An online course focusing on new security risks introduced by AI-powered tools and autonomous agents will be organized by LUMI AI Factory on 30 June 2026.
Modern software development increasingly relies on open-source dependencies, CI/CD (Continuous Integration/Continuous Delivery) pipelines, and automated workflows. This webinar explores the evolving threat landscape surrounding GitHub and GitLab repositories. Participants will learn how attackers exploit repositories, pipelines, and dependencies—and how to defend against these threats using practical security measures, policies, and tools. The session will combine real-world examples with actionable best practices for secure development workflows.
Participants will:
- Understand recent software supply chain attack vectors targeting GitHub/GitLab (e.g., dependency confusion, malicious commits, workflow poisoning).
- Identify risks related to CI/CD pipelines, secrets exposure, and third-party integrations.
- Learn how AI tools and autonomous agents can introduce new attack surfaces (e.g., code generation risks, prompt injection, poisoned training data).
- Apply best practices for repository hardening (branch protection, signing commits, access controls).
- Secure CI/CD pipelines (least privilege, secrets management, artifact integrity).
- Use automated security tools (SAST, dependency scanning, secret scanning) effectively.
- Design a secure development lifecycle that integrates human and AI contributions safely.
- Gain practical checklists and mitigation strategies applicable immediately in their own projects.
