Join us for an insightful session dedicated to the security aspects of source code and Infrastructure as Code (IaC). As the landscape of software development evolves, securing our code and infrastructure has never been more critical. This event will provide you with the knowledge and tools to safeguard your projects and ensure your codebase and infrastructure remain secure.
Agenda:
18:00 - 18:30 - Gathering & Mingling 🍻
18:30 - 18:45 - Opening Notes
18:45 - 19:15 - Everything as Code? GitOps to the Rescue
19:15 - 19:45 - Securing Source Code: How Adopting OpenSSF Best Practices Can Protect Your Organization
This event will be hosted by JFrog
--------------------------------Full-Agenda-Below---------------------------------
18:30 - 18:45 - Introduction & Community updates
18:45 - 19:15 - Everything as Code? GitOps to the Rescue by Maya Barak (Full-stack Developer @ Permit.io)
The ‘Everything as Code’ trend has become a common synonym for efficient cloud-native development teams, but does it truly solve the ‘More Code, More Bugs’ assumption?
In this talk, we will go over the security and usability challenges that began with Infrastructure as Code and continued with Everything as Code. Then, I’ll introduce the GitOps approach to managing such solutions. We will conclude with a live demo and practical experience that I gained while working on our open-source tool OPAL, which aids development teams in managing secure access, well… as Code!
19:15 - 19:45 - Securing Source Code: How Adopting OpenSSF Best Practices Can Protect Your Organization by Dana Rozen (Senior IR SecOps Engineer @ JFrog) & Batel Zohar (Developer Advocate @ JFrog)
In today’s digital age, safeguarding source code is crucial to maintaining the security and integrity of your software. This session will explore the best practices from the Open Source Security Foundation (OpenSSF) and we will conduct an in-depth review of these best practices, illustrating how each one of them can be easily implemented. By the end of this session, you will understand how adopting OpenSSF best practices can not only protect your source code but also fortify your organization against various cyber threats (we will go over on real cyber incidents). This session is perfect for developers, security professionals, and anyone responsible for maintaining software security.