AWS Security for Developers

You are cordially invited to an evening of security hands-on with AWS in collaboration with AWS User Group Bergen.

Bring your own laptop for a bit of hands-on workshop with fellow user group members over some food and drinks. All level of AWS knowledge is welcomed whether you are a tenured user group member or currently considering joining a tech Meetup community.

Security is everyone’s responsibility. The earlier you can build the appropriate configuration into your applications the easier it is to achieve the goal of shipping securely AND swiftly.
The techniques you’ll learn in this workshop will help you raise the bar for the security of the applications you build. This will help you spend more time building software that delights your customers & less time on rework after security reviews

In this workshop you’ll learn how to think about security for the things you are responsible for - the applications that you build. We’ll go through the common security risks and the tools & techniques that you can use to secure your applications without making major impact to your Software Delivery.
This session will be entirely hands-on covering topics such as:

• Release Automation
• OWASP Top 10
• Static Application Security Testing (SAST)
• Software Composition Analysis (SCA)
• License Analysis
• Dynamic Application Security Testing (DAST)
• Fixing the Remaining Vulnerabilities

The goal is to deploy an insecure web app automatically, understand common security risks along the way and discover how they are exploited. Then introduce and integrate process and tooling to the release pipeline as a preventive mechanism to catch exploits during code changes. Finally, remediate the security risks.

The workshop is considered level 300 and we are happy to have people of all AWS skill level attending. All infrastructure and usage will be covered for the event.