Are your Pipelines Secure? Lock-down unsecured CI/CD Pipelines - Angel Rivera скачать в хорошем качестве

Are your Pipelines Secure? Lock-down unsecured CI/CD Pipelines - Angel Rivera

Presented by: Angel Rivera, CircleCI Presented at All Things Open 2020, DevOpsDay Raleigh Abstract: Most CI/CD pipelines used by DevOps teams utilize integrations with services such as APIs, databases and other critical systems to complete their workflows. These integrations usually required the use of extremely sensitive secrets such as passwords, tokens or certificates and must be securely protected at all times. Unauthorized access of these pipeline secrets open these systems to threats from bad actors and illegal access of data. In this talk Angel will discuss common pain points in properly securing applications, CI/CD pipelines and protecting sensitive access gates to integration targets. Attendees will learn strategies to secure their applications, sensitive data and pipeline integration points. Attendees will leave with a better understanding of how to implement security layers that can improve their pipeline security posture.