BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//White Knight Labs Cyber Security Training - ECPv6.14.0//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-WR-CALNAME:White Knight Labs Cyber Security Training
X-ORIGINAL-URL:https://training.whiteknightlabs.com
X-WR-CALDESC:Events for White Knight Labs Cyber Security Training
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20260308T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20261101T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260511T090000
DTEND;TZID=America/New_York:20260513T235900
DTSTAMP:20260502T120829
CREATED:20260106T120529Z
LAST-MODIFIED:20260203T145039Z
UID:33365-1778490000-1778716740@training.whiteknightlabs.com
SUMMARY:ASCPC Training (Hybrid) - NorthSec
DESCRIPTION:The ASCPC On-Demand course blends offensive and defensive techniques across a variety of CI/CD platforms\, focusing on practical\, hands-on skills. Students will explore vulnerabilities\, exploit misconfigurations\, and learn how to defend against real-world CI/CD threats. \nKey focus areas include: \n\nGitHub Actions Security: Explore context injection\, pull request abuse\, artifact poisoning\, and misconfigured OIDC workflows.\nCircleCI Misconfigurations: Hijack pipeline configurations and exploit insecure runner setups.\nAWS CodeBuild Exploitation: Abuse IAM roles\, environment variables\, and pipeline triggers to escalate privileges and exfiltrate secrets.\nDocker Registry Attacks: Inject malicious images and perform credential harvesting through poorly secured registries.\nKubernetes Integration Risks: Compromise clusters via CI/CD\, enumerate resources\, and escalate access across pods and containers.\nAzure DevOps Abuse: Leak credentials\, escalate privileges\, and abuse service connections in insecure Azure DevOps pipelines.\nEach module is supported by guided labs that simulate real CI/CD environments and include both offensive attack paths and defensive remediation strategies.
URL:https://training.whiteknightlabs.com/event/attacking-securing-ci-cd-pipeline-certification-ascpc/
ATTACH;FMTTYPE=image/svg+xml:https://training.whiteknightlabs.com/wp-content/uploads/2025/11/ASCPC.svg
ORGANIZER;CN="White Knight Labs":MAILTO:info@whiteknightlabs.com
END:VEVENT
END:VCALENDAR