Tech companies are getting excited about doing security 'stuff' earlier in the development process, and you should be too. It's time for developers, testers, PMs and security people to work together to make security testing more agile.
We have four ~15-minute lightning talks lined up to launch DevSecOps Manchester:
1. Anthony Fielding (@antfie) will give an introduction to the meet up, an overview of what DevSecOps is about and suggest what successful DevSecOps could look like. He will also set the scene for future events and encourage people to contribute talks to keep this new community alive.
2. Jahmel Harris (@jayHarris_Sec) - Current security practices are archaic. Software development techniques have improved, allowing us to release software faster, respond to changes easier and write software which really meets our users' needs, security is always there to tell us "no". In this talk Jahmel will be introducing Rex, an android vulnerability scanner which is aimed at developers and software testers to bring security testing into the 21st century. When done right, security can be an enabler and not a blocker.
3. Michael Man (@DevSecOps_LG) will be speaking on the ups and downs of running a DevSecOps gathering. Michael will share his journey of starting and running the London gathering and how it has grown from 9 close friends attending the first “private” session to a gathering with over 1,000 members in 18 months.
4. Daniel Oates-Lee (@_fireduck) will briefly cover Integrated Application Security Testing (IAST) and how to provide automated security testing. The talk will cover what an IAST tool is and how it works, the major vendors and a basic analysis of the tools and how to integrate with in an environment in various methods.
This event was made possible thanks to cyberteam (https://cyberteam.co.uk) for funding Michael and Daniel's travel expenses. They're a knowldegeable and friendly team, always happy to discuss careers and opportunities in cyber security. Orbital 3 (https://orbital3.com) provided the venue.
19:15 - Doors open
19:30 - Talks start
20:30 - Networking
21:15 - Kick out time, head to a local pub
Anthony Fielding is a cyber security consultant (AKA ethical hacker, penetration tester) with a software engineering background. He specialises in DevSecOps to empower teams to take ownership of the security of their products early in the development process. He does this by delivering training and through security consultancy.
Michael Man is a freelance consultant working within the DevSecOps space. He has been in the IT industry for over 20 years working with mobile and financial service organisations. His passion for DevSecOps has led him to help people in the industry/community through the monthly London meet-up: “DevSecOps - London Gathering”, in which he is the founder and organiser of.
Jahmel Harris is a security researcher and hacker. He co-founded Digital Interruption; a security consultancy which helps secure organisations with a mix of penetration testing and helping to embed security into application development pipelines. With a background in not only security testing but software development, Jahmel is able to advise engineers on balancing security with functionality. Jahmel has a particular interest in mobile application security, reverse engineering and radio and has presented talks and workshops at home in the UK and abroad. He also runs Manchester Grey Hats – a group aiming to bring hackers together to share knowledge and skills.
Daniel Oates-Lee is a cyber-security consultant based in the west Midlands. He is currently consulting in DevSecOps in the financial and government, but also provided cyber security and infrastructure support in the renewable energy sector. Daniel is a volunteer with BSides London security and takes part in CTF challenges.