Kumar Ashwin

[email protected]
Events
arsenal

actsense - GitHub Actions Workflow Auditor

Host
Black Hat Asia 2026
Location
Marina Bay Sands, Singapore
Audience
Security Engineers, DevSecOps, Developers, CI/CD and Platform teams
Duration
Arsenal (tooling session)

Black Hat Arsenal demo of actsense (source) for comprehensive security review of GitHub Actions workflows: dependency and workflow risk, and practical hardening for teams that ship through Actions at scale.

In this session we show how the tool surfaces risk in .github/workflows and streamlines review for security and platform teams.

Slides

Slide 1
Slide 2
Slide 3
Slide 4
Slide 5
Slide 6
Slide 7
Slide 8
Slide 9
Slide 10
Slide 11
Slide 12
Slide 13
Slide 14
Slide 15
Slide 16
Slide 17
Slide 18
1 / 18

References