#37 - A conversation about securing the build pipeline with Adnan Khan, Lead Security Engineer at Praetorian

On today's episode of The Cybersecurity Defenders Podcast we are joined by security engineer Adnan Khan to talk about securing the build pipeline and explore some common vulnerabilities in enterprise Github configurations.Organizations using GitHub Actions with self-hosted runners are at risk of attackers gaining an internal network foothold from the Internet if they compromise one developer’s personal GitHub access token. Key configuration adjustments can secure these pipelines and limit the damage from a breach.Adnan's talk at BSidesSF: Securing the Pipeline: Protecting Self-Hosted HitHub RunnersThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.