
What we’re about
DevSecOps is a growing area with a number of very good conferences being organised.
DevSecOps London Gathering was created to allow people to share their real life experience of introducing or working with Security in their delivery.
A monthly gathering for anybody involved with factoring Security into DevOps - this is not just for developers or security SMEs.
Keep up to date with DSOLG
- Follow our LinkedIn Page for presentation materials and other goodies
- Subscribe to our YouTube Channel @DevSecOpsLondonGathering
- Follow us on Twitter @DevSecOpsLG
- Tune in to our Podcast DSO Overflow
Interested in speaking at one of our events? Get in touch via our form.
Or if you'd like to make a request for an event topic or speaker, let us know.
To get in touch with the DSOLG team email us team@dsolg.com
Upcoming events (4)
See all- Explore Threat Modeling MethodologiesPalo Alto Networks Office, London
Join us on Wednesday 18th June for a deep dive into Threat Modeling methodologies. Whether you’re just getting started with threat modelling or looking to elevate your current practice, this session will equip you with practical strategies to embed security throughout the software development lifecycle - without slowing innovation.
Explore Threat Modeling Methodologies: Practical Strategies for Scaling Secure Design
Details
Date: Wednesday, 18th June
Time: 6:00–8:00 PM
Location: 22 Bishopsgate, Level 55, EC2N 4BQ - Due to building security requirements, all attendees must RSVP providing first name, last name and company email address to gain access.IMPORTANT - if you previously RSVP'd without providing these details, please complete this form.
Synopsis
Join us for an engaging evening focused on demystifying threat modeling and equipping your teams with practical strategies to embed security throughout the software development lifecycle. This session will explore a range of methodologies—including STRIDE, DREAD, PASTA, and VAST—highlighting the real-world benefits and limitations of each.
Whether you're new to threat modeling or looking to evolve your current practices, you'll gain insights into how different frameworks align with business goals, technical architecture, and adversarial risk—while supporting agility and innovation.
Through real-world examples and implementation tips, attendees will learn how to:- Evaluate which methodologies best fit your team’s maturity, objectives, and workflows.
- Identify effective starting points based on business risk and compliance requirements.
- Engage key technical stakeholders and integrate seamlessly with Agile and CI/CD pipelines.
- Leverage automation and AI to enhance modeling accuracy and scale threat identification.
You’ll walk away with a practical understanding of how to build or enhance a cross-functional, continuous threat modeling practice—regardless of the methodology you choose.
Join the community:
Can't make it to the event? Keep up to date with our activities on LinkedIn & TwitterWith thanks to our Sponsors - ThreatModeler, Orca Security and our venue hosts Palo Alto Networks.
- How we saved $20K a year by hosting our own map server on AWS using Tile ServerVeracode , London
Welcome to the DevSecOps London Gathering – July Edition!
📍 Hosted at Veracode, 36 Queen Street, London
📅 Tuesday, 16th July
🕕 6:00–8:00 PMThis month, we’re diving into a real-world DevSecOps success story - one that saved $20K annually and made open-source work harder, smarter, and more securely in production.
🎤 Talk Title:
How We Saved $20K Annually by Hosting Our Own Map Server on AWS Using TileServer
Speaker: Vim (AWS Community Builder & Cloud Architect)Talk Synopsis:
When map service costs began spiralling and compliance requirements demanded expensive licensing upgrades, Vim and his team made the move from Mapbox to a self-hosted TileServer solution on AWS — cutting costs by 96% annually.In this talk, Vim will take us through:
- Why and how the switch to TileServer happened
- The serverless AWS architecture behind the scenes
- Challenges with generating and managing map data
- The security controls layered in — including WAF, CloudFront Functions, Lambda Authorizer, and VPC Link
- Lessons learned and best practices for anyone scaling open-source solutions in the cloud
Whether you’re working on cloud cost optimisation, building secure infra, or scaling open-source in production, this is one to catch.
As always, there’ll be drinks, snacks, and time to network with fellow DevSecOps engineers, architects, and security leaders.
🎟️ RSVP now and join us on July 16th!
Join the community:
Can't make it to the event? Keep up to date with our activities on LinkedIn & Twitter