It’s 2026 and developers have become the new focus for attackers seeking to elevate privileges quickly and quietly while operating in enterprise environments. Building upon processes and technologies commonly found in real-world environments, this course will walk students through a comprehensive attack path centered on enterprise DevOps technologies, processes, misconfigurations, and attacks.

During this course students can expect to:

·       Gain familiarity with a standard enterprise development workflow

·       Enumerate and triage source code repositories

·       Exploit build pipelines to compromise secrets and achieve remote code execution

·       Exploit common devops integrations such as: chat bots, secret servers, and AI assistants to elevate operational privileges

·       Understand potential supply chain exposures within your enterprise

·       Read and write detective alerts for each attack

* Please note: This is not included in the Main Conference registration and requires a separate registration.