OWASP Ottawa November 15th 2023: DevSecOps: Containers, Vulnerabilities, & SCA

Welcome to our in Person Meetup at the University of Ottawa

In-Person Location:
150 Louis-Pasteur Private, Ottawa,
University of Ottawa
Room 564 (Note Room Change again)

Health Notice:

Based on the Ottawa Public Health Guidelines we strongly recommend that attendees wear a mask while not presenting. This will reduce the risk of transmission and protect members who may have compromised immune systems.

Live Stream:

We will continue to Live Stream on our YouTube channel. (https://www.youtube.com/@OWASP_Ottawa). Subscribe to our YouTube channel, set a reminder and you’ll get a notification as soon as we go live!

YouTube Live Stream Link: https://www.youtube.com/watch?v=f-4tFk0ouKc

6:00 PM EST Arrival, setup, mingle, PIZZA!!!

6:30 PM EST Technical Talks

1. Introduction to OWASP Ottawa, Public Announcements.
2. DevSecOps: Containers, vulnerabilities and SCA

Abstract:
A whirlwind tour of a tech stack evolutionary journey at a scale-up and tidbits of lessons learned from along the way. Some thoughts on the experience of taking an app from Elastic Beanstalk onto ECS, and the shift in how to approach patch/vulnerability management. Along with the different strategies to software composition analysis (SCA) in a containerized environment. Hopefully with a glimpse into an approach for embedding security into every stage of the software development lifecycle; a la the DevSecOps way.

Speaker Bio:
Greg Sienkiewicz is a DevSecOps engineer at Rewind, a Ottawa based startup on a mission to help businesses protect their SaaS and cloud data. He is curious about cyber security, especially in public cloud environments and holds multiple industry certifications; including AWS Certified DevOps Engineer Professional and AWS Certified Security Specialty as well as ISC2 Certified Cloud Security Professional (CCSP).