Security Meetup for Developers @ CGI

Join us for an enlightening evening at the GDG Stuttgart Security Meetup! This event is a perfect opportunity for developers, IT professionals, and cybersecurity enthusiasts to delve into the world of application security. Our featured speaker, Marcel Haag (IT-Security Consultant @ CGI), will guide you through "Catch What E2E Tests Miss: Real-World Security Testing with ZAP" a session that promises to show you how to examine an application while it is running to uncover vulnerabilities in the same way an actual attacker would: Fully automated and seamlessly integrated into your CI/CD pipeline through GitHub Actions.
We are still finalizing our second speaker, ensuring you'll get diverse insights on security practices. Don't miss out on this chance to learn from industry experts and engage with the local tech community. Whether you are a seasoned professional or new to cybersecurity, this meetup is designed to expand your knowledge and networks. Register now to secure your spot and be part of a vibrant community eager to share and grow together!

Marcel Haag (IT-Security Consultant @ CGI)

In modern software projects, it’s no longer enough to rely solely on end-to-end tests to ensure functional correctness. Security must become an integral part of the overall architecture and development workflow.

In this talk, I will show how you can evolve existing E2E testing strategies into a robust approach for Dynamic Application Security Testing (DAST) that makes testing practical, automated, and scalable.

Using ZAP (zaproxy.org), I will demonstrate how running applications can be examined to uncover vulnerabilities in the same way an actual attacker would.

We will walk through how to integrate ZAP into modern CI/CD pipelines and explore how to use the tool within your GitHub Actions workflows to execute security tests seamlessly and reproducibly.

I will also provide hands-on examples of ZAP’s basic, API, and full-scan capabilities, making the session valuable not only for DevOps teams but also for frontend and backend developers looking to test and strengthen the security posture of their applications.

Andreas Falk (Executive Consultant at CGI | iSAQB Certified Architect | CyberSecurity & IAM Expert | Trainer | Public Speaker)

Not finalized yet...

And of course there will be Drinks and Pizza between the talks :)

Agenda

***

Speaker

Marcel Haag - CGI Deutschland (IT-Security Consultant)

IT Nomad, Crafting solutions by day, Breaking applications by night.
github.com/marcel-haag

Host

Sebastian Graef

As a Senior Consultant, I have honed my skills in leading teams and architecting robust web solutions. My expertise lies in web technologies and frontend engineering, where I strive to drive innovation and excellence in every project I undertake.
Beyond my professional life, I am passionate about mountain sports, particularly hiking and skiing. These activities perfectly balance the dynami…

***

Partner

CGI Inc. (https://www.cgi.com)
Founded in 1976, CGI is among the largest IT and business consulting services firms in the world. We are insights-driven and outcomes-focused to help accelerate returns on your investments.

***

Complete your event RSVP here: https://gdg.community.dev/events/details/google-gdg-stuttgart-presents-security-meetup-for-developers-cgi/.