Automating systems like CI/CD processes have enabled engineers to ship code more quickly, but this change has also created multiple new avenues for attackers to reach production assets.

From bypassing branch protection rules, to more complex attack scenarios like Poisoned Pipeline Execution - attackers have found that CI/CD is a quick way to invoke malicious attacks on production environments and gain control.

This talk will walk you through some of the more common (and complex!) attack scenarios in CI/CD pipelines, and what you can do to ensure your delivery pipeline doesn't become the entry point for attackers.
Jason Cockerham
Moderator & Community Engagement Manager, DZone
Jason heads the DZone community, driving growth and engagement through new initiatives and building and nurturing relationships with existing members and industry subject matter experts. He also works closely with the content team to help identify new trends and hot topics in software development.
Omer Gil
Senior Security Research Manager at Palo Alto Networks Prisma Cloud
Omer is a seasoned application and cloud security expert with 15 years of experience across multiple security disciplines. An experienced researcher and public speaker, Omer discovered the Web Cache Deception attack vector in 2017, co-authored the "Top 10 CI/CD Security Risks" project, and participated in the creation of the "CI/CD Goat" project.
Over the years, Omer has served in various roles within the AppSec and CloudSec space, including incepting and leading the research function at Cider Security. Since Cider’s acquisition by Palo Alto Networks, Omer leads AppSec research for the Prisma Cloud platform.
Register To Watch Recording
First Name*
Last Name*
Email Address*
Phone Number*
Street Address*
Postal/Zip Code*
Job Title*
Job Function*
Company Size*