Advanced Security with GitHub without GitHub Advanced Security by Johan Lindfors

Automating and securing your CI/CD-pipeline is an important step in creating efficient teams while maintaining a state of comfort amongst the developers by protecting the production environment with tests and tools. Some functionality requires relatively expensive subscriptions or enterprise level features, but there are a lot of recommendations and best practices that you could and should consider already available in the basic configuration. Let's threat model your CI/CD pipeline to identify threats, mitigations and verifications. Johan Lindfors Truesec Recorded at Jfokus 2025 in Stockholm 4th of february http://www.jfokus.se