CI/CD pipelines have become a high-value target for ransomware operators because they provide trusted access to production systems. This workshop walks through how attackers compromise build pipelines, abuse CI identities, and inject malicious code into otherwise legitimate releases. We will focus on defensive controls that teams can realistically deploy, including permission scoping for pipeline identities, runner isolation, artifact integrity checks, and deployment guardrails. The session emphasizes practical hardening techniques that reduce blast radius and limit attacker options when a pipeline is targeted.

You will learn:

• Understand how ransomware operators and supply-chain attackers compromise CI/CD pipelines and abuse trusted build systems.
• Concrete techniques for hardening pipeline identities, permissions, runners, and deployment workflows.
• Apply practical controls that reduce blast radius and limit attacker movement when CI/CD systems are targeted.