Lausanne DevSecOps meetup, talk ideas.
Simple repo of ideas for the next devsecops meetups, PRs welcome!
Ideas or categories of ideas, "en vrac"
Various categories or ideas for the DevSecOps meetup in Lausanne (or others ;-))
- Kubernetes security
- Sysdig inspect
- Sysdig falco
- Microservices security with Cilium (advanced)
- Elasticsearch security
- BDD-Security demo
- Deep-dive with Hashicorp Vault
- Mittn / burp demo
- Compliance as code (i.e. inSpec)
- Threat modeling and risk assessment the agile way
- Security testing - Test Driven Security
- AWS security (i.e. Serverless? IAM tips and tricks, KMS, Secrets Manager, cloudmapper..)
- App Security within CI pipelines (i.e. Snyk for deps, owasp zap baseline, etc..)
- Docker image security scan in the CI pipeline (i.e. Clair or other)
- Logging for security use-cases with Graylog
- Secure guidelines with OWASP OpenSAMM
Past
- JVM security
- Agile Risk Management
- Continuous compliance with openSCAP
- Introduction to Cilium
- Introduction to Secrets Management with Hashicorp Vault
- How to weaponize fingerprinting FTW
- SQLmap tech demo
- DevOps security challenges
- How to make DevSecOps real?
- Including application security in your DevOps pipeline