DevSecCon24 – 24hr virtual conference

We just wrapped up our first-ever virtual DevSecCon event, with 1700+ attendees in 24 hours, across 3 time zones. If you’ve always wondered how to thread model the Death Star, how to be a SOAR winner, or perhaps where there might be an untapped security talent pool then check out the recorded videos below.

We covered all things culture, processes, and engineering around DevSecOps, across excellent sessions, keynotes, panels, and ignites.

Thanks to our speakers, sponsors and everyone who joined in — until the next one. Follow @devseccon on Twitter to stay tuned for upcoming events, local events and meetups, and virtual events to come.

Sessions in this playlist

APAC

• APAC KEYNOTE: Continuous Auditing: Myth vs Reality – Mohammed A. Imran

• Domain models: security as a first-class concern – Andrew Harcourt

• Collection is not detection and other rules for modernising sec ops – Sarah Young

• Building an Observable Infrastructure and Code – Aravind Putrevu

• The biggest security talent pool you’ve never heard of – Mike Tozer

• The Hacker Hippocampus – Chloe Messdaghi

• How to be a SOAR winner – Samantha Humphries

• IGNITES: Going DevOps: Why „top-down or bottom-up” might be the wrong question! – Sabine Wojcieszak

• IGNITES: How to Attract More Women (and not the way you think) – Moran Weber

• IGNITES: Things I learned about software from musicals – Victoriya Kalmanovich

• APAC PANEL: The Future of DevSecOps – (Moderator) Mohammed A. Imran, Mohan Yelnadu, Jerome Walter, Stefan Streichsbier & Sarah Young

EU

• EU KEYNOTE: Design Thinking for Secure Development – Wolfgang Goerlich

• The Container Security Checklist – Liz Rice

• GitOps Progressive Security For Kubernetes – Gadi Naor

• Threat Modeling the Death Star – Mario Areias

• Dev-First Security: Learning from the pioneers – Guy Podjarny

• Secure Your Code — Injections and Logging – Philipp Krenn

• How to Verify for Security Early and Often – Katy Anton

• Infrastructure-as-code Security: Why, What, and How – Barak Schoster

• Securing Containers by Breaking in – Simon Maple

• The Evolution of the Software Supply Chain Attack – Ilkka Turunen

• Container Security: A Five Year Perspective – Justin Cormack

• IGNITES: Unquantified Serendipity: Diversity in Development – Quintessence Anx

• IGNITES: The Five Love Languages of DevOps – Matty Stratton

• IGNITES: Pull Request Etiquette – Erik Zaadi

• EU PANEL: The Joys Of Integrating Security Testing Into Your Pipeline – (Moderated) Michael Man, Dr. Wendy Ng, Liz Rice, Grant Douglas, Ashraf Aboukass & Katie Gamanji

AMERICAS

• AMERICAS KEYNOTE: Security Learns to Sprint: DevSecOps – Tanya Janca

• AppSec is dead. Long live DevSecOps! – Matias Madou

• Securing the Pipeline with Open Source Tools – Michelle Ribeiro

• Hardening your soft software supply chain – Maya Kaczorowski

• From Developer to Security: Looking at Security from a Developer Lens – Rey Bango

• Modern Dynamic Application Security Testing – Scott Gerlach

• Exploring the Benefits of Continuous Security and Compliance for Cloud Infrastructure – Fernando Cardoso

• A Crash Course in Audit Logs – Justin Massey

• FIRESIDE CHAT: Reality Check on Deep Fakes – Alyssa Miller, J.M. Porup & Andrea Downing

• When Stress Meets Tech – Crux Conception

• IGNITES: Stuffing your Cloud into your SOCs – Brendan O’Connor

• IGNITES: Doodle with Purpose – Ashton Rodenhiser

• IGNITES: Community: Not Just One Day a Year – Sam Hepburn

• AMERICAS PANEL: Lessons Learned from the DevSecOps Trenches – (Moderator) Clint Gibler, Doug DePerry, Tanya Janca, Zane Lackey & Justine Osborne

CHECK OUT THE FULL PLAYLIST HERE