On-demand webinar
TeamPCP and the Supply Chain: Defending Against the Next Generation of Supply Chain Malware
Watch now
Key Takeaways
Unmask the Mechanics of Modern CI/CD HijackingGo inside the active battleground of software supply chain attacks and watch security experts deconstruct the exact lifecycles threat actors use to weaponize automated workflows.
Move Beyond Traditional "Shift-Left" DefensesLearn why standard security scanners are no longer enough when they become the attack vector themselves, and discover how to protect your cloud from "imposter" commits and memory dumps.
Walk Away with a Practical Supply Chain BlueprintGain actionable, real-world defense strategies to secure your CI/CD pipelines, eliminate hidden risks, and detect advanced threats before they can spread through your environment.
About this webinar:
The software supply chain is no longer a theoretical risk, it is an active battleground. Recent threat actor TeamPCP have demonstrated how easily "trusted" third-party integrations and automated workflows can be weaponized to exfiltrate secrets and establish persistence within cloud environments. When your security scanners become the attack vector, traditional "shift-left" strategies aren't enough.
Wiz's research team will break down the mechanics of modern CI/CD hijacking. They'll deconstruct the TeamPCP attack lifecycle: from malicious "imposter" commits and tag hijacking to advanced exfiltration techniques like dumping runner memory and creating "dead-drop" repositories. Most importantly, we’ll focus on what you can do about it.
Learn how to secure your software supply chain, reduce risk across your CI/CD pipelines, and implement practical defenses that help you detect and prevent these types of attacks before they spread.
