Level Up Your CI/CD: Building a secure pipeline with OSS
Andoni Alonso Fernández, Paco Sanchez
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
In this comprehensive talk titled "Level Up Your CI/CD: Building a secure pipeline with OSS" at Cloud Village, Andoni Alonso Fernández and Paco Sanchez, both formerly working together and now with Paco at Progress, delivered a practical workshop on integrating robust security measures into modern Continuous Integration/Continuous Delivery (CI/CD) pipelines. The session emphasized the critical importance of a **"shift left" security approach**, advocating for the early detection and remediation of vulnerabilities in the software development lifecycle (SDLC). The speakers provided a detailed blueprint for what they term a "perfect pipeline," outlining a series of security scans and checks that span the entire deployment process, from pre-commit to post-deployment runtime analysis.
AI review
Competent, well-structured workshop that delivers exactly what it promises: a practical tour of OSS tools across the CI/CD security stack. Nothing here will surprise an experienced AppSec engineer, but the hands-on repo, the CTF-style OIDC misconfiguration demo, and the honest 'AI isn't ready for primary scanning' take give it enough signal to justify the slot at a practitioner-focused village track.