Mitigate software supply chain risks in Github Actions | ODSP938
Github actions security Ci/cd security Supply chain attack Devops best practices Github secrets Workflow hardening Microsoft build 2026 Container security Dependency security Pipeline security
This session from Microsoft Build 2026 provides practical strategies for securing GitHub Actions workflows against supply chain attacks, covering secrets exposure risks, malicious code propagation, and dependency management. It targets DevOps engineers and security professionals responsible for CI/CD pipelines who want actionable hardening techniques including permission scoping, branch protection, and container verification.