BEGIN:VCALENDAR VERSION:2.0 PRODID:-//CERN//INDICO//EN BEGIN:VEVENT SUMMARY:[ONLINE] Securing GitHub & GitLab Repositories in the Era of Suppl y Chain Attacks and AI Agents DTSTART:20260630T120000Z DTEND:20260630T133000Z DTSTAMP:20260622T213600Z UID:indico-event-400@events.it4i.cz CONTACT:training@it4i.cz DESCRIPTION:\nAnnotation\nModern software development increasingly relies on open-source dependencies\, CI/CD pipelines\, and automated workflows. T his webinar explores the evolving threat landscape surrounding GitHub and GitLab repositories\, with a focus on recent software supply chain attacks and new security risks introduced by AI-powered tools and autonomous agen ts. Participants will learn how attackers exploit repositories\, pipelines \, and dependencies—and how to defend against these threats using practi cal security measures\, policies\, and tools. The session will combine rea l-world examples with actionable best practices for secure development wor kflows.\nBenefits for the attendees\, what will they learn\n\nUnderstand r ecent software supply chain attack vectors targeting GitHub/GitLab (e.g.\, dependency confusion\, malicious commits\, workflow poisoning)\nIdentify risks related to CI/CD pipelines\, secrets exposure\, and third-party inte grations\nLearn how AI tools and autonomous agents can introduce new attac k surfaces (e.g.\, code generation risks\, prompt injection\, poisoned tra ining data)\nApply best practices for repository hardening (branch protect ion\, signing commits\, access controls)\nSecure CI/CD pipelines (least pr ivilege\, secrets management\, artifact integrity)\nUse automated security tools (SAST\, dependency scanning\, secret scanning) effectively\nDesign a secure development lifecycle that integrates human and AI contributions safely\nGain practical checklists and mitigation strategies applicable imm ediately in their own projects\n\nLevel\nIntermediate (suitable for develo pers\, DevOps engineers\, and security practitioners with basic familiarit y with Git workflows)\nLanguage\nEnglish\nPrerequisites\n\n Basic underst anding of Git and repositories (GitHub or GitLab)\n\n Familiarity with CI /CD concepts is recommended but not required\n\n\nGeneral awareness of sof tware development practices\n\n\nTutor\nDominika Regéciová is a Lecturer at IT4Innovations\, focusing on the intersection of AI and security. Prev iously\, she worked as a Senior Researcher at Avast. She holds a master's degree in Information Security from the Faculty of Information Technology at Brno University of Technology (FIT BUT). Her work is driven by a passio n for bringing formal theory and advanced AI methods into practical\, real -world applications with an emphasis on security and reliability.\n \n\n  \nLUMI AI Factory is funded jointly by the EuroHPC Joint Undertaking\, t hrough the European Union's Connecting Europe Facility and the Horizon 202 0 research and innovation programme\, as well as Finland\, the Czech Repub lic\, Poland\, Estonia\, Norway\, and Denmark.\nThis course was supported by the Ministry of Education\, Youth and Sports of the Czech Republic thro ugh the e-INFRA CZ (ID:90254).\n\nAll presentations and educational materi als of this course are provided under the Creative Commons Attribution-Sha reAlike 4.0 International (CC BY-SA 4.0) license. \n\nhttps://events.it4i .cz/event/400/ LOCATION:ZOOM (ONLINE) URL:https://events.it4i.cz/event/400/ END:VEVENT END:VCALENDAR