Breaking and Protecting GitHub IssueOps Pipelines - Alexander Barabanov - NDC Manchester 2025

github
youtube
Breaking and Protecting GitHub IssueOps Pipelines - Alexander Barabanov - NDC Manchester 2025 This talk was recorded at NDC Manchester in Manchester, England. #ndcmanchester #ndcconferences #developer #softwaredeveloper Attend the next NDC conference near you: Subscribe to our YouTube channel and learn every day: / @NDC Follow our Social Media! #github The GitHub IssueOps approach makes automation simple, but insecure pipelines can become an attacker’s playground. This talk will explore common pitfalls in IssueOps workflow implementations and real-world attack scenarios. We’ll discuss how time-of-check to time-of-use issues, broken access controls, and GitHub API integration flaws in IssueOps workflows can lead to remote code execution. You’ll learn how to threat model your automations and apply security mitigations to protect your pipelines.
  2026/01/29      youtube

関連するプログラミング動画 [github]

Our Tag

adobe alibaba amazon android appian aws azure bitcoin chrome clojure confluence crowdstrikd datadog deno django docker docusign facebook fastly firebase flask flutter gcp github gitlab golang google ibm instagram iot iphone javascript kotlin kubernetes metabase microsoft mongodb netflix nintendo node.js nosql nttdata okta oracle panasonic pandas python react saas salesforce selenium servicenow shopify slack sony sql square tencent tsla twilio twitter typescript ubuntu uipath unity vscode vue.js yahoo zoom zscaler

最近投稿されたプログラミング学習動画

How presenting a project to industry partners got Alison and Cindy invited to GitHub Universe

How presenting a project to industry partners got Alison and Cindy inv

github

Sometimes, sharing your projects with in...

  2026/01/31
This could change the way you code!

This could change the way you code!

DevLaunch is my mentorship program where...

  2026/01/30
Getting into computer science thanks to a supportive teacher and skipping a favorite class

Getting into computer science thanks to a supportive teacher and skipp

In this episode of the podcast, Cindy te...

  2026/01/30
Start using MCP in DevTools today!

Start using MCP in DevTools today!

DevTools now also offers an MCP server w...

  2026/01/29
This is how AI has simplified my life!

This is how AI has simplified my life!

DevLaunch is my mentorship program where...

  2026/01/29
Observing AI Applications with OpenLit and OpenTelemetry - Carly Richmond

Observing AI Applications with OpenLit and OpenTelemetry - Carly Richm

This talk was recorded at NDC Manchester...

  2026/01/29
Why Auto-Fixing Vulnerable Code Needs More Than Good Intentions - Spyros Gasteratos

Why Auto-Fixing Vulnerable Code Needs More Than Good Intentions - Spyr

When Vibes Don’t Build: Why Auto-Fixing ...

  2026/01/29
Prompting LLMs to use Tools and Resources with MCP - Richard Brough - NDC Manchester

Prompting LLMs to use Tools and Resources with MCP - Richard Brough -

This talk was recorded at NDC Manchester...

  2026/01/29
Breaking and Protecting GitHub IssueOps Pipelines - Alexander Barabanov - NDC Manchester 2025

Breaking and Protecting GitHub IssueOps Pipelines - Alexander Barabano

github

This talk was recorded at NDC Manchester...

  2026/01/29
Designing Scalable, Secure Data Architectures for AI at Enterprise Scale - Chisom Nwokwu

Designing Scalable, Secure Data Architectures for AI at Enterprise Sca

Design

The Trust Stack: Designing Scalable, Sec...

  2026/01/29
Your AI Is Still Biased (Even After You Checked) - Dr. Neda Maria Kaizumi - NDC Manchester 2025

Your AI Is Still Biased (Even After You Checked) - Dr. Neda Maria Kaiz

This talk was recorded at NDC Manchester...

  2026/01/29
Your Resume Isn't The Problem...

Your Resume Isn't The Problem...

DevLaunch is my mentorship program where...

  2026/01/29
How can you, as a dev, get the most out of AI tools?

How can you, as a dev, get the most out of AI tools?

How can you, as a dev, get the most out ...

  2026/01/29
Building a multi-user productivity app | Code, Commit, Deploy, Repeat (S1E1)

Building a multi-user productivity app | Code, Commit, Deploy, Repeat

Watch as we build a fully functional nat...

  2026/01/29
Can you use frameworks to build a Chrome Extension?

Can you use frameworks to build a Chrome Extension?

chrome

Explore the benefits and considerations ...

  2026/01/28
This is how I've been using AI recently.

This is how I've been using AI recently.

DevLaunch is my mentorship program where...

  2026/01/28