Cloud & CI/CD security meetup

We bring together engineers, security professionals, and DevOps experts to uncover the hidden risks lurking inside modern CI/CD pipelines. From misconfigured GitHub Actions and vulnerable third-party workflows to insider-driven supply chain attacks, the evening will spotlight real-world case studies, practical mitigation techniques, and new security tools designed to harden development pipelines.

Google for startups Campus, Warsaw

7 November 2025, 18:00

Registration
Registration
get your ticket
get your ticket

Google for startups Campus, Warsaw

7 November 2025, 18:00

Agenda

17:00

Doors open, registration, drinks & snacks

18:00

Breaking the CI/CD chain: security risks in GitHub Actions

GitHub Actions are vital for CI/CD pipelines, but do you really know what happens under the hood?

This talk breaks down GitHub Actions concepts, explores security risks, and highlights how third-party actions can introduce vulnerabilities. We’ll walk through real-world cases of misconfigurations and vulnerabilities, including the recent tj-actions/changed-files issue, and show how malicious workflows can slip in through third-party actions.

You’ll see how different security tools, from static analysis to runtime monitoring, fit into protecting CI/CD pipelines, and learn practical steps to secure your workflows. Igor will also introduce a new tool that maps and analyzes transitive actions, helping teams understand their impact and reduce exposure.

Attendees will gain a deep understanding of GitHub Actions security, real-world case studies, practical mitigation techniques, and a tool for securing GitHub Actions.

Igor Stepansky

Security Engineer, Orca Security

18:45

Coffee, beer, networking

19:10

DevOps gone rogue: hidden threats in CI pipelines

Supply chain attacks are now widely analyzed and discussed by the entire community, but they are most often considered in the context of external attacks. But what might happen when we combine this technique with an insider attack scenario?

In a situation where remote employment has become common practice, attackers are increasingly deciding to impersonate employees. How, as a "typical programmer" with no access to production, can I carry out an attack without arousing the suspicion of other developers or the security team?

During the presentation, I will demonstrate how to leverage technical debt in the CI/CD configuration to take over the production environment (Docker/Kubernetes), bypassing existing threat detection systems.

Michał El Fartas

Cloud Security Team Lead, Egnyte

20:00

Coffee, beer, networking

20:30

Panel Discussion on Cloud Security Issues and Challenges

21:00

Afterparty

Video highlights

Photo gallery

Featured speakers & panelists

Igor Stepansky

Security Engineer
Orca Security

Michal El Fartas

Cloud Security Team Lead
Egnyte

Igor Stepansky

Security Engineer
Orca Security

Michal El Fartas

Cloud Security Team Lead
Egnyte

Friends, partners & communities

Would you join us online or offline?

Thanks for registering! We’ll send you a confirmation email soon with all the event details and helpful links.

Oops! Something went wrong while submitting the form.

Secure your spot

Join us, learn from others, and connect with new people.

Get your ticket
Get your ticket

Share your feedback

Tell us what you loved about the event and how we can improve. It’ll only take 5 minutes.

Fill in the form
Fill in the form

About organizer

TechSpot is driven by On The Spot. We bring startups and disruptive tech companies to the local market, offering engineers the opportunity to work on high-impact products. Check out our open positions.

Minsk
Warsaw
Georgia
Belarus
Poland
Remote
Hybrid
Office
Miracle Studio
Notte
Finonex
Dexcelerate
AITHENA
44pixels
On The Spot
Unity
Supersonic
365Scores
Honeybook
Unity Playworks
Aura from Unity
Cycode
Orca Security
Other
HR & Recruitment
User Research & Design
Marketing & Sales
Data & Analytics
Software Testing
Engineering & DevOps