Cross-domain CI/CD detection

Your identity tools and your pipeline tools never talk. Attackers live in the seam.

A stolen developer session, a workflow changed with no pull request, secrets leaving the runner to a host you've never seen — three signals, three tools, zero correlation. Sentinel stitches them into one same-hour incident.

Become a design partner See the kill chain →

Built by the team that lived the incident — org-admin takeover → malicious workflow → 10-day secret exfil, and rebuilt detection around the seam that let it run.

The gap

Two defensive domains. One unwatched seam between them.

Identity / ITDR tools own the human session. CI/CD & supply-chain tools own the pipeline. Each is blind to the other — so an attack that crosses from one to the other crosses out of every tool's field of view at exactly the boundary.

Identity / ITDR

Push, Grip, Entra
  • Stolen session & token reuse
  • Impossible-travel, AiTM phishing
  • The pipeline it unlocks
attack crosses here

CI/CD & supply chain

Harden-Runner, Cycode, OSS
  • Workflow & runner integrity
  • Egress, secrets, SHA-pinning
  • Whose hands are on the keyboard

In the originating incident the chain ran undetected for 10 days — the identity tooling couldn't see the pipeline, the pipeline tooling assumed the account was trustworthy, and nobody was watching the seam.

How it works

One kill chain. Correlated, not collected.

Sentinel ingests identity, pipeline, and egress events into a single per-actor timeline and fires when they line up into the known attack shape — in order, inside the same window. Not another scanner; a correlation layer.

01
Identity

Anomalous admin session

A branch-protection override from a web session with no token hash — a login that doesn't match the actor's baseline.

02
Pipeline

Workflow changed, no pull request

A .github/workflows file appears or mutates with no linked PR — and Sentinel asks an LLM whether the diff is malicious intent vs misconfiguration, in the context of who pushed it.

03
Egress / NHI

Novel runner egress

The job phones home to an IP the runner has never contacted — secrets, tokens, and cloud creds heading for the door.

CRITICAL
1 incident · admin-session-takeover3 signals · 3 tools · correlated in one window — with evidence, dwell time, and a recommended response.
Time to detect

The whole point is the clock.

Prevention of this attack is mostly free hygiene. The unmet need is catching the chain while it's happening — turning a multi-day blind spot into a same-hour alert.

Today · siloed tools
10 days
Caught after the fact by secret-scanning — once the damage was already done.
With Sentinel · correlated
same hour
Fires the moment the chain completes — minutes from the first anomalous session, not days.
Why it's different

Not a scanner. A detection layer for the seam.

/ 01

Cross-domain correlation

Identity → pipeline → egress as one incident. The signals exist today; nobody stitches them. That seam is the product.

/ 02

Intent, not patterns

An AI layer reasons about whether a workflow diff is deliberately malicious vs merely misconfigured — fused with the committer's identity posture. A clean-looking workflow can still be an attack.

/ 03

GitHub-native, managed

Built for GitHub-native teams without a 24/7 SOC. We watch your audit log and your Actions together — and we've lived this attack first-hand.

Early access

We're taking a handful of design partners.

GitHub-native teams who want the seam watched. You get the detection engine plus a managed pair of eyes on your audit log and pipeline. We get the real-world signal to harden against.

sentinel@buildwithvelocity.ai Request early access