Most CI/CD pipelines used by DevOps teams utilize integrations with services such as APIs, databases and other critical systems to complete their workflows. These integrations usually required the use of extremely sensitive secrets such as passwords, tokens or certificates and must be securely protected at all times. Unauthorized access of these pipeline secrets open these systems to threats from bad actors and illegal access of data.
This session will cover common pain points in properly securing applications and CI/CD pipelines and best practices in protecting access gates to integration targets. Attendees will learn strategies to secure their applications, sensitive data and pipeline integration points. They will leave with a better understanding of how to implement security layers that can improve their pipeline security posture.