SE Radio 575: Nir Valtman on Pipelineless Security
Software Engineering Radio - the podcast for professional software developers
00:00
The Risks of Misconfigured Repositories
Risks that we see is not necessarily an evil risk, but it's something that just occurs. One of the things that we tested quite widely with our hypothesis initially, and eventually ended up seeing that a bit more in the wild is where access to code equals access to cloud. In other cases, we see misconfigured code owners files. The main thing is that you can reduce permissions to minimize the radius when credentials are being compromised.
Transcript
Play full episode
