Modern CI/CD pipelines and software supply chains are critical to delivering software quickly, but they are now also prime targets for attackers. Many organizations are unaware of the many ways that their practices and security approaches may be exposing them to greater risk. In this demo session, we’ll walk through three common ways attackers can compromise your CI/CD processes and show you how to spot and fix these risks using GitHub Advanced Security. You’ll leave with practical guidance on how to strengthen your workflows, secure your supply chain, and stay a step ahead of evolving threats.

What you will learn

Learn from real-world examples of how attackers target CI/CD systems
Learn why supply chains and CI/CD systems are a frequent target for attackers
Discover best practices for identifying and addressing dangerous patterns in workflows using GitHub Advanced Security.