CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers

Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers. The presentation at last week’s Black Hat security conference by NCC’s Iain Smart and Viktor Gazdag, titled “RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise,” builds on previous work NCC […]

The post CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers appeared first on eSecurityPlanet.

applications black hat cd cd pipeline ci cloud security cybersecurity major malware pipeline researchers risk security software software supply chain supply supply chain third-party security web security