In this workshop, through a mix of presentations, demos, and hands-on exercises, you’ll learn how to identify and prevent the most common attack vectors in modern build pipelines.

While the examples use GitHub, the principles and techniques are vendor-agnostic and applicable across different CI/CD platforms.

What is expected from participants?
- Basic knowledge of GitHub.
- Bring a laptop and an active Github account.

Workshop (60 min)

Developer with occasional strays into security and platforms for 20+ years. Co-organiser of Cloud native Day Oslo and the Security Champions  Norge community.

Application security developer & security champion advocate

NDC { Security }

Part 2/2: Hack your own pipeline (before someone else does)

Jan-Kåre Solbakken

Emil Albrektsson