Get 20% off all career paths from fullstack to AI
Earn Your Business Degree, Tuition-Free, 100% Online!
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore a novel attack vector in this 34-minute RSA Conference talk that reveals how repository webhooks can be exploited to access internal CI systems. Learn from Omer Gil and Asaf Greenholts, security experts from Prisma Cloud at Palo Alto Networks, as they discuss the vulnerabilities in CI/CD architectures that combine SaaS-based source control management with self-managed CI solutions. Discover how this attack method goes beyond triggering pipelines, potentially compromising hundreds of internal CI systems that are not exposed to the public internet. Gain valuable insights into this security risk and its implications for organizations using such CI/CD setups.
Syllabus
Abuse of Repository Webhooks to Access Hundreds of Internal CI Systems
Taught by
RSA Conference