DevSecOps stories and (in)secure containers

Hi DevSecOps'ers,

Are you ready for the first #DevSecOpsNL meetup in 2020? We are very excited!

Please RSVP to let us know if you are coming. If for some reason you cannot join the session anymore, please remove your RSVP so others can attend in case of a waiting list.

This time, we will only have limited space available at the location.

Please find more detailed information below.

See you there!

The agenda for the evening will be:

18:00-19:00 Welcome with food and drinks
19:00-19:45 First talk with Irfaan Santoe
19:45-19:55 Break
19:55-20:50 Second talk with Vincent Nieuwenburg and Colin McNaught
20:50-21:30 Closing & Networking

Irfaan Santoe
Summary:
If you believe including security toolsets in CI/CD ensures security in DevOps, I invite you for a conversation to re-think your cybersecurity approach.
We will share ABN AMRO's approach on how we embedded Security in our DevOps transformation. We will highlight and discuss real-life challenges that we faced and resolved during this transition thereby providing some stories and lessons you can learn. This is based on a holistic view on security, including roles and responsibilities and shifts in culture and behavior of DevOps teams, CISO, IT, etc. and how it is being rolled out for more than 200+ DevOps teams at ABN AMRO.

Bio:
Irfaan Santoe - Global Head of Security Engineering at ABN AMRO BANK. Currently heading a team of 35+ senior security professionals who are helping the bank's IT Development & Delivery with security engineering capabilities. Before this role, Irfaan lead another team at ABN AMRO that managed the cybersecurity risks arising from all the vendors of the bank. Before ABN AMRO, Irfaan worked at Deloitte Cyber Risk Services serving multiple corporate clients.

Vincent Nieuwenburg
Summary:
Vincent Nieuwenburg will take you through the security considerations when dealing with a Kubernetes cluster. ‘What is needed for multi-tenancy?’, ‘Which tools can we use for network isolation?' and ‘What are other components of container security?’ are questions which he will strive to answer in this talk.

Colin McNaught
Summary:
Security enhancements of using AWS firecracker. Continuing on Vincent’s talk, Colin examines how AWS firecracker can help enhance container security and mitigate common weaknesses. This talk will explain what AWS FireCracker is and how it relates to container security.

>>>>>

Detailed description to find the location:
The location is very easy to reach by car; below the building and around are more than enough parking spots for free available.
Arriving by car, you will stand in front of the Porsche building where a little sign will say Parking Yaworks B.V.; there is an underground garage where you have to ring in order for the gate to open. Inside the garage is also the entrance to the building where you can take the lift or stairs to get to the office. DevSecOpsNL signs will stand there.

Coming by public transport, you can take bus number 376 to Paasheuvelweg or 120 to Meibergdreef or the metro to Holendrecht followed by a 15-minute walk. Next to the underground garage is a door where you can ring to then enter the building.