DevOps Playground: Hands-on with Sonatype

Location image of event venue

Details

The DevOps Playground is excited to announce our upcoming London Playground will be co-hosted with our partner Sonatype. Join us as we get hands-on with DevSecOps: Security at DevOps Speed.

In this hands-on workshop, attendees will learn how Sonatype can provide a Jenkins pipeline to automatically scan and detect, understand and remediate known vulnerable open source components. Attendees will be given a chance to execute an attack against the same CVE that affected Equifax and using Sonatype's Intelligence to understand and remediate the vulnerable libraries and verify that the attack no longer works.

Key Takeaways:

Understand the Risk that the use of OS components brings
Learn how to easily identify OS threats
Learn how to remediate identified OS threats
Understand how to prioritise what gets fixed and when

Pre requisite for this Playground (must have these installed prior to event):
• Ideally Docker client
• Sonatype IDE plugin (eclipse/intellij)
• JDK
• Python (can be replaced by Jython)
• A Github Account

A few things to keep in mind:
• As this is a hands-on session, please remember to bring your laptop
• Remember to download all the required technology in order to participate
• Food and drinks will be provided.
• Doors open for networking/beers 18:30
• Playground starts at 19:00

Regards, DevOps Playground Team