Live Online Classes in Design, Coding & AI — Small Classes, Free Retakes
You’re only 3 weeks away from a new language
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore the critical security vulnerabilities in CI/CD pipelines through this 39-minute Black Hat conference talk. Discover why these pipelines represent the most dangerous potential attack surface in the software supply chain. Learn about commonly used technologies, their applications, and why they are prime targets within a company's infrastructure. Examine specific examples and live demonstrations of novel abuses of intended functionality in automated pipelines, showcasing how build pipelines can be transformed from developer utilities into Remote Code Execution-as-a-Service. Gain valuable insights from Iain Smart and Viktor Gazdag's five years of real-world experience in CI/CD pipeline compromise.
Syllabus
RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise
Taught by
Black Hat