Skip to content

Title: Strengthen and Scale security using DevSecOps (Remote Session)

Photo of OWASP Indonesia
Hosted By
OWASP I.
Title: Strengthen and Scale security using DevSecOps (Remote Session)

Details

Title: Strengthen and Scale security using DevSecOps

Security is tough and is even tougher to do, in complex environments with lots of dependencies and monolithic architecture. With emergence of Microservice architecture, security has become a bit easier however it introduces its own set of security challenges.

This talk will showcase how we can leverage DevSecOps techniques to secure APIs/Microservices using free and open source software(FOSS). We will also discuss how emerging technologies like Docker, Kubernetes, Clair, ansible, consul, vault, etc., can be used to scale/strengthen the security program using DevSecOps tools and techniques.

We will cover the following as part this talk.

  1. Static/Dynamic Analysis on code during CI/CD.
  2. Scanning dockers for vulnerabilities and managing it using Clair and open source tools.
  3. Managing secrets in distributed systems.
  4. Security monitoring using ELK ( ElasticSearch, Logstash, Kibana) stack.
  5. Server hardening using Ansible and molecule (Ansible testing framework).
  6. Cloud security using smart monkey.

Speaker Bio

Imran "secfigo" Mohammed is a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the largest information security community in Singapore where he has organised more than 60 events & workshops to spread security awareness. He is also the author of OWASP DevSecOps Studio, OWASP DevSlop and Awesome-Fuzzing projects.

He was also nominated as community star for being the go-to person in the community whose contribution and knowledge sharing has helped many professionals in the security industry. He is usually seen speaking/training in conferences like Blackhat, OWASP AppSec, DevSecCon, PyCon, NullCon, All Day DevOps, Null and OWASP chapters.

For register fill in the form.
https://docs.google.com/forms/d/e/1FAIpQLSckB3qZgJAkZXAd-2GDCcHeLK1T0NyRYiCIyCyfLlw9ifWMVg/viewform

After that will send you gotomeeting invitation to join this session

Events in
Photo of OWASP Jakarta Chapter group
OWASP Jakarta Chapter
See more events
OWASP Jakarta Chapter
Photo of OWASP Jakarta Chapter group
Needs a location
Photo of OWASP Jakarta Chapter group
OWASP Jakarta Chapter
public group