Cloud & Cybersecurity TechSpot

How cloud technologies evolve and what it takes to keep systems secure. At the meetup we discover how to secure CI/CD pipelines with GitHub Actions, learn strategies for protecting non-human identities, and dive into real-world cases on securing Cloud Systems.

Google for startups Campus, Warsaw

7 November 2025, 18:00

get your ticket

get your ticket

Watch the recording

Watch the recording

Google for startups Campus, Warsaw

7 November 2025, 18:00

Agenda

17:00

Doors open, registration, drinks & snacks

18:00

Breaking the CI/CD chain: security risks in GitHub Actions

GitHub Actions are vital for CI/CD pipelines, but do you really know what happens under the hood?

This talk breaks down GitHub Actions concepts, explores security risks, and highlights how third-party actions can introduce vulnerabilities. We’ll walk through real-world cases of misconfigurations and vulnerabilities, including the recent tj-actions/changed-files issue, and show how malicious workflows can slip in through third-party actions.

You’ll see how different security tools, from static analysis to runtime monitoring, fit into protecting CI/CD pipelines, and learn practical steps to secure your workflows. Igor will also introduce a new tool that maps and analyzes transitive actions, helping teams understand their impact and reduce exposure.

Attendees will gain a deep understanding of GitHub Actions security, real-world case studies, practical mitigation techniques, and a tool for securing GitHub Actions.

‍

Igor Stepansky

Security Engineer, Orca Security

‍

18:45

Coffee, beer, networking

‍

19:00

TBA

19:45

Coffee, beer, networking

‍

20:00

TBA

21:00

Afterparty

‍

‍

‍

Video highlights

Photo gallery

Featured speakers & panelists

Igor Stepansky

Security Engineer

Igor Stepansky

Security Engineer

Friends, partners & communities

Data Breakfast Warsaw

Data Nomads Club

Data Breakfast Warsaw

Data Nomads Club

Registration

Please fill in the fields to register, and we’ll send you a notification to confirm your registration.

Google for startups Campus, Warsaw

7 November 2025, 18:00

Registration is closed.  Join the waiting list.

If any spot becomes available, we’ll contact you asap! Otherwise, join us online.

Google for startups Campus, Warsaw

7 November 2025, 18:00

+44 759 092 7942

Thanks for registering! We’ll send you a confirmation email soon with all the event details and helpful links.

Oops! Something went wrong while submitting the form.

Secure your spot

Join learn from others, and connect with new people.

Get your ticket

Get your ticket

Share your feedback

Tell us what you loved about the event and how we can improve. It’ll only take 5 minutes.

Fill in the form

Fill in the form

About organizer

TechSpot is driven by On The Spot. We bring startups and disruptive tech companies to the local market, offering engineers the opportunity to work on high-impact products. Check out our open positions.

Senior Developer — Windows Sensor

Software Engineer (Low-Level & Cloud) — Sensor Team

Tech Lead Engineer — Sensor Team

Minsk

Warsaw

Georgia

Belarus

Poland

Remote

Hybrid

Office

Miracle Studio

Notte

Finonex

Dexcelerate

AITHENA

44pixels

On The Spot

Unity

Supersonic

365Scores

Honeybook

Unity Playworks

Aura from Unity

Cycode

Orca Security

Other

HR & Recruitment

User Research & Design

Marketing & Sales

Data & Analytics

Software Testing

Engineering & DevOps