This session welcomes learners with an understanding of the fundamentals or advanced technical proficiency.
Join us virtually for a Yorkshire Cyber Security Cluster Masterclass on CI/CD pipeline attacks – how attackers exploit simple oversights to attack supply chains, delivered by Simon Gurney, CTO of Punk Security.
CI/CD servers, and the overall software development lifecycle, are becoming prime targets for attacks because hackers recognise that they contain the crown jewels for software companies, but also provide an opportunity to perform supply chain attacks and breach the perimeters of potentially millions of companies from just one vendor breach. In this talk, we will explain some of the key security concepts you should be aware of when using and configuring CI/CD pipelines and some of the clever things attackers get up to. After this talk, you’ll be fully prepared to recognise and avoid these vulnerabilities.
Simon is the CTO of Punk Security, an innovative security consultancy championing cloud and application security. With 17 years of IT experience, in a career spanning most technical fields, Simon found his niche with DevSecOps and the value that a broad skill-set can bring to an organisation. When Simon isn’t busy with Punk Security he’s committed to his young family, and developing the next generation of talent as a frequent speaker and OWASP Chapter lead.