This post-mortem of today's Matrix prod compromise is great for its transparency and cautious response. Also a clear demonstration why dev infrastructure (Jenkins or otherwise) should not be allowed to access prod. #keepemseparated #infosec #devops https://matrix.org/blog/2019/04/11/security-incident/index.html
@kylerankin Takeaway 1: Matrix response to take down prod, rebuild from scratch in relatively short order, is commendable and all orgs should be aim to be able to do the same in similar circumstances.
@kylerankin 2a: One approach is CI signing/shipping code to dev repo, admin logs into prod to trigger prod pkgs sync from dev to prod. Make attacker have to backdoor the code itself.