Continuous integration and development (CI/CD) pipelines are the most dangerous potential attack surface of the software supply chain, according to NCC researchers. The presentation at last week’s Black Hat security conference by NCC’s Iain Smart and Viktor Gazdag, titled “RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise,” builds on previous work NCC […]
The post CI/CD Pipeline is Major Software Supply Chain Risk: Black Hat Researchers appeared first on eSecurityPlanet.
This article has been indexed from eSecurityPlanet
Read the original article: