#37 - A conversation about securing the build pipeline with Adnan Khan, Lead Security Engineer at Praetorian

On today's episode of The Cybersecurity Defenders Podcast we are joined by security engineer Adnan Khan to talk about securing the build pipeline and explore some common vulnerabilities in enterprise Github configurations.Organizations using GitHub Actions with self-hosted runners are at risk of attackers gaining an internal network foothold from the Internet if they compromise one developer’s personal GitHub access token. Key configuration adjustments can secure these pipelines and limit the damage from a breach.Adnan's talk at BSidesSF: Securing the Pipeline: Protecting Self-Hosted HitHub RunnersThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Om Podcasten

An accessible but technical podcast about cybersecurity and the people who keep the internet safe. The podcast is built as a series of segments: we will be looking back at the last couple of weeks in cybersecurity news, talking to different people in the industry about areas of their expertise, we're going to break apart some of the TTPs being used by adversaries, and we will even cover a little bit of hacker history.