Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022 скачать в хорошем качестве
Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022
4 года назад
Не удается загрузить Youtube-плеер. Проверьте блокировку Youtube в вашей сети.
Повторяем попытку...
Повторяем попытку...
Скачать видео с ютуб по ссылке или смотреть без блокировок на сайте: Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022 в качестве 4k
У нас вы можете посмотреть бесплатно Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022 или скачать в максимальном доступном качестве, видео которое было загружено на ютуб. Для загрузки выберите вариант из формы ниже:
-
Информация по загрузке:
Скачать mp3 с ютуба отдельным файлом. Бесплатный рингтон Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022 в формате MP3:
Если кнопки скачивания не
загрузились
НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если возникают проблемы со скачиванием видео, пожалуйста напишите в поддержку по адресу внизу
страницы.
Спасибо за использование сервиса ClipSaver.ru
Attack vectors in CI/CD pipelines | Omer Gil | The DEVOPS Conference 2022
Are you familiar with different kinds of attack vectors in CI/CD pipelines? In this video, Omer Gil will go through common attack vectors using real-world scenarios CI/CD pipelines are becoming one of the most exploited paths into internal and production systems by attackers. As there are a growing number of vectors that can be manipulated to gain access, they are oftentimes still left completely exposed, despite being known of . From unexpected webhooks requests, to bypassing branch protection rules, through more complex attack scenarios like Poisoned Pipeline Execution - attackers have found that CI/CD is a quick way to invoke malicious attacks on production code. This talk will walk you through common attack vectors in CI/CD pipelines - ones you’re probably aware of, and ones that require more attention and research, and some of the ways you can harden your systems to prevent unwanted access to your sensitive internal data. Real-world attack scenarios will be showcased as part of the session. - Omer is a seasoned application and cloud security expert with over 13 years of experience across multiple security disciplines. An experienced researcher and public speaker, Omer discovered the Web Cache Deception attack vector in 2017 (presented at Black Hat USA). After having spent many years various positions in the InfoSec domain, including the IDF, EY HASC and Magic Leap (leading the cloud security), today. Omer leads research at Cider Security, a hyper-growth startup focused on securing CI/CD pipelines. Speaker: Omer Gil Director of Research, Cider Security Speech: Abusing CI/CD - Top ways to reach production - 👇 Learn more: https://www.thedevopsconference.com https://www.eficode.com/services/devo... https://www.eficode.com - 00:00 Intro 02:29 An evolving attack surface 04:32 Is your pipeline secure? 07:45 Here comes the attacker 25:38 Bypassing required PR reviews 26:58 Summary 28:00 Q&A 34:00 Last words
Comments