Programme

This is a past event

This is the page of a past DevSecCon event. To view and select current events, please return to DevSecCon.com.

What happened at DevSecCon Asia 2017?

This is a past event.

Talks
08:30 - 09:25

registration and breakfast

Keynote: Security is shifting left

Security has mostly operated towards the right of implementation just prior to deployment. With the introduction of Continuous Delivery, security must shift left and new processes, tools and skills must...
Read More
Shannon Lietz

CD and Segregation of Duties (SoD)

CD and Segregation of Duties (SoD): Discuss how to work with SoD while frequently releasing to production and providing effective production support...
Sriram Narayanan

Extending and securing Chat-Ops

Showcasing chat tools extensions with Hubot. How to make chat and ops work well with a collaborative approach - taking lessons from DevOps and Agile ways of working. Get into depths...
Arun Narayanaswamy
10:55 - 11:05

morning break

Integrating crowdsourced security into agile SDLC

In an ideal world, security involvement should start early in the Agile process and should be part of the initial Portfolio Kanban when decisions on product design are being made...
Ante Gulam

AppSec DevOps automation – real world cases

Everybody wants to create the perfect AppSec test automation as part of DevOps. Transparently identifying security vulnerabilities as code is created and fixing them before they are ever noticed...
Ofer Maor
12:00 - 13:00

Lunch break

Securing the container DevOps pipeline

Adoption of container technology has surged due to the standardisation and usability resulting from the Docker open sourcing effort and, as a result, the Open Container Initiative (OCI). Many DevOps practitioners...
William Henry

Building an application vulnerability toolchain for DevSecOps

One of the key challenges for application security in DevOps, is that scaling vulnerability assessment, effectively is very challenging. Sure, some scanners come with plugins and integrations with CI tools...
Abhay Bhargav

Using open source automation tools for DevSecOps

Automation tools are key for managing DevOps and DevSecOps: In this talk we'll focus on setting up open source automation tools and their environment, using readily available modules for deploying...
Joel Divekar

A trip through the security of DevOps tools

Nowadays, security has become a very hot issue. With the DevOps philosophy spreading everywhere and the growing idea that now you could build a new project within a few days...
Guillaume Dedrie
14:55 - 15:05

afternoon break

From resilient to antifragile – chaos engineering primer

Monkeys, Lemurs & Locusts Oh “We bought a Zoo” - Is the idea of a midnight meltdown keeping you up at night? Can we inject failure scenarios into deployed systems to reduce...
Sergiu Bodiu

DevSecOps in the government

Singapore is known to be efficient and so is the government. As Singapore's software engineers adopt DevOps as part of the software development methodologies, the pace of software releases and...
Fabian Lim

Using adversarial modelling in driving secure application development

Use cases are helpful for eliciting, communicating and documenting requirements. Additionally, use cases are also useful in gaining an understanding of the features of the application. Similarly, to identify threats...
Read More
Pishu Mahtani
17:00 - 21:00

networking drinks

Workshops

Automated infrastructure security monitoring and defence

Monitoring for application attacks and defending them in real-time is crucial. Crunch through all the logs from the various sources (web servers, applications, waf etc.) to gain insights from anomalies...
Read More
Madhu Akula
Akash Mahajan
12:00 - 13:00

Lunch break

Developing a high-performance security focussed Agile Team

Quality (security included) does not have to be neglected when you're planning, building and running a high-performance development team. Kim will set the stage with how and why Agile...
Kim Carter
14:55 - 15:05

afternoon break

Automated testing and security

Companies want to deploy code at an ever-increasing pace. You should test your code to ensure that security concerns are addressed before pushing to production...
Brett Gray
17:00 - 21:00

networking drinks