Hacking DevOps, literally

Justin Calmus - VP of Hacker Success and Research
19 Oct 2017
14:00 - 14:50
CTRL room

Hacking DevOps, literally

How do you protect DevOps against hackers, those that are invited and those that are not. Organizations are increasingly asking external hackers to test their systems for vulnerabilities, but what do you need to be beforehand.

In this talk I will cover the most popular scenarios that impact DevOps and you should be planning for. Topics will include how hackers typically target DevOps: from $100,000 DNS bills, CI Infrastructure, S3 buckets, Gitlab, Github and SAML Integrations.

We will look at the hacker methodology for reconnaissance relating specific to DevOps and provide a checklist on how organizations can better work with hackers.