|Target Audience||Professionals which are interested in the topic DevSecOps
From Consultancies and Resellers/ Integrators are only technical peoples (which are involved in this topic in their daily job) allowed to take part – max. one participant per company. Vendors and people with a Sales/Marketing role are not authorized as participants.
|CPE Credits||Earn 4 CPE (Continuing Professional Education) for attending this SIGS forum. Please request a confirmation.|
|Date of Event||25th June 2019
Further planned date for 2019: 10th of October and 3rd of December 2019
|Participation Costs||CHF 55.–
Organization, presentations, beverages and apéro riche included
|1:30 – 2:00 pm||Registration & Coffee|
|2:00 – 2:00 pm||Welcome from the moderator|
|2:00 – 2:30 pm||Florian Scharf, Senior Security Officer at SIX Group
SSDLC and security by design – how to enable developers to manage security up-front
During this session Florian Scharf will provide you with an overview on how SIX is approaching the challenge of meeting the requirements from legal, regulators as well as those stemming from internal security policies, up-front and during the process life cycle. You will not only learn about how security can be made part of the development life cycle but also, how you can initiate the cultural mindset towards security and cyber threats.
|2:30 – 3:00 pm||(tbd)
|3:00 – 3:30 pm||Peter Bittner, Agile CTO, Continuous Delivery Coach, DevOps Engineer at VSHN AG
Prepare for tomorrow with clean code and prevention of vendor lock-ins
|3:30 – 4:15 pm||Break|
|4:15 – 6:00 pm||Workshop I
by Peter Bittner, Agile CTO, Continuous Delivery Coach, DevOps Engineer at VSHN AG
Deployment of a Django demo application on APPUiO
|4:15 – 6:30 pm||Workshop II
by Janosch Maier, Co-Founder at Crashtest Security GmbH
Janosch Maier holds a computer science master degree and a pedagogy bachelor degree. He worked in several start-ups and developed a cyber security dashboard for the Dutch ministry of justice. After his studies, he founded the Crashtest Security GmbH where he develops a vulnerability scanner for web application. Because of his interdisciplinary background he is responsible for increasing the awareness about web application security. Janosch is giving regular talks and workshops to promote IT security in agile software development for SMEs and corporates.
How to build a secure DevOps Pipeline
Nowadays, where release cycles are as short as weeks or days, deep application penetration tests have become difficult to conduct. By creating DevSecOps pipeline this workshop will show, how to integrate security into the DevOps lifecycle properly. The pipeline will contain a dependency checker, a docker container check and a dynamic vulnerability scanner.
In this session you will learn how to
|6:00 – open end||Apéro Riche and Networking (therefore reserve as well the evening!)
The speakers will be onsite for Q&A.
This is a ‘must attend’ event for all security professionals! We are confident that the relationships you develop here will prove to be crucial to your continuing success.
With the registration for this event you accept, that SIGS may use the data entered for its own purposes and may share it for use with its event partners and event sponsors of this platform. In addition, we share the contacts as well with the community itself.