07 - BruCON 0x0D - The risk of CI/CD pipeline poisoning via CodeBuild - Asier Rivera
In this session we focus on CI/CD pipelines deployed via AWS managed services, such as CodeBuild, CodeDeploy and CodePipeline. And we demonstrate how small decisions can have a significant impact on the security of the CI/CD pipeline, even to the point where the trustworthiness of the pipeline is broken (a poisoned pipeline).
CodeBuild’s functionality can be abused to allow developers to bypass existing security controls implemented as part of the SDLC environment, such as peer code review, code approval processes, segregation of duties and secrets management. This can introduce a, perhaps, unforeseen vector for exfiltrating application secrets, tampering with the application and, potentially, taking full control of the deployment servers by executing commands using elevated privileges.
Due to the shared responsibility model, this is mostly an AWS customers’ challenge. Moreover, customers will be open to the risk even when following AWS samples, tutorials, and, even managed services that help simplify and automate the setup of CI/CD pipelines in the cloud environment, such as CodeStar.
In this session we want to explain and warn DevSecOps and Cloud communities about this pipeline poisoning risk in particular, so that it can be taken into account for securing CI/CD pipelines in the cloud. And, in general, showcase the new challenges and considerations that cloud solutions bring to those adopting the cloud.
![|СОВМЕСТКА| Это любовь в одно касание... [with Ohiko Tyan]](https://images.videosashka.com/watch/inx2Welh5M0)
