Supply Chain Attacks in the Terraform Registry
M5 May 17, 2024, 11:30 AM - 12:20 PM
Supply Chain Attacks in the Terraform Registry
DEMO of a Supply Chain Attack.
The Terraform Registry allows engineers to use community modules in their configurations that manage enterprise infrastructures. It's a shame that the Registry has a gaping security hole.
Come to this talk to learn about supply chain attacks and watch Kyle steal his own enterprise credentials through a module on the Terraform Registry.