Loading…
October 24, 2022 | Detroit, Michigan
View More DetailsRegistration Information 

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 - Detroit, MI + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (EDT), UTC -4. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Monday, October 24 • 1:50pm - 2:20pm
Securing CI/CD Systems Through eBPF - Alex Ilgayev, Cycode

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Feedback form is now closed.
The challenging nature of securing CI/CD pipelines, mainly because of inadequate security tooling and low observability of the underlying system, would make using the eBPF technology inevitable. This technical talk aims to demonstrate how eBPF can be used to secure CI/CD pipelines, whether they run on bare-metal, virtual machines, or ephemeral environments. By combining dedicated research, an innovative approach, and proper tooling, we can inject an eBPF-based implant into every build environment quickly and easily, to inspect, identify, and protect against malicious activity. We will demonstrate the following use-cases: - Visibility over the entire build process - created processes, contacted IP addresses/domains, modified files, traffic inspection, etc. - Ensure code and artifact integrity. - Denying build process tampering. - Maintain a tight network policy to prevent processes from exfiltrating sensitive secrets, such as tokens and environment variables. We will demonstrate how we can stop the deadliest software supply chain attacks while supporting all major CI/CD platforms, such as Github Actions, Jenkins, GitlabCI, and CircleCI.
Speakers
avatar for Alex Ilgayev

Alex Ilgayev

Head of Security Research, Cycode
Alex Ilgayev is a security researcher specializing in software supply chain security vulnerabilities. At Cycode, he is responsible for hunting down security issues and researching possible mitigations. Before that, Alex led the malware research team at Check Point Research, where... Read More →

Securing CI CD through eBPF pdf
Monday October 24, 2022 1:50pm - 2:20pm EDT
Room 250 ABC Huntington Place: 1 Washington Blvd, Detroit, MI 48226
  Sessions