Application Architecture Summit, January 2021

How to protect your CI/CD pipeline so it doesn’t turn into a vulnerability superspreader.

CI/CD pipelines bring so much application security good to the development process. They help increase test coverage and reduce human error by automating away toil. But without proper controls, an over-privileged and insufficiently monitored CI/CD pipeline can turn into a vulnerability superspreader. This talk will show you how to manage identity-based access so your CI/CD pipeline stays secure using the open-source solution Teleport and Github Actions.

Speaker: Allen Vailliencourt