Many organizations opt for a CI/CD architecture that combines SaaS-based source control management systems with a self-managed CI solution not exposed to the public Internet. In this talk presenters will discuss a novel attack vector, allowing anyone on the Internet to abuse repository webhooks to do much more than trigger pipelines, and show how they accessed hundreds of internal CI systems in scale.


RSAC 2023 brought together thousands of cybersecurity professionals for four incredible days of expert perspectives, groundbreaking innovation, and best practices. 

Abuse of Repository Webhooks to Access Hundreds of Internal CI Systems

Conference: RSA Conference 2023

Authors: Omer Gil, Asaf Greenholts

Abstract

Post a comment

Related work