How Can CI/CD Go Horribly Wrong?

23,568

0 0

Published 2023-05-31

jh.live/halborn || In this video we’ll learn the basics of Continuous Integration and Continuous Deployment (CI/CD) and what security implications it has – with a live demo example, showcasing how we can perform direct pipeline poisoning to execute code and ultimately leak sensitive production info like AWS credentials!

You can learn more about Carlos Polop, Ignacio Dominguez or the security audits and assessments that HALBORN performs at jh.live/halborn

00:00 - How Can CI/CD Go Horribly Wrong?
01:19 - What is CI/CD?
03:47 - Common Misconfigurations
06:19 - Start of Demonstration
10:16 - Pipeline Poisoning Explanation
12:00 - Showcasing Direct Pipeline Poisoning
17:04 - Security Takeaways

🔥 YOUTUBE ALGORITHM ➡ Like, Comment, & Subscribe!
🙏 SUPPORT THE CHANNEL ➡ jh.live/patreon
🤝 SPONSOR THE CHANNEL ➡ jh.live/sponsor
🌎 FOLLOW ME EVERYWHERE ➡ jh.live/discord ↔ jh.live/twitter ↔ jh.live/linkedin ↔ jh.live/instagram ↔ jh.live/tiktok
💥 SEND ME MALWARE ➡ jh.live/malware