Red Hat Partner Event: Vienna DevOps and Security Meetup

We’re pleased to announce that we’ve partnered with Red Hat to offer a workshop titled “Enhancing Developer Efficiency and Security with a Secure Application Pipeline.”

❗ Please note that seating is limited, so ensure you can attend before RSVPing. Remember to bring your laptop for the hands-on activities. ❗

We look forward to seeing you there!

Technical Prerequisites:
- Participants need to bring their own laptop (the environment will be provisioned centrally, participants only need a browser and optionally a SSH connection)

Target Audience:
- Enterprise or IT Architects
- Platform Engineers
- Security Experts, Quality Assurance Engineers
- Software Developer, DevOps Engineers

- Technologies / Products used:
* Sigstore (Umbrella open source project for Supply Chain Security)
* backstage / Red Hat Developer Hub: Internal Developer Portal
* Red Hat Trusted Profily Analyser: Generating, analzying and managing of Software Bill of Materials (SBOMs)
* stackrox / Red Hat Advanced Cluster Security (ACS): Vulnerability Scanning and Security Posture Management
* Enterprise Contracts: Verification of (Supply Chain Security) policies
* rekor: Transparency log for auditing
* Fulcio (Open Source CA for short lived certificates based on OpenID Connect)

Note: The workshop scenario is using the Red Hat Enterprise versions of the respective Community projects.

Description:
This workshop explores the integration of security into development and deployment practices using multiple open source technologies. It emphasizes the importance of 'shifting left'—embedding security early in the development lifecycle—and offers hands-on activities to transition from non-secure to secure development pipelines. Participants will transform a non-secure development pipeline into a secure one, emphasizing the practical benefits of integrating security tools such as The Update Framework + Fulcio + Sigstore, Red Hat Advanced Cluster Security (ACS), and SonarQube into their Red Hat OpenShift workflows. Throughout this journey, participants will assume the roles of developers, quality assurance engineers, and security engineers, confronting challenges these personas typically face.

Agenda:
- 13:30: Doors are open
- 14:00: Welcome & Intro
- 14:30: Working hands-on
- 15:30: Break
- 16:00: Working hands-on
~ 17:00: Socializing w/ food and drinks