Video Description

▬▬▬▬▬▬ SHOW SPONSOR ✨ ▬▬▬▬▬▬ As a special offer for the OWASP DevSlop audience, sign up for a free 2-week Datadog trial and receive a Datadog t-shirt! https://www.datadoghq.com/owasp-devslop ▬▬▬▬▬▬ SHOW SPONSOR ✨ ▬▬▬▬▬▬ Now that engineering systems, environments, and processes have become a significant part of an organization's attack surface, defenders are required to adapt their AppSec program to address the new breed of CI/CD security risks that have become prevalent. The "Top 10 CI/CD Security Risks" initiative assists defenders to identify focus areas for securing their CI/CD ecosystem. It is the result of extensive research into attack vectors associated with CI/CD, and the analysis of high-profile breaches and security flaws. In this episode, we will discuss the motivation behind the Top 10, The process that led to its creation, and the different ways through which it can be applied to the day-to-day of all parties - breakers, builders, and defenders ▬▬▬▬▬▬ LINKS ▬▬▬▬▬▬ https://www.cidersecurity.io/top-10-cicd-security-risks/ https://github.com/cider-security-research/cicd-goat https://www.cidersecurity.io/