S3E12: Daniel Krivelevich of Cider Security - CI/CD Pipeline Security

- For folks that are familiar, what is a CI/CD pipeline and why is it becoming such a hot topic in modern software delivery? - Do you think earlier on in the pursuit of DevOps/DevSecOps organizations overlooked the pipeline as an attack vector? - Any thoughts are notable incidents such as SolarWinds, do you think they brought more attention to the build environment? - What are you thoughts on emerging guidance such as SLSA NIST SSDF or 800-161. Do you think these are helping bring attentio...