Jump to navigation Jump to content

Most Active Speaker

Diego Rodríguez Varela

Diego Rodríguez Varela

Software Development Engineer

Pontevedra, Spain

Actions

I am currently a Microsoft MVP (Developer Security) and Software Developer Engineer at Plain Concepts. Over the past 2 years I have had the privilege of speaking in more than 10 events for both Microsoft and Google communities.

In general, I am interested in exploring the methodologies and technologies that allow us to achieve secure systems, and how we can apply these principles in organizations of different sizes. That translates lately into: failsafe use of Generative AI Tools, K8S security, Frontend & Backend frameworks and even Webauthn authentication.

Besides software development, I am passionate about sports, motorbikes and, when I have enough time, travelling.

Links

Badges

  • Most Active Speaker 2025

Area of Expertise

  • Information & Communications Technology

Topics

  • Software Development
  • DevSecOps
  • Software Security
  • S-SDLC
  • Software Engineering
  • Scrum & Agile
  • Methodology

Sessions

Sube de nivel con GitHub Copilot: desarrollo con la seguridad en mente

GitHub Copilot ya es conocido por acelerar el desarrollo, pero ¿cómo podemos convertirlo en un aliado para la seguridad y el cumplimiento normativo en entornos corporativos?
En esta sesión avanzada, exploraremos cómo aprovechar las últimas capacidades de Copilot —incluyendo prompts personalizados, integración con documentación interna y políticas de seguridad— para garantizar que el código generado cumpla con estándares como OWASP Top 10 y normativas internas.

Mostraremos ejemplos reales, demos con código y buenas prácticas para:
- Configurar Copilot para reforzar patrones seguros en tu stack.
- Integrar reglas de seguridad en prompts y flujos de trabajo.
- Detectar y mitigar riesgos en tiempo de desarrollo.

Esta charla está orientada a desarrolladores y líderes técnicos que buscan llevar Copilot más allá del autocompletado, aplicándolo en escenarios de producción con foco en seguridad.

Broken Cloud App: Can AI-assisted development Help Us Secure It?

AI coding assistants are often presented as tools to write code faster. But is that code vulnerable? Or is it safe by default? Can we actually make it comply with company standards and security best practices?

We have plenty of techniques—agents, skills, prompts and hooks—that can help us move toward a security‑by‑default approach. Our proposal is to leverage these capabilities to identify and fix security weaknesses in an existing application by analysing code, detecting insecure patterns, and strengthening configurations.

Starting from a vulnerable application, and using an AI‑assisted security approach, the objective will be to harden the application through workflows that analyse code, detect insecure patterns, review Dockerfiles, strengthen configurations, and improve pipelines.

Finally, the goal is to showcase how this approach can help teams significantly improve the security posture of their applications and development workflows. In other words, deploy AI-generated code with confidence.

Level Up with GitHub Copilot: Development with Security in Mind

You already use GitHub Copilot to speed up development—but what if you could also write code according to your internal or industry security standards?

In this talk, we’ll show how to go beyond autocomplete, agent-mode, and leverage Copilot for security compliance and best practices. Whether your organization enforces strict standards or you need to align with frameworks like the OWASP Top 10, we’ll demonstrate how custom prompts, tailored instructions, and internal documentation can transform Copilot into a security ally without adding complexity.

In this session, our goal is to offer a fully practical, actionable approach on how to use the latest tools and capabilities of GitHub Copilot for security purposes.

Observabilidad y seguridad: dos caras del mismo clúster

Kubernetes nos ofrece un universo de posibilidades… pero también muchos puntos ciegos.

En esta charla exploraremos cómo evolucionar desde la observación manual de un clúster hasta una visión completa y unificada de todo su ecosistema. Hablaremos de métricas, trazas y logs, de cómo centralizar la información, detectar comportamientos anómalos y responder de forma automática a los cambios del entorno.

También miraremos al futuro: cómo la inteligencia artificial puede ayudarnos a comprender lo que ocurre en tiempo real dentro del clúster y anticipar problemas antes de que se conviertan en incidentes.

Y, por supuesto, abordaremos el lado más crítico: la seguridad y la administración. Porque observarlo todo no sirve de nada si no protegemos lo que vemos.

Una sesión para quienes buscan pasar del “¿qué ha pasado?” al “ya lo sabía”.

Events

AICD - PARIS Sessionize Event

April 2026 Paris, France

Global Azure 2026 Sessionize Event

April 2026 Madrid, Spain

Agent Camp 2026 Sessionize Event

April 2026 Málaga, Spain

AgentCamp Barcelona 2026 Sessionize Event

March 2026 Barcelona, Spain

DevFest Ponferrada 2025 Sessionize Event

November 2025 Ponferrada, Spain

DevFest Santiago de Compostela 2025 Sessionize Event

October 2025 Santiago de Compostela, Spain

NetCoreConf Bilbao 2025 Sessionize Event

September 2025 Bilbao, Spain

NetCoreConf Barcelona 2025 Sessionize Event

April 2025 Barcelona, Spain

Tenerife Winter Sessions Sessionize Event

February 2025

Diego Rodríguez Varela

Software Development Engineer

Pontevedra, Spain

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top