Locking Down GitFlow with GitHub, GitLab, and Azure DevOps

Thursday, 06 May 2021 11:59AM EST (06 May 2021 15:59 UTC)
Speaker: Eric Johnson

As cloud, security, and operations teams move to DevOps workflows, understanding GitFlow and how to harden version control systems is critical. In this webcast, SEC540 author and instructor will demonstrate how a GitLab version control misconfiguration can allow a CI/CD pipeline to be compromised and result in malware being deployed to the build server. We will then review the security controls available in the GitHub, GitLab, and Azure DevOps version control systems which could have prevented the attack.

Join us for Parts 2 and 3 of this Cloud Security & DevSecOps Series:

Part 2 with Ben Allen on Thurs May 13, Setting the Gold Standard - Using CI pipelines to create validated OS images

Part 3 with Frank Kim on Wed May 26, Cloud Static Analysis Showdown

Login to Register

Related Content

Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)

A Visual Summary of SANS New2Cyber Summit 2024

Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024

Coolest Careers Poster

SANSがおすすめするサイバーセキュリティの仕事20選: DevSecOps エンジニア

DevSecOps エンジニアの主な業務や、スキルアップのためのSANSのおすすめのコースを紹介します！

Cloud Security, DevSecOps

February 10, 2023

What is DevSecOps

Part one of a four-part blog series about what’s needed to shake, shimmy, and shift left

Stacey Dunn