Continuous Integration, Delivery, and Deployment (CI/CD) and Containers are common terms in today's IT landscapes and core approaches for modern software development and operation. We will give a short, to-the-point introduction of CI/CD with regard to building containers for hackers, auditors, and everyone involved in the SDLC process. Based on this understanding, we will describe and demo various security pitfalls of multi-tenant cloud build environments which provide Container based build environments.

By Etienne Stalmans, Chris Le Roy and Matthias Luft

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefi...