Attackers are increasingly targeting vulnerable developer laptops to infiltrate production systems without directly attacking them, warned cloud security expert Lee Atchison.
Instead of waiting for an application to become fully functional, hackers target the development process used to bring an application to a state of operation, Atchison said, speaking at a recent Uptycs-sponsored Cybersecurity Standup, “Castles in the Sky – Secure Your App Dev Pipeline From Laptop to Cloud.”
“We focus so much attention on keeping data and cloud data centers secure. But we haven’t realized that all of this technology feeds into the data centers and that one of the primary drivers of that is developers, the source code they develop, and the machines that they develop the source code on,” Atchison said. “Those DevOps machines feed into the production systems but have nowhere near the level of protection behind them that the production data centers do.”
Leave a reply