WTH is CSPM and Why Should I Care: The Journey to Managing Your Cloud Security Posture

Cloud security data breaches are commonplace today, and the cost of a breach to an organization can be astronomical. Most breaches involve a misconfiguration of an error or are the result of a cloud misconfiguration. Misconfigurations are generally created in the initial setup or during the lifetime of a cloud deployment. With more organizations moving their legacy workloads to the cloud, it is more important than ever to have security compliance management and automated remediation in your cloud infrastructure.

In this talk, I will take you on a journey from cyber security to cloud security and examine how Cloud Security Posture Management (CSPM) offers the solution to security and compliance management for your organization's cloud resources.

WTH is CSPM and Why Should I Care?

Cloud security data breaches are commonplace today, with most breaches involving a misconfiguration of an error or a result of a cloud misconfiguration. Misconfigurations are generally created in the initial setup or during the lifetime of a cloud deployment. With more organizations moving their legacy workloads to the cloud, it becomes more important than ever to have security compliance management and automated remediation in your cloud infrastructure.
In this panel discussion, we’ll chat with a few experts in the field and learn how Cloud Security Posture Management (CSPM) can be the solution to security and compliance management for your organization's cloud resources.

Role-Based Access is So Yesterday: Revolutionizing Authorization with Open FGA

Traditional role-based access control (RBAC) systems just don't cut it for modern, complex applications. In this talk, we'll dive into how Open FGA, an open-source fine-grained authorization solution, tackles these challenges head-on. We'll highlight the shortcomings of RBAC and show how Open FGA uses relationship-based access control (ReBAC) to offer a more flexible and detailed approach. You'll see how this tool can boost security, performance, and access management across various systems. If you’re curious to learn why the future of authorization is fine-grained and how Open FGA is paving the way, you don’t want to miss this session.

Almost Automated: Making the Case for Minimum Viable DevOps

DevOps has become an increasingly important concept in the world of software development, but for many organizations, it can seem like a daunting and time-consuming undertaking. The Minimum Viable DevOps approach makes it more achievable than ever! In this 5-minute Ignite talk, you’ll learn how to implement the culture of DevOps using the core agile principle of minimum viability to help teams quickly remove silos and enable faster implementation of automated processes to reduce toil and increase quality. This session aims to empower you to make real progress on your own journey toward successful DevOps adoption.

This is an Ignite-style talk. It is only 5 minutes in duration.

Unmasking Identity: Let's Chat About User Login Magic in .NET Core

Hey there, fellow code enthusiasts!

Ever felt that little chill down your spine when you hear about another huge data breach? Cyber bad guys are all over the place, and they're looking for that one loophole to sneak in. So, how do we stop them? Let’s dive into the superhero toolkit called .NET Core and see what's cooking!

Grab a chair, and let’s unravel the mysteries of the .NET Core Identity library together. Think of it as this cool Swiss Army knife that's all about keeping user info safe and sound. From setting up basic login functions, jazzing it up with two-factor authentication, to even shaking hands with third-party login pals like Google or Facebook – we've got loads to cover!

By the way, hands-on is the way to go. So expect some real-world examples, demos, and maybe a few “aha!” moments. No matter if you’re just dipping your toes into .NET Core or have been swimming in it for a while, there's something for everyone.

Ready to join this security jam session? Let’s deep dive, chat, laugh, and ensure our apps are safer than Fort Knox. See you there!

Integrating Third-party Services with Blazor's New Identity UI

We've all been there - juggling multiple tools, trying to get them to play nicely together. And with Blazor's new identity offerings , the idea of bringing in third-party services can feel a bit daunting. But here’s the good news: It doesn’t have to be!

In this talk, we'll pull back the curtain on the seamless integration of third-party services with the new Blazor Identity UI. We'll start with the basics, understanding what the new feature brings to the table. From there, we'll dive into real-world scenarios, like plugging in popular social logins and ensuring that we can safely access our account without a hitch.

And yes, we'll tackle the bumps along the way - challenges, security snags, and those "Oops, didn’t see that coming" moments. Together, we'll navigate the waters, learn from each other, and demystify the process of integrating third-party services, making it feel less like a chore and more like a new adventure.

So, whether you're a C# vet or someone just dipping their toes in, come along! Let's make our projects a little less "How do I even?" and a lot more "Look what I just did!"

Securing Microservices in .NET 8 with Advanced Identity Techniques

Ever felt like securing microservices is a bit like herding cats? In the dynamic world of .NET 8, as we embrace the agility and flexibility of microservices, the challenge of ensuring robust security looms large. But don't worry, there's a method to the madness, and we're here to delve into it!

Let's demystify the world of .NET 8's identity features together. We'll take a deep dive into the latest techniques and tools, covering everything from JWTs to OAuth2, and let's not forget the magic of OpenID Connect. And because we know the nitty-gritty matters, we'll also touch upon common hurdles, performance tweaks, and those pesky security loopholes to watch out for.

Whether you're a seasoned .NET developer or just wading into the vast ocean of microservices, this talk is your lifeline. We'll equip you with practical insights and strategies, ensuring your microservices remain both nimble and ironclad.

Prevent Burnout in a Toxic Agile Environment

We've all been at a company that did Agile completely wrong. From stakeholders who don't understand the development process leading to unreasonable deadlines, to scrum masters who fold under the pressure of these stakeholders. If you've been a developer for a while, you've definitely experienced this.

In this session, I'll teach you some practical steps to help advocate for yourself as an engineer and prevent burnout from a toxic Agile environment.

Target audience: Software Engineers