Modern CI/CD systems are packed with powerful service credentials. These are often more powerful than the engineers who rely on them. In this talk, I will walk through how attackers can exfiltrate “secured” service credentials from CI/CD environments and use them to pivot deeper into cloud platforms. We’ll explore how these credentials are stored, how pipelines unintentionally expose them, and how quickly an attacker can move from a compromised build job to full cloud exploitation. Expect a mix of real‑world patterns, a hands‑on demo, and practical guidance on how to lock things down before someone else takes them for a spin.

Founder, AppSec & DevSecOps engineer. Bruce brings over a decade of experience in senior roles across application development, infrastructure and security. He’s driven pipeline security improvements for global enterprises and is passionate about making security an enabler. In his spare time, Bruce builds cloud-based hacking labs on Pwned Labs, sharing his expert knowledge with the cybersecurity community and shining a light on the important and overlooked area of pipeline security.