Important notice about SecAppDev 2020
Due to the current situation with COVID-19 (Corona), with deep regret, we feel bound to postpone SecAppDev 2020 indefinitely. While there have been no official instructions to postpone events such as ours or reduce travel, both attendees and speakers have informed us that they are unable to attend SecAppDev.
We hope everyone in SecAppDev stays healthy, and wish everyone the best for the coming months.
SecAppDev 2020 Lecture Details
A practical view of security toolchains in DevSecOps
Wednesday March 11, 16:00 - 17:30
You wanted to know about DevSecOps Pipelines, but didnt know whom to ask? This anecdotal, demo-filled talk delves into DevSecOps with strategies for tool orchestration, vulnerability management and more. Best yet, you can do all this for $0
Several organizations are seeing the need to embed security into their Software Development Lifecycle. This has largely been necessitated by Agile and DevOps transformation projects within engineering teams. However, there are several challenges with DevSecOps implementations in the real-world.
This talk will explore different types of DevSecOps toolchains. The talk is based on real-world projects, from which we will identify patterns that work. Throughout the talk, we use demos to demonstrate pipelines and tool orchestration possibilities (including parameterized DAST and IAST).
Different DevSecOps pipelines, other than typical Jenkins variant(s), DAST tool integration and security regressions, vulnerability management
DevOps pros, Application Security Pros, Cloud (Security) Pros, Pentesters
A basic knowledge of devops, application security vulnerabilities and vulnerability assessment techniques.
SecAppDev is the most immersive application security course you have ever seenBook your seat now
Abhay Bhargav is the Founder of we45, a focused Application Security Company. He is the Chief Architect of “Orchestron"", a leading Application Vulnerability Correlation and Orchestration Framework. Abhay is a speaker and trainer at major industry events including DEF CON, BlackHat, OWASP AppSecUSA, EU and AppSecCali. His trainings have been sold-out events at conferences like AppSecUSA, EU, AppSecDay Melbourne, CodeBlue (Japan), BlackHat USA 2019, SHACK and so on.
Related devops security sessions
The hitchhikers guide to secrets for cloud environments
Lecture by Abhay Bhargav
From API Keys to encryption keys, the number of secrets an average app requires is increasing. The talk will focus on secrets management for Kubernetes, AWS and Azure environments with some gotchas and implementation nuances
DevOps Security Friday March 13, 11:00 - 12:30
Lessons from the Node.js ecosystem bug bounty
Lecture by Marcin Hoppe
DevOps Security Friday March 13, 14:00 - 15:30