- "Remove Developers' Shameful Secrets or Simply Remove Shameful Developers ..." by Fabian Lim (2 hours)
REMOVE DEVELOPERS' SHAMEFUL SECRETS OR SIMPLY REMOVE SHAMEFUL DEVELOPERS ...
I started out with 1 goal: to eliminate hard-coded secrets in the code repository. For this workshop, we will do a short hands-on demo using Vault – one of many secret management tools – to automate security into CICD, building on current workflows. The workshop will also explain some concepts around secret management and technical ways to deal with the problems in achieving the one goal.
In this hands-on workshops, attendees will learn how to:
- Set up a clean development environment without Vault
- Integrate Vault into the pipeline with build tools like Jenkins and how it can interact with applications
- Bonus, if we have time, we will explore other cool features of Vault to strengthen other layers of security (SSH CA, PKI)
ABOUT FABIAN LIM
Born and brewed in Singapore; learned the skills in the US.
Energetic DevSecOps engineer and evangelist.
What excites me most: cybersecurity, red teaming, fitness… and quality wine & whisky
A practitioner of various martial arts and a former Krav Maga instructor
“If it doesn’t challenge you, it doesn’t change you.”
“Defeat is a state of mind you accept.”
As this is a hands-on workshop, we can only accommodate a handful of participants. Participants will be selected based on their answers to the following RSVP questions:
1. Tell us about your cybersecurity background and why you want to attend this workshop.
2. Have you attended our previous events/meetups?
3. How would you like to contribute back to Div0?
Selected participants will be notified a week before the workshop.