OWASP San Antonio - July 31st @ 11:30am

Name: OWASP San Antonio - July 31st @ 11:30am
Start: 2015-07-31T11:30:00-05:00
End: 2015-07-31T13:00:00-05:00
Location: Denim Group

Hosted By

OWASP San A.

Details

Join us for the July 2015 OWASP San Antonio meeting! We will be having a talk about compromising Continuous Integration systems.

Speaker: Greg Anderson

Bio:

Greg Anderson works for Rackspace where he helps to drive test automation and security.

Title: Is This Your Pipe? Compromising Build and Automation Pipelines

Abstract:

As developers of the web, we rely on tools to automate building code, run tests, and even deploy services. What happens when developers do CI/CD wrong? Credentials get exposed, hijacked, and re-purposed. I'll talk about how often, where, and what happens when people leak public cloud credentials, how some are protecting themselves using encrypted secrets, how to bypass protections against leaking secrets and how to turn someone's Jenkins Install into your own butler. Come hijack credentials out of repositories, steal hidden and encrypted secrets using builds, and hijack infrastructure via continuous integration systems.

Denim Group Offices: 1354 N Loop 1604 E Suite 110, San Antonio, TX 78232

http://photos1.meetupstatic.com/photos/event/6/7/0/5/600_434186373.jpeg

Events in San Antonio, TX

OWASP San Antonio

See more events

OWASP San Antonio

Friday, July 31, 2015
11:30 AM to 1:00 PM CDT

Denim Group

1354 N Loop 1604 E Ste 110 · San Antonio, TX

OWASP San Antonio

public group

OWASP San Antonio - July 31st @ 11:30am