PT. Digital Media Techindo

Perum Pondok Tandala, Jl. Bungur V No. 230
Kawalu, Kota Tasikmalaya
Jawa Barat - Indonesia 46182

Online Session: Strengthen and Scale Security Using DevSecOps

Title: Strengthen and Scale security using DevSecOps

Security is tough and is even tougher to do, in complex environments with lots of dependencies and monolithic architecture. With emergence of Microservice architecture, security has become a bit easier however it introduces its own set of security challenges.

This talk will showcase how we can leverage DevSecOps techniques to secure APIs/Microservices using free and open source software (FOSS). We will also discuss how emerging technologies like Docker, Kubernetes, Clair, ansible, consul, vault, etc., can be used to scale/strengthen the security program using DevSecOps tools and techniques.

We will cover the following as part this talk.

  1. Static/Dynamic Analysis on code during CI/CD.
  2. Scanning dockers for vulnerabilities and managing it using Clair and open source tools.
  3. Managing secrets in distributed systems.
  4. Security monitoring using ELK ( ElasticSearch, Logstash, Kibana) stack.
  5. Server hardening using Ansible and molecule (Ansible testing framework).
  6. Cloud security using smart monkey.

Speaker Bio:

Imran “secfigo” Mohammed is a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the largest information security community in Singapore where he has organised more than 60 events & workshops to spread security awareness. He is also the author of OWASP DevSecOps Studio, OWASP DevSlop and Awesome-Fuzzing projects.

He was also nominated as community star for being the go-to person in the community whose contribution and knowledge sharing has helped many professionals in the security industry. He is usually seen speaking/training in conferences like Blackhat, OWASP AppSec, DevSecCon, PyCon, NullCon, All Day DevOps, Null and OWASP chapters.

For register fill in the form:

After that will send you gotomeeting invitation to join this session.

The event is finished.



04 Okt 2018

More Info

Read More
Read More