The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered forCloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."
CI/CD pipelines are complex environments. This complexity requires methodical comprehensive reviews to secure the entire stack. Often a company may lack the time, specialist security knowledge, and people needed to secure their CI/CD pipelines. Realising these facts; cyberattacks targeting CI/CD pipelines has been gaining momentum, and attackers increasingly understand that build pipelines are highly-privileged targets with a substantial attack surface. In this presentation, we will share some of our observation through showing different flavours of attack on possible development pipelines, and introduce a tool to detect them.
Mert Coskuner is an experienced security engineer who has worked for numerous well known tech companies. He is a veteran pentester, red teamer, security researcher and malware & cryptography nerd.
Cenk is the Co-founder & CEO of Kondukto Inc. He is an experienced system developer and application security professional with over 15 years of experience. Cenk is a longtime Linux aficionado. He is active speaker in events and enjoys speaking about appsec automation, fuzzing, the... Read More →