All the stuff – a roundup form the MDSO community

We’ve decided to make it even easier for you to know about the excellent things happening in the MyDevSecOps community, so we’ve put together a digest of the best things that happened in the community recently. Feel free to get in touch if you want to see yours in the next digests.

Tools and projects

  • TerraGoat is Bridgecrew’s “Vulnerable by Design” Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments. [LINK]

  • VSCode Extension – Security Scanner to find and fix vulnerabilities in JavaScript and TypeScript. Inspired by Import Cost [LINK]


  • Ep. #60, Navigating the Terrain of Shared Responsibility with Iftach Ian Amit, CSO at Cimpress [LINK]

  • Ep. #61, The rise of HTTPS and Front-End Security Toolbox with Scott Helme [LINK]

Live sessions

  • 2FA in 2020 and Beyond, Kelley Robinson [LINK]


Below is a roundup of some of the security events that came our way. Feel free to share your events and meetups with us.

  • The flagship MyDevSecOps community event – DevSecCon24 is getting hotter every day, find more info and register here [LINK]

  • OpenObservability Conf [LINK]

  • DevOps Enterprise Live [LINK]

  • OpenSecSummit [LINK]

  • CloudSummit [LINK]

  • ICYMI: catch the recordings from the incredible Software Circus – Down the Rabbit Hole event [LINK]

Other useful links

  • The State of Open Source Security survey is still open and Snyk will be donating $1 to charity per respondent, so now’s the time to do your part [LINK]

  • CNCF H1 Survey [LINK]

  • The State of Cloud Native Development Survey [LINK]

If you have something to share with the community – feel free to join the MyDevSecOps community Slack, or send the team an email.