BSides London - Building Resilient CI/CD Pipelines

Official Website link

• BSides London 2024

Date: November 15, 2024 Location: ILEC Conference Centre, London, UK Track: DevSecOps Format: 30-minute presentation

Overview

Presented techniques for building resilient CI/CD pipelines that resist supply chain attacks, covering pipeline-as-code security, secret management, and artifact signing.

Key Topics

• Pipeline-as-code security hardening
• Secret management best practices
• Artifact signing and provenance
• Runtime pipeline monitoring