Maintenance window scheduled to begin at February 14th 2200 est. until 0400 est. February 15th

(e.g. yourname@email.com)

Forgot Password?

    Defense Visual Information Distribution Service Logo

    AvengerCon VII: Hacking DevOps

    Advanced Embed Example

    Add the following CSS to the header block of your HTML document.

    Then add the mark-up below to the body block of the same document.

    UNITED STATES

    12.01.2022

    Video by Steven Stover 

    780th Military Intelligence Brigade (Cyber)

    Part of the AvengerCon VII presentations cleared for public release:

    Presented by Phillip Marlow.

    Incidents like the SolarWinds compromise show the extreme impact that a compromise of the software supply chain can have. DevOps pipelines often sit right at the heart of modern software supply chains. Used by development teams to increase the quality of their software and speed of delivery, these pipelines are also target-rich environments for attack. Additionally, they are often not as well protected as other software services. This talk will highlight common DevOps misconfigurations and how they can be leveraged by an attacker to escalate privileges, move laterally to other targets, and even perform supply chain compromises. Each example will also cover how to protect and defend against such an attack, and even how to use DevSecOps principles to protect the pipelines themselves.

    Boiler:

    AvengerCon is a free security event hosted every fall by Maryland Innovation and Security Institute to benefit the hackers of the U.S. Cyber Command community and the U.S. Army 780th Military Intelligence Brigade. The event is open to all service members and employees of U.S. Cyber Command and Department of Defense personnel supporting cyberspace missions. AvengerCon features presentations, hacker villages, training workshops, and much more.

    The event is open to all service members and employees of U.S. Cyber Command and Department of Defense, and related partners supporting cyberspace missions.

    The views expressed are those of the presenter, and do not reflect the official position of the 780th Military Intelligence Brigade, U.S. Cyber Command, the Department of the Army, or Department of Defense.

    VIDEO INFO

    Date Taken: 12.01.2022
    Date Posted: 01.04.2023 10:32
    Category: Series
    Video ID: 870225
    VIRIN: 221201-O-PX639-947
    Filename: DOD_109398133
    Length: 00:35:04
    Location: US

    Video Analytics

    Downloads: 1
    High-Res. Downloads: 1

    PUBLIC DOMAIN  

    This work, AvengerCon VII: Hacking DevOps, by Steven Stover, identified by DVIDS, must comply with the restrictions shown on https://www.dvidshub.net/about/copyright.

    MORE LIKE THIS

    CONTROLLED VOCABULARY KEYWORDS

    No keywords found.

    TAGS

    Cybersecurity
    AvengerCon VII

    OPTIONS

  •   Register/Login to Download