AppSec Aus Melb #19 - Zero-Friction DevSecOps: Automated Code Signing Done Right
Details
Event Confirmation Form!
➡️ We kindly request you fill out this event confirmation form to confirm your attendance for the event and your dietary requirements - https://forms.gle/5P1kfDSRtbtKze9AA
--------------------------
## What's On? 👀
Speaker: James Bannan
Title: Zero-Friction DevSecOps: Automated Code Signing Done Right
Abstract:
Software supply chain attacks aren’t hypothetical anymore; they’re depressingly regular headlines. Yet many teams still treat code signing as an afterthought: painful to set up, difficult to automate, and even harder to make developer-friendly.
This session shows that it doesn’t have to be that way. In this deeply technical, demo-driven talk, we’ll walk through how to implement automated artifact code signing using SigStore and Smallstep PKI, integrated directly into GitHub Actions. You’ll see how to transform code signing from a security bottleneck into a frictionless part of your CI/CD pipeline; one that developers barely notice, but auditors and CISOs absolutely love.
## Location 📍
Atlassian Melbourne
Queens & Collins Building, Level 20, 100 Queen Street, Melbourne VIC 3000
## Agenda ⏰
- 5:30 - Food is served
- 6:15 - Session start
- 7:30 - Post-event networking
---
Note: Please complete the event confirmation form: https://forms.gle/5P1kfDSRtbtKze9AA