Continuous Intrusion - Why CI Tools Are An Attacker's Best Friends
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the vulnerabilities of Continuous Integration (CI) tools from an attacker's perspective in this eye-opening Black Hat conference talk. Discover how these tools can serve as portals for gaining footholds and facilitating lateral movement within enterprise systems. Learn about various attack techniques, including command and script execution, credential theft, and privilege escalation, that can compromise not only the build process but also the underlying operating system and entire Windows domains. Through live demonstrations, examine how both open-source and proprietary CI tools can be exploited using their inherent features, without relying on memory corruption bugs. Gain valuable insights into the security risks associated with CI tools and understand why they are considered an attacker's best friend due to their poor security controls, distributed build management capabilities, and high-level access privileges in enterprise environments.
Syllabus
Continuous Intrusion: Why CI Tools Are An Attacker's Best Friends
Taught by
Black Hat
Related Courses
Ethical HackingIndian Institute of Technology, Kharagpur via Swayam Investigación en Informática Forense y Ciberderecho
University of Extremadura via Miríadax MSc Cyber Security
Coventry University via FutureLearn Network Security - Introduction to Network Security
New York University (NYU) via edX Network Security - Advanced Topics
New York University (NYU) via edX