April Security Special @ Isolutions

April - Security Special @ Isolutions
Join us in person at Isolutions!!

This event will happen at Isolutions, The Circle.

Agenda:

• 17:30 Reception open & networking moment - note that if you come earlier we might ask you to help with the setup ;)
• 17:45 Intro Hosts & .NET Zurich
• 18:00 Improve DevOps security with OWASP ZAP and Azure DevOps service connections using workload identity federation. - Speakers: Marc Rufer & Raffael Nussbaumer
• 18:45 Microsoft Entra ID and .Net - a perfect match for Application Security - Speakers: Tom Aebi & Damien Bowden
• 19:30 Securely using React Meta-Frameworks with .NET - Speakers: Regina Traber, Cédric Mendelin & Gian-Luca Mateo
• 20:15 Pizza & Networking

The event is held in English.

More detail & full excerpt of the talks & bios:
Improve DevOps security with OWASP ZAP and Azure DevOps service connections using workload identity federation.
Abstract: Security is playing an increasingly important role - throughout the entire development process. In this session, we will show two specific improvement options in the context of DevOps security. Firstly, the use and benefits of the OWASP Zed Attack Proxy (ZAP) in pipelines (keyword: shift left) and secondly, the use and benefits of Azure DevOps service connections with the Workload Identity federation authentication method.

Speaker Bios:
Marc Rufer is a passionate and experienced software engineer with a preference for backend development and automation topics. He is a hungry learner interested in C#/.NET, Azure, DevOps, DevSecOps and new technologies.
Raffael Nussbaumer is an experienced .NET developer and Azure enthusiast. His experience in developing robust applications with solid craftsmanship is complemented by strong interest in modern DevOps practices and security.

Microsoft Entra ID and .Net - a perfect match for Application Security
Abstract: Almost every application has to deal with application security - users, logins, roles, etc. - in order to be secure. We would like to take you on a dev journey and show you step-by-step what fantastic and versatile support Entra ID offers here, so that in the end a secure and easy-to-manage WebApp is created without having to write much code.

Speaker Bios:
Tom Aebi is a Solution Architect with a strong focus on Microsoft technologies. He has joined the party from the early days of .Net and later with Azure, too. He always strives to build a smart and lean solution consisting of already available services, complemented with code as needed. He loves to inspire others and share his knowledge.
Damien Bowden is a web developer, architect and a Microsoft MVP for Visual Studio Development Technologies who loves to learn. He contributes regularly to open-source projects on GitHub. He runs a very popular blog which focuses on ASP.NET Core, application security, Azure, and Angular.

Securely using React Meta-Frameworks with .NET
Abstract: React development has slowly but steadily been moving towards the use of Meta-Frameworks, most commonly Next.js. And it's easy to see why: Serving large SPAs quickly and efficiently to end users creates challenges that need new technical solutions.
We explore those challenges and take a look at Remix, the new kid on the block developed by the React Router team. We also showcase how to securely develop solutions using Remix, a .NET backend, and the BFF pattern.

Speaker Bios:
Regina Traber is a full stack web developer with 3 years of experience. Passioned about React and application security and also always striving to improve the user experience.
Cédric Mendelin: As a seasoned full-stack developer with 7 years of experience, Cédric is fueled by a passion for .NET and Azure. He is dedicated to crafting valuable and secure solutions for end users.
Gian-Luca Mateo has been developing full stack web solutions for 7 years. ♥s React, TypeScript, fiddling with browser security, and improving the developer experience.