CloudNativeSecurityCon North America 2023

This talk addresses two core themes: First, the rise in attackers targeting developers and container image repositories to access pre-production resources. Second, good security should enable DevOps teams to better perform their role, secure builds, and remove the stigma that security = roadblocks. First, we break down how traditional CI/CD workflows are siloed from a security tooling perspective. Siloed security tools create gaps when developer ecosystems are targeted, as it’s difficult to trace attackers across environments. Monitoring a developer’s laptop may be completely isolated from the security data from registry scanning, which in turn may be completely isolated from monitoring runtime services. Second, a walkthrough breaking down the step-by-step flow of the recent Dropbox breach where attackers targeted developers and ultimately stole 130 GitHub repositories. This will be a deep dive into how the attackers targeted developers by impersonating CircleCI, with the ultimate goal of stealing GitHub repos and accessing backend infrastructure. And third, we end with a more positive look at how the right security controls (zero-trust access and registry scanning) in the CI/CD process enable developer teams to better perform their roles and more confidently deploy builds.