CI/CD Pipeline Security: Why Attackers Breach Your Software Pipeline and Own Your Build Before Production | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 4 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

Redefining CyberSecurity
29/10/2025 3 min Episodio 580
CI/CD Pipeline Security: Why Attackers Breach Your Software Pipeline and Own Your Build Before Production | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 4 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9

Listen "CI/CD Pipeline Security: Why Attackers Breach Your Software Pipeline and Own Your Build Before Production | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 4 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9"

Descargar episodio Ver en sitio original

Episode Synopsis

Organizations pour millions into protecting running applications—yet attackers are targeting the delivery path itself.This episode of AppSec Contradictions reveals why CI/CD and cloud pipelines are becoming the new frontline in cybersecurity.🔍 In this episode:A 188% surge in malicious open-source packages (Sonatype 2025)30% of 2024 cyberattacks traced to suppliers (Financial Times 2025)47% of organizations unable to assess pipeline risk (ENISA 2023)CISA labels build systems “high-value targets” (2025)Sean’s Take:The pipeline is production. Integrity beats visibility. Security must flow through delivery.Catch the full companion article in the Future of Cybersecurity newsletter for deeper analysis and more research.👉 Have you made CI/CD security measurable—or does it still feel like an endless patchwork of scripts, secrets, and trust? Are your pipelines part of your threat model—or an afterthought? How confident are you in the integrity of every artifact you release? Share your take—we’d love to hear your story—whether your team has succeeded in securing the software delivery pipeline from build to deploy, or whether attackers and complexity keep finding the cracks between your tools.📖 Read the full companion article in the Future of Cybersecurity newsletter for deeper insights: 🔔 Subscribe to stay updated on the full AppSec Contradictions video series and more perspectives on the future of cybersecurity: https://www.youtube.com/playlist?list=PLnYu0psdcllRWnImF5iRnO_10eLnPFWi_________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecuritySincerely, Sean Martin and TAPE9________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

More episodes of the podcast Redefining CyberSecurity

How to Stay Resilient When Cybercrime Becomes Your Competition | A Conversation with Author and Former FBI Agent, Eric O'Niell | Redefining CyberSecurity with Sean Martin 30/10/2025
The Silent Risk in AI-Powered Business Automation: Why No-Code Needs Serious Oversight | A Conversation with Walter Haydock | Redefining CyberSecurity with Sean Martin 16/10/2025
Beyond the Title: What It Really Takes to Be a CISO Today — Insights Following A Conversation with Solarwinds CISO, Tim Brown | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9 16/10/2025
First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco Ciappelli 15/10/2025
The Once and Future Rules of Cybersecurity | A Black Hat SecTor 2025 Conversation with HD Moore | On Location Coverage with Sean Martin and Marco Ciappelli 09/10/2025
When the Coders Don’t Code: What Happens When AI Coding Tools Go Dark? | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9 08/10/2025
The Hidden Cost of Too Many Cybersecurity Tools (Most CISOs Get This Wrong) | A Conversation with Pieter VanIperen | Redefining CyberSecurity with Sean Martin 03/10/2025
SBOMs in Application Security: From Compliance Trophy to Real Risk Reduction | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 3 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9 01/10/2025
Why Cybersecurity Training Isn’t Working — And What To Do Instead | Human-Centered Cybersecurity Series with Co-Host Julie Haney and Guest Dr. Aunshul Rege | Redefining CyberSecurity with Sean Martin 25/09/2025
The Problem With Threat Modeling in Application Security: Too Slow, Too Theoretical, Not Agile | AppSec Contradictions: 7 Truths We Keep Ignoring — Episode 2 | A Musing On the Future of Cybersecurity with Sean Martin and TAPE9 | Read by TAPE9 12/09/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA