Software Supply Chain Security Explained
An overview on the security tests that we have to run through the software development process, on the source code, dependencies, containerized applications, etc. with examples of some tools and applications that help us check for vulnerabilities and secure our software.
Software supply chain security explained
Ensuring security at every stage of the development cycle is essential but often over-looked by us developers.
In this presentation we’ll see a few common security challenges in the SDLC and walk through practices and tool sets for securing each phase, from static code analysis to dependency scanning and container security.
We will explore how automation tools, like Renovate, can be your best allies in identifying and fixing vulnerabilities by updating dependencies across source code, dependencies, and containerized applications through a demo showcasing the handling of our code dependencies.
Let's "git" it right !
Feeling like you just don’t “git” it, or looking to up your “git” game? This talk is for you!
When you’re first starting out in programming, you often learn the basic commands, and maybe some specific ones your team uses daily, and it gets easy to rely on the same ones over and over and not realize the different ways you can better your git experience, like using the multitude of flags and options available.
We’ll start with the basics, then work our way up to useful commands for debugging and correcting issues, while exploring different variations and flags of specific commands.
Mainly (and clearly) aimed at new kids in the git block, but a cli connoisseur might (hopefully) pick up a trick or two.
Ensuring Security in CI/CD Workflows: Bots, Bugs, and Secure Pipelines
Ensuring security at every stage of the CI/CD pipeline is crucial.
We’ll explore a few common security challenges in the SDLC and walk through practices and tool sets for securing each phase, from static code analysis to dependency scanning and container security.
This session will explore how automation tools, like Renovate, can be your best allies in identifying and fixing vulnerabilities by updating dependencies across source code, dependencies, and containerized applications.
We will have a live demo showcasing how Renovate automates dependency management.
Whether you're a DevOps enthusiast or a security-focused developer, this talk will provide you with the tools and knowledge to defend your codebase against bugs and vulnerabilities, ensuring a robust and secure software delivery pipeline.
Automating and scaling secrets management with Vault
Managing secrets for multiple projects can become increasingly complex and error-prone. Manual configuration and inconsistent management practices among projects leave systems vulnerable and hard to scale, and manually configuring Vault instances for each project can quickly create a bottleneck for the development and operations teams. As a result, we are always looking for ways to streamline Vault deployments with minimal user input..
In this talk, we’ll explore how to leverage Vault to streamline secrets management at scale, with the added power of a process orchestrator (like Camunda).
I’ll walk you through how we automate the creation and management of Vault instances, ensuring a consistent, scalable, and secure approach to managing secrets. You’ll see how we’ve used Camunda to streamline this process. We’ll cover a quick Vault overview: Key features and benefits of Vault for managing secrets; using a process orchestrator: How we leverage it to automate processes such as provisioning Vault instances and configuring project-specific configurations. I'll present a practical example of using workflows to automate Vault instance creation, secret storage, and access policies for different projects; and finally some challenges we’ve faced (and are still addressing) and the benefits of this approach in reducing human error, improving security, and ensuring scalability.
This talk is ideal for anyone looking to improve their secrets management practices, and automate repetitive tasks.
Containers deep dive: Trivia game
In this interactive session, we dive deep into the world of containers through a live trivia game designed for developers and DevOps enthusiasts. Using only terminal tools, we’ll explore advanced container internals, image layers, namespaces, networking, and more — all while solving challenging questions and uncovering practical debugging tips. Whether you're a container ninja or just curious to go beyond docker run, join us for a hands-on, competitive experience where learning meets fun!
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top