Nov 2024
18 Mon
19 Tue
20 Wed
21 Thu
22 Fri 09:00 AM – 05:10 PM IST
23 Sat
24 Sun
Nov 2024
18 Mon
19 Tue
20 Wed
21 Thu
22 Fri 09:00 AM – 05:10 PM IST
23 Sat
24 Sun
This video is for members only
Abstract:
CI systems are the security orchestration centre of the SDLC but CI itself has become an attack surface as Solarwinds and Codecov attacks have shown.
BOLT: https://github.com/koalalab-inc/bolt an OSS tool, secures CI runtime/build time from two attack vectors:
BOLT instruments an egress gateway and auditd rules. Egress gateway enables BOLT to filter outbound traffic. Auditd logs are used to monitor for any kind of source/build tampering.
Furthermore, egress-filter itself has many other nuances. The outbound traffic from the build system can go to multi-tenant systems like GitHub, DockerHub, JFrog etc. Ensuring only the trusted tenants are being called in egress calls is necessary to ensure security.
BOLT instruments eBPF probes to do deep SSL inspection of egress traffic. Applying destination aware rules on top of deep SSL inspection enables BOLT to trust tenants across multi-tenant systems like GitHub/DockerHub/JFrog.
Takeaways:
Audience:
Nov 2024
18 Mon
19 Tue
20 Wed
21 Thu
22 Fri 09:00 AM – 05:10 PM IST
23 Sat
24 Sun
Hosted by
Supported by
Platinum Sponsor
Platinum Sponsor
Community sponsor
Venue host - Rootconf workshops
Community Partner
Community Partner
{{ gettext('Login to leave a comment') }}
{{ gettext('Post a comment…') }}{{ errorMsg }}
{{ gettext('No comments posted yet') }}