Save 40% on Coursera Plus Annual

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

LIVE DEMO - Supply Chain Attack in the Terraform Registry

NDC Conferences via YouTube

Start learning Write review
Udacity Ad

Master AI & Data—50% Off Udacity (Code CC50)

Learn More → Datacamp Ad

PowerBI Data Analyst - Create visualizations and dashboards from scratch

Learn More →

Overview

Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Learn about supply chain security vulnerabilities in this 47-minute conference talk that demonstrates a live attack on the Terraform Registry. Discover how Terraform, the leading Infrastructure as Code (IaC) tool managing billions of dollars in enterprise infrastructure, contains a critical security flaw in its Registry system that allows malicious code injection without user detection. Watch as the presenter performs a real-time demonstration of stealing enterprise credentials through a compromised Terraform module, exposing how module authors can exploit the Registry's security weaknesses. Understand the mechanics of supply chain attacks in the DevOps ecosystem and gain insights into the risks associated with using community modules from the Terraform Registry, ultimately learning why this security vulnerability poses a significant threat to enterprise infrastructure management.

Syllabus

LIVE DEMO: Supply Chain Attack in the Terraform Registry - Kyle Kotowick - NDC Oslo 2025

Taught by

NDC Conferences

Reviews

Start your review of LIVE DEMO - Supply Chain Attack in the Terraform Registry

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.