of Internal CI Systems

RSA Conference via YouTube

Start learning Write review
Scrimba Ad

Our career paths help you become job ready faster

Learn More → Coursera Ad

Gain a Splash of New Skills - Coursera+ Annual Nearly 45% Off

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a novel attack vector in this 34-minute RSA Conference talk that reveals how repository webhooks can be exploited to access internal CI systems. Learn from Omer Gil and Asaf Greenholts, security experts from Prisma Cloud at Palo Alto Networks, as they discuss the vulnerabilities in CI/CD architectures that combine SaaS-based source control management with self-managed CI solutions. Discover how this attack method goes beyond triggering pipelines, potentially compromising hundreds of internal CI systems that are not exposed to the public internet. Gain valuable insights into this security risk and its implications for organizations using such CI/CD setups.

Syllabus

Abuse of Repository Webhooks to Access Hundreds of Internal CI Systems

Taught by

RSA Conference

Reviews

Start your review of Abuse of Repository Webhooks to Access Hundreds of Internal CI Systems

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.