OWASP May 2022 Event - DevSecOps Transformation on a Shoestring Budget
Details
TALK
DevSecOps Transformation on a Shoestring Budget
Summary:
In this session we will briefly discuss what is DevSecOps and why should you integrate it into your organization's CICD pipeline, and will dive into various methodologies and open source tools you can quickly and freely integrate into your workflows to automate the security of product development. By the end of this session you should have a clear image of the workflow, phases and tools you should use in each phase to increase the security of your organizations products. This will be a mostly high level talk so technical knowledge of CICD technologies is not required.
Presenter:
Itay Gurvich
I'm the DevSecOps engineer at Tucows Inc where I took it upon myself to secure the company's CICD pipelines for various projects. Having broad experience in security engineering and code writing, I'd like to share my journey, findings and lessons learned from applying this transformation across multiple development teams.
Sponsors
Security Compass
Global Contributing Corporate Member & Local Event Supporter
BDO Canada
Global Contributing Corporate Member & Local Event Sponsor
Corellium
Local Event Sponsor
Cycode
Local Event Sponsor
DeepCove CyberSecurity
Local Event Sponsor
Dreadnode
Local Event Sponsor
Endor Labs
Local Event Sponsor
Leading Cyber Ladies Toronto Chapter
Industry Partner
Miggo
Local Event Sponsor
Microsoft Reactor
Local Event Sponsor
OX Security
Local Event Sponsor
Pixee
Local Event Sponsor
Security Journey
Local Event Sponsor