all InfoSec news
Enhancing CI/CD Secrets Security: The 3Rs Approach - Bobby Lin
Nov. 14, 2023, 2:13 a.m. | OWASP Foundation
OWASP Foundation www.youtube.com
This year, our industry encountered a security incident where the CI provider was compromised and their master private key was stolen. The threat actor was able to decrypt the customer's CI secrets with the stolen master private key. This incident makes me think about the current state of our CI/CD secret practices and how we can further improve these practices. In this talk, I am going to summarise some of my thoughts and experiments done into three principles (which …
actor compromised current customer decrypt incident industry key master private private key secrets secrets security security security incident state stolen threat threat actor
More from www.youtube.com / OWASP Foundation
Meet OWASP Top 10 for LLM Apps at RSA!
3 weeks, 3 days ago |
www.youtube.com
The State of Secure DevOps - Security enables Velocity
2 months, 2 weeks ago |
www.youtube.com
OpenCRE.org - Universal Translator for Security
2 months, 2 weeks ago |
www.youtube.com
Level Up Your Security Champions (and Your Program)
2 months, 2 weeks ago |
www.youtube.com
Bootstrap Your Software Security with OWASP SAMM 2.1
2 months, 2 weeks ago |
www.youtube.com
“Shift Left” Isn’t What You Expected
2 months, 2 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Technical Senior Manager, SecOps | Remote US
@ Coalfire | United States
Global Cybersecurity Governance Analyst
@ UL Solutions | United States
Security Engineer II, AWS Offensive Security
@ Amazon.com | US, WA, Virtual Location - Washington
Senior Cyber Threat Intelligence Analyst
@ Sainsbury's | Coventry, West Midlands, United Kingdom
Embedded Global Intelligence and Threat Monitoring Analyst
@ Sibylline Ltd | Austin, Texas, United States
Senior Security Engineer
@ Curai Health | Remote