CNCF Live Webinar: Pwning the CI Workflow and How to Prevent it

CNCF Online Programs

Tue, May 10, 5:00 PM (UTC)

Virtual event

About this event

Our journey to open source and GitOps heaven has exposed new security challenges as our CI platforms have become exposed to the outside world. The soft underbelly of our development pipeline is also open source and visible as much to willing contributors as it is malicious subversives looking to reveal the keys to the backdoor. In this talk, we'll look at some known potential exploits to platforms such as GitHub Actions, GitLab CI and Circle CI to show how simple workflow misconfigurations or straight up bad practices can leave our supply chain wide open to attackers.

Speakers

  • Stephen Giguere

    Palo Alto Networks

    Developer Advocate

  • Barak Schoster Goihman

    Palo Alto Networks

    Senior Director, Chief Architect

Organizers

  • Ihor Dvoretskyi

    Cloud Native Computing Foundation

    Organizer

  • Kristi Tan

    CNCF

    Organizer

  • Chris Aniszczyk

    Linux Foundation (CNCF)

    Organizer

  • Libby Schulze

    CNCF

    Organizer