DevSecOps October meetup: Software Development Security & Rise of DevSecOps

This is a past event

54 people went

Details

** DevSecOps Singapore is free for anyone to attend **

Please fill the google form if you're planning to attend todays meetup :

https://docs.google.com/forms/d/17EP77lbYUTHy9g2JTCOSe2DQCO1xOyUB7XgVIlZTne0/edit?c=0&w=1#responses

• Networking: 15 Mins

• DevSecOps Updates, DevSecCon Asia & IoT Asia Announcement by Stefan

• Software Development Security: Setup or Evolution, Best Practices by Viswanath (30 mins)

* The Rise of DevSecOps by Fabian (30 mins)

Abstracts:

Software Development Security: Setup or Evolution, Best Practices

Be it a traditional waterfall or modern-day agile (sprints or iterations) model of development, delivering a secure software is the success key to run business over a long period of time. This short presentation highlights the best practices of modern day security that can be embedded into software development without largely impacting the cost or delivery timeline. You will realize the different areas where and how security needs to be addressed in the software life-cycle.

The Rise of DevSecOps

DevOps is a cultural shift for more and more organisations, bringing speed and innovation benefits that surpass other SDLC methods. But some of the principles of DevOps aren’t quite aligned with how companies of all sizes will need to incorporate and embed security into this shift. DevSecOps provides a path forward for the transformation and helps companies to shift security to the left so that everyone can take responsibility for it. While automating security testing is an obvious answer to secure applications in the code pipeline, that does not provide 100% coverage until security risks are fully mitigated. Fabian will talk about his journey in making DevSecOps a reality in an organisation. This talk will focus some of the lessons learnt - which includes implementing open source tools to help security team do their jobs better, hacking the culture, whitelisting services, reporting security defects. and also doing Red Team activities.

Speakers Bio :

VISWANATH S CHIRRAVURI is the software security architect at a leading digital security firm, GEMALTO. In this role, he represents and advises the cross business lines of the organization on software development security, deployment security and operational security aspects. Additionally, he does security assessment on software and approves the release. He holds the following professional certifications - CISSP, GWAPT, CEH, PMP, Security+ and SCJP. Besides possessing great security knowledge, he is good badminton player. He is married to Kalyana Haritha and their greatest fulfillment comes from spending time with their two children (1 energetic son and 1 cute daughter).

Fabian Lim

{ person : {

name : ['Fabian Lim', '(Qi Pei 祺沛)'],

work : ['Intuit', 'Cyber Security Team', 'Security Software Engineer'],

job : ['Security Logging', 'Monitoring', 'Alerting', 'Remediating', '& Red Teaming, etc']

edu : ['Carnegie Mellon University – MS(Information Security Policy & Mgmt)','Singapore Management University BS(Information Systems)'],

from : ['Singapore'],

hobby : ['Krav Maga Instructor', 'Outdoors', 'Motorcycle'],

languages : ['English', 'Mandarin', 'Cantonese', 'Teochew', '(learning) Spanish']

} }