Dhivya Chandramouleeswaran
Security Manager
New York City, New York, United States
Actions
Dhivya works as a Security Manager at AWS where she managers her team of security engineers, provides proactive security guidance to key product teams, develops security automation tools and enjoys reviewing the security of new technologies. She has spoken on application security topics previously at DEFCON 27 Blue Team Village, BSides LV, OWASP App Sec DC, OWASP App Sec California and DefendCon
Area of Expertise
Topics
Sandworms and Secure Builds: Navigating the Spicy Desert of Open Source Security
"Sandworms and Secure Builds: Navigating the Spicy Desert of Open Source Security", offers open source developers and managers of open source security, a transformative journey through the perilous sands of the open source desert, inspired by the wisdom of Dune. (Knowledge of Dune is completely optional)
Exploring the treacherous terrain of open source release pipeline, attendees uncover hidden vulnerabilities akin to elusive sandworms. Drawing from the Fremen's resilience, they learn to fortify defenses, integrating security seamlessly to shield against threats.
Key insights include securing artifacts to safeguard integrity of open source code, implementing robust access controls, and crafting effective incident response plans. The presentation will address potential issues program managers may face when implementing these controls at scale, based on practical experience.
Armed with the wisdom and fortified with practical insights, attendees will navigate the open source landscape with confidence, safeguarding open source projects from digital peril.
Keeping up with the Dependencies
Open source libraries are great. Vulnerabilities that come along with them? Not so much.
As a security team trying to implement a secure development lifecycle process, how do you solve this issue, not once but forever?
This talk will cover behind the scenes efforts that resulted in a tangible plan for dependency management, particularly for Python, Go and Javascript, at Lyft. Further, we will walk through challenges we faced along the way during implementation of popular best practices at scale.
Talk outline :
1. Open source libraries pros and cons
2. Variety of programming languages with their problematic dependency lifecycle
3. Securing supply chain at scale with developer empathy
4. Sustaining a good dependency management process
5. Measuring success and failure
Audience would leave the talk with the knowledge of real challenges faced while implementing a dependency management program and an example of how to mitigate them.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top