Attacking & Securing CI/CD Pipeline Certification
(ASCPC) - On-Demand
The ASCPC is a practical course built for DevOps professionals, security engineers, and developers seeking to understand and secure the evolving threat landscape of CI/CD pipelines.
Through a combination of guided labs and real attack scenarios, participants will gain hands-on experience with modern CI/CD tools like GitHub Actions, CircleCI, Docker, Kubernetes, Azure DevOps, and AWS CodeBuild. Each lab simulates realistic threat vectors and reinforces defensive engineering techniques.
This on-demand format allows you to start anytime, work at your own pace, and revisit the labs indefinitely.
What You Will Learn
- Identify and exploit misconfigurations in GitHub, CircleCI, and cloud-integrated CI/CD pipelines
- Perform attacks such as context injection, artifact poisoning, OIDC abuse, and pipeline hijacking
- Implement effective defenses through permissions hardening, workflow validation, and policy enforcement
- Harden DevOps pipelines across cloud environments, container orchestration, and source control systems
- Apply offensive and defensive techniques to secure real-world CI/CD workflows
Achieving Success in the ASCPC On-Demand
Success in the ASCPC course depends on a proactive, hands-on approach. This is not a passive training—each module is built around realistic CI/CD attack paths and defensive engineering practices that demand attention to detail and technical execution.
To get the most from this experience:
- Treat the Labs Like a Live Engagement: Approach each lab with the mindset of a security professional assessing a real pipeline. Think critically, take notes, and test multiple variations of each exploit.
- Document Your Work: Keep a running record of what you tried, what worked, and what failed. This documentation will help you during the exam and reinforce your understanding of each concept.
- Revisit and Reinforce: There is no time limit on lab access. Revisit complex topics and labs as often as needed. Repetition will sharpen your skills and improve retention.
- Leverage All Resources: Use the provided walkthroughs, technical references, and platform documentation. While the course is self-paced, you're not alone—plenty of guidance is available throughout.
- Prepare for the Exam as a Red Team Operator: The ASCPC certification exam mimics real-world CI/CD exploitation scenarios. Build your exam plan early, practice reporting, and be ready to demonstrate both offensive techniques and mitigation strategies.
This course is designed to push you beyond theoretical knowledge. Success comes from putting in the work—testing assumptions, breaking things, and ultimately learning how to secure modern DevOps workflows from the ground up.
Flexible Learning Format
- Self-Paced Learning: Take as long as you need to complete the course materials and labs. There are no deadlines.
- Hands-On Lab Experience: Complete hands-on labs in a dedicated and shared environment designed to simulate real-world attack paths.
- Self-Directed Support: Use the comprehensive documentation and recorded walkthroughs to guide yourself through any challenges.
Additional Costs
The ASCPC On-Demand course is designed to be all-inclusive, but students should be aware of a few potential external costs related to lab access and certification preparation:
- 1. Cloud Usage Fees: Some labs involve interactions with services in AWS and Azure. While most exercises are lightweight, students are responsible for any charges incurred by their cloud provider accounts. It's recommended to monitor usage and shut down unused resources after completing each lab.
- 2. Platform Account Requirements: You will need active accounts with GitHub, CircleCI, AWS, and Azure. Most of these services offer free tiers, but exceeding those limits—especially on cloud platforms—may result in small usage charges.
- 3. Exam Retake Fee (If Needed): Your enrollment includes one exam voucher. If you do not pass on your first attempt, a retake fee between $50–$100 may apply to cover the cost of lab access and grading.
- 4. Local Environment Setup: You may need to install and configure tools such as Docker, Node.js, kubectl, or CLI tools for AWS and Azure. These are free to use, but configuration and compatibility may vary by operating system.
Discounts Available
We offer a 20% discount to the following groups:
- Veterans and Active Military Personnel: Honoring those who have served or are currently serving.
- Students: Supporting the next generation of cybersecurity professionals.
- Educators: Recognizing the vital role of teachers in fostering cybersecurity knowledge.
- First Responders: Acknowledging the efforts of those who serve on the front lines in emergencies.
To take advantage of the discount, please email training-team@whiteknightlabs.com with proof of eligibility, and we’ll provide you with a custom discount code.
Register Now to take advantage of our special pricing and begin mastering advanced red team operations!
What Is Included
When you enroll in the Attacking & Securing CI/CD Pipeline Certification (ASCPC) – On-Demand, you receive:
Pre-Recorded Instruction
Expert-led video lessons covering CI/CD exploitation, pipeline abuse techniques, and security hardening strategies—all designed to build applied, real-world skills.
Detailed Lab Walkthroughs
Comprehensive documentation for each lab, guiding you through offensive and defensive exercises with clear, step-by-step instructions.
Flexible Lab Deployment
Launch labs using Bash or PowerShell scripts, with the ability to deploy Azure-based environments directly through a custom student portal. Designed for real-world simulation with minimal setup effort.
Realistic CI/CD Attack Paths
Work through labs that reflect actual CI/CD vulnerabilities and misconfigurations observed in enterprise environments, including supply chain compromise, pipeline abuse, and cloud integration risks.
Multi-Platform Coverage
Hands-on experience with GitHub Actions, CircleCI, Docker, Kubernetes, Azure DevOps, and AWS CodeBuild—spanning the most common CI/CD platforms in use today.
Lifetime Lab Access
Access your labs and course materials anytime. There are no time limits or expiration dates, allowing you to revisit content as needed.
One Certification Exam Voucher
Your enrollment includes one ASCPC exam voucher, which allows you to demonstrate your skills in a real-world CI/CD assessment and submit a professional report.
Student Requirements
To get the most out of the Attacking and Securing CI/CD On-Demand course, students should meet the following requirements:
Technical Skills
- - Basic knowledge of Python and Bash scripting
- - Familiarity with CI/CD concepts and DevSecOps practices
- - Understanding of containerization (Docker) and version control (Git)
Required Resources
- - Two GitHub accounts
- - Access to AWS and Azure environments
- - Docker installed on the host machine
- - Admin access to your local system and cloud platforms
Experience Level
This is an intermediate to advanced course. Students should have a background in cloud security, development pipelines, or general cybersecurity.
Mindset
A willingness to learn, experiment, and work through technical challenges independently is essential. This is a hands-on, self-paced course that requires active engagement.
Cost and Discounts
The Attacking & Securing CI/CD Pipeline Certification (ASCPC) – On-Demand is priced at $500. This fee includes access to expert-created instructional materials, self-managed labs that never expire, and one exam voucher.
Who Should Take the Attacking and Securing CI/CD On-Demand?
The ASCPC On-Demand course is designed for professionals who are responsible for the security, deployment, or maintenance of CI/CD environments. Whether you’re building pipelines, reviewing code, defending infrastructure, or attacking systems in a controlled setting, this course offers valuable, hands-on experience.
This course is ideal for:
- DevOps and DevSecOps Engineers: Professionals who design and manage CI/CD pipelines and want to integrate security into every stage of the development process.
- Penetration Testers and Red Team Operators: Those who want to expand their capabilities into CI/CD-focused attack paths, supply chain exploitation, and real-world offensive tooling in cloud-native environments.
- Cloud and Application Security Engineers: Security professionals tasked with reviewing infrastructure-as-code, cloud deployments, or pipeline configurations.
- Blue Team Analysts and Defenders: Analysts who need to understand attacker techniques in order to better detect, respond to, and mitigate pipeline-based intrusions.
- Cybersecurity Students and Enthusiasts: Learners with foundational experience in cloud or security who are ready to move into more advanced, applied content.
If you’re looking to move beyond theory and gain practical experience in attacking and securing real-world CI/CD pipelines, the ASCPC On-Demand course is built for you.
Course Content Overview
The ASCPC On-Demand course blends offensive and defensive techniques across a variety of CI/CD platforms, focusing on practical, hands-on skills. Students will explore vulnerabilities, exploit misconfigurations, and learn how to defend against real-world CI/CD threats.
Key focus areas include:
- GitHub Actions Security: Explore context injection, pull request abuse, artifact poisoning, and misconfigured OIDC workflows.
- CircleCI Misconfigurations: Hijack pipeline configurations and exploit insecure runner setups.
- AWS CodeBuild Exploitation: Abuse IAM roles, environment variables, and pipeline triggers to escalate privileges and exfiltrate secrets.
- Docker Registry Attacks: Inject malicious images and perform credential harvesting through poorly secured registries.
- Kubernetes Integration Risks: Compromise clusters via CI/CD, enumerate resources, and escalate access across pods and containers.
- Azure DevOps Abuse: Leak credentials, escalate privileges, and abuse service connections in insecure Azure DevOps pipelines.
- Each module is supported by guided labs that simulate real CI/CD environments and include both offensive attack paths and defensive remediation strategies.
Attacking & Securing CI/CD Pipeline Certification
(ASCPC) Syllabus Overview
This course provides a comprehensive exploration of security risks within modern CI/CD pipelines. The syllabus is structured to guide participants from foundational concepts to advanced exploitation techniques, with hands-on labs reinforcing each topic. Covering widely used platforms such as GitHub Actions, CircleCI, AWS CodeBuild, Docker, Kubernetes, and Azure DevOps, the course equips learners with practical skills to identify vulnerabilities and implement effective security controls across the CI/CD ecosystem.
Fundamentals
- Introduction to CI/CD Concepts
GitHub Actions Security
- GitHub Actions Overview
- Hijacking Techniques:
- Content Script Injection
- Pull Request Target Exploits
- Issue Comment Injection
- Non-Ephemeral Runner Abuse
- Workflow_Run Exploitation
- Artifact Handling:
- Secret Leakage via Artifact Uploads
- Artifact Poisoning Techniques
- Advanced Exploitation:
- Race Condition Attacks
- Bypassing Protected Branch Restrictions
- OIDC Misconfiguration Risks
- Dependabot Automerge Vulnerabilities
- GitHub Actions Security Best Practices
CircleCI Security
- CircleCI Overview
- config.yml Hijacking Techniques
AWS CodeBuild Pipeline Security
- AWS CodeBuild Overview
- Exploiting Pipeline Misconfigurations
Attacking Docker Registries
- Overview of Docker in CI/CD
- Lateral Movement Using Registry Keys
- Injecting Malicious Images to Harvest Credentials
Vulnerable Kubernetes Environments
- Kubernetes Infrastructure Overview
- CI/CD Pipeline Abuse to Compromise Kubernetes
- Enumeration Techniques
- Privilege Escalation via CI/CD Workflows
- Pod Hopping Techniques
Azure DevOps Security
- Azure DevOps CI/CD Overview
- Pipeline Security Risks and Misconfigurations
- Insecure Service Connections and Credential Leaks
- Build Agent Exploitation and Privilege Escalation
- Exploiting Azure DevOps Pipelines
- Abusing Azure Services via Pipeline Access
Constantly Updated Labs
Our labs are continuously updated to incorporate new vulnerabilities, attack vectors, and defense mechanisms. This ensures that the training you receive is relevant and reflects the latest developments in cybersecurity. Plus, with lifetime access to your labs, you can continue practicing and improving your skills without any time constraints.
Lab Attack Path Overview
The diagram below illustrates the full attack surface covered throughout the ASCPC lab course. Students will follow real-world adversarial paths, starting from initial access in CI/CD platforms and progressing through misconfigurations, privilege escalation, lateral movement, and cloud service abuse.
Each stage of the attack map corresponds to a dedicated lab scenario, designed to simulate practical threats encountered in modern DevOps environments. This structured path ensures students gain a deep understanding of how CI/CD vulnerabilities are discovered, exploited, and ultimately remediated.
By the end of the course, students will have hands-on experience with every stage of the attack lifecycle across platforms like GitHub Actions, CircleCI, AWS CodeBuild, Docker, Kubernetes, and Azure DevOps.
Frequently Asked Questions (FAQs)
Accordion Content
The on-demand course is self-paced, allowing you to take as long as you need to complete the training. There are no deadlines, so you can learn at your own pace.
Participants should have a basic understanding of cloud technology and Azure fundamentals, familiarity with scripting languages such as PowerShell, Python, and Azure CLI, and access to an Azure Tenant with a P2 License and Subscription. A laptop with at least 8GB of RAM is also required.
Yes, participants must have an Azure Tenant with a P2 License and Subscription to deploy and manage their lab environments during the training.
Yes, all participants will receive comprehensive course materials, including code snippets, custom scripts, and a detailed lab manual to assist with the training exercises. Recorded video walkthroughs of each lab are also provided.
While prior experience with Azure is beneficial, it is not strictly required. A basic understanding of cloud concepts and familiarity with scripting languages is recommended to make the most out of the training.
This on-demand training is self-paced, so you’ll be guided by pre-recorded video lessons and detailed documentation. You can also revisit the materials anytime if you need additional clarification or practice.
Yes, you will have lifetime access to your labs. This means you can continue practicing and refining your skills without any time constraints.
Labs are accessed through your own Azure environment, and they never expire, allowing continuous learning and practice.
The certification exam is a hands-on, practical test where you will be required to demonstrate your skills in a real-world Azure environment. It covers topics such as Azure AD exploitation, cloud penetration techniques, post-exploitation tactics, and configuration assessments.
Yes, an exam voucher is included with your course registration, allowing you to schedule your certification exam at your convenience.
You can schedule your exam through the White Knight Labs portal using the exam voucher provided upon course registration.
The certification exam is conducted in a live Azure environment where you will perform various penetration testing tasks and submit a professional report based on your findings.
Accordion Content
You will have 48 hours to complete the hands-on lab portion of the exam, followed by another 48 hours to prepare and submit your professional report.
To pass the certification exam, you must successfully complete the practical lab tasks and submit a comprehensive report that demonstrates your understanding of the methodologies and findings.
Yes, if you do not pass the exam on your first attempt, you can retake it. Please contact our training team for details on retake policies and any associated fees.
We offer a 20% discount for veterans, active military personnel, students, educators, and first responders. To claim your discount, email training-team@whiteknightlabs.com with proof of eligibility, and we will provide you with a custom discount code.
Yes, group discounts are available for corporate teams. Please contact us at training-team@whiteknightlabs.com for more information on group rates and arrangements.
We recommend reviewing basic Azure and cloud security concepts, familiarizing yourself with PowerShell, Python, and Azure CLI, and reading any pre-course materials provided upon registration.
Participants need a laptop with at least 8GB of RAM, an Azure Tenant with a P2 License, and a subscription. Additionally, participants should have PowerShell, Python, and Azure CLI installed on their laptops.
Yes, upon successfully completing the course and passing the certification exam, you will receive a digital certification that verifies your skills and knowledge in offensive Azure operations and tactics.
No, the certification does not expire. However, we recommend staying updated with the latest Azure security practices and technologies to maintain your skills.
No, the exam voucher does not expire, allowing you to take the exam at your convenience whenever you feel ready.
No, the training does not expire. You will have lifetime access to the course materials, recordings, and labs, allowing you to revisit the content and continue learning at your own pace.
Yes, as the labs are run in your own Azure environment, you will incur standard Azure usage charges based on the resources you deploy and use during the training.
Register Now for the On-Demand Training
Start at your own pace and take as long as you need to complete the course and labs. Secure your seat now and receive additional details by email once you complete the registration.
