With convenience on the developer side, based on dependencies, abstraction layers and the composition of technologies we are getting up speed in our production pipeline. But at the same time, it’s Pandora’s box in terms of security too. How can you close this gap and eliminate the weaknesses? I’ll show you how to start with free tools to protect your stack against known security vulnerabilities, increase productivity while working fast efficient and comfortable and why quality based on an excellent test-coverage will be your safety belt. What we will cover The evolution from “Dev and Ops” via “DevOps” to “DevSecOps.” Benefits and risks that exist through the use of OpenSource How to aggregate various industry-relevant dependency management systems How to integrate results in third-party audit systems using webhooks and REST API Dynamic workflows and automated quarantine processes using webhooks and REST API A simple mapping of company guidelines using rules, policies and watches through to the new vulnerabilities reports Protection against changes in the environment as just happened with DockerHub
Sven is working as Developer Advocate for Jfrog and coding Java since 1996 in industrial projects. He was working over 15 years as a consultant worldwide in industries like Automotive, Space, Insurance, Banking, UN and WorldBank. He is regularly speaking at Conferences and Meetups worldwide and contributes to IT periodicals, as well as tech portals. Additional to his main topic DevSecOps he is working on Mutation Testing of Web apps and Distributed UnitTesting besides his evergreen topics Core Java and Kotlin.