Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore advanced supply chain attack methodologies targeting CI/CD build pipelines in this 28-minute conference talk from NorthSec 2025. Discover how threat actors exploit legitimate build tools to execute sophisticated attacks similar to the XZ compression library compromise that targeted OpenSSH in 2024. Learn about an adapted MITRE ATT&CK framework specifically designed for CI/CD environments and understand how adversaries can "Live Off the Pipeline" by abusing build infrastructure. Examine real-world case studies including forensic analysis of the Kong Kubernetes Ingress Controller and Ultralytics YOLOv5 ML library compromises to understand how attackers exploit build pipelines, escalate privileges, and maintain persistence. Gain practical methods for predicting and identifying supply chain threats before they materialize by mapping build pipeline tactics to the adapted ATT&CK model. Develop proactive defense strategies to counter advanced supply chain attacks and protect against adversaries seeking to exploit CI/CD infrastructure as demonstrated in recent high-profile compromises.
