Cloud Native SecurityCon North America 2022

Your developer’s laptop is only one hop away from cloud infrastructure and crown-jewel data and services.  When it comes to securing cloud applications, security teams need to consider how they can secure the arc of application development. It often begins when a developer signs into an identity provider using their laptop, then pulls open-source code from a Git repository. Developers use Chrome extensions for development tasks, then push code through their build, test, and deploy processes using automation servers, Kubernetes, and public cloud services like AWS. At each stage, there are multiple points an attacker can target.  This 5-minute lightening session will cover the requirements for visibility into the entire development supply chain, from laptop to cloud, including: Why developer laptops are often an entry point for attackers—now more than everHow to gather real-time "device integrity" or security hygiene checks for zero-trust accessHow to audit for malicious Chrome extensions or vulnerable software packagesHow to tie together identity and GitHub activity on the laptop with CI/CD actions

Dates

Author

Conferences

Tags

Keynote: Why Developer Laptop Security is Key to Securing Your CI/CD Pipeline

tldr - powered by Generative AI