top of page
ICIT Research

ICIT On-Demand: The Newest Attack Vectors – Infrastructure as Code & API Security

Updated: Feb 11, 2023

Moving applications and development to the cloud has delivered both operational and security benefits at scale. However, as organizations begin to automate their infrastructure deployments and configurations using Infrastructure as Code (IaC), a new attack vector has been introduced. In addition, the move to cloud-native architectures increases the use of APIs connecting client applications to cloud hosted, microservices based solutions, introducing another new entry point for adversaries. While scanning for security vulnerabilities in application source code and on-premise network configurations is standard security protocol, many organizations have yet to focus sufficient attention on IaC and API code.


Please join us for “The Newest Attack Vectors- Infrastructure as Code & API Security Webinar” as a panel of industry experts and Government leadership will:

  1. Discuss the security implications with IaC and APIs.

  2. Provide recommendations for addressing these new attack vectors.

ICIT Contributors and Panelists:

  • Nicolas M. Chaillen – Chief Software Officer and Co-Lead for the DoD Enterprise DevSecOps Initiative, U.S. Air Force.

  • Carrie Lee – Senior Technical Advisor U.S. Department of Veterans Affairs (former Director of Digital Transformation Security)

  • Elizabeth Schweinsberg– Digital Services Expert at US Digital Service, C (former Cybersecurity and Incident Response at Facebook and Google)

  • Chris Hughes – Cloud Security Leader | Cybersecurity Professor | Board Advisor | DevSecOps Advocate Principal Cyber Security Engineer Rise8

  • Nick Sinai, Moderator – Senior Advisor, Insight Partners, Harvard Kennedy School, Obama White House (former US Deputy CTO)


bottom of page