Ken Muse

From pull request to production: Crafting secure CI/CD with GitHub Actions

GitHub Universe 25
Location:
Fort Mason Center for Arts & Culture, 2 Marina Blvd, San Francisco, CA 94123
Start:
End:
Register for this onsite event

From the Codecov Bash Uploader and IAmRoot exploits to compromised Actions, the threat landscape is evolving rapidly — as attackers increasingly target your CI/CD processes, not just your applications. In this workshop, you’ll learn how to design a secure, production‑ready CI/CD foundation on GitHub Actions that protects your pipeline and deploys without long‑lived secrets. You’ll explore techniques for securing your supply chain, implementing least privilege, enforcing guardrails, and eliminating secrets from your deployments. Discover strategies used by top companies to build trust into their delivery pipelines and ship faster with less risk.

Speakers

  • Ken Muse, Staff DevOps Architect, FastTrack, GitHub
  • Dan Redman, Senior DevOps Architect, GitHub
  • Kate Katlin, Senior Product Manager, GitHub

What you will learn

  • Understand how to create a secure workflow with least privilege permissions
  • Discover how to create zero-trust deployments that reduce or eliminate secrets
  • Learn how to create guardrails for your processes and enforce separation of duties
Add this event to your calendar
View other speaking dates