2025-10-30 –, Main Stage
CI/CD pipelines are the standard way of deploying not just applications but infrastructure as well. To do all that, they usually have some juicy privileges. Privileges that I want.
In this talk we're going to have a look at Azure DevOps pipelines, their permission settings, and all the ways in which you think you may have secured your pipeline that actually aren't watertight. With live demos (fingers crossed!) to show every problem and every fix.
Anniek is a security tester and general devsecops nerd.