DSC India

Securing Web and API endpoint for C-native deployments

Register

Date

June 23, 2023

Time

7:30pm IST

Location

Virtual

play_circle

Questions? Join the conversation on Discord channel devsecon-discussions-🗣

About the event:

DevSecCon India will host Sai Karthik, Lead Cloud Security Technologist at Check Point Software Technologies and Animesh Pathak, DevRel at Keploy for their June event. 

Location (Virtual):

Agenda:

  • 7:30 PM: Session kicks off + Live stream 
  1. Session 1: Securing the application in SDLC by Animesh Pathak
  2. Session 2: Securing Web and API endpoint for C-native deployments by Sai Karthik

 

Session 1: Securing the application in SDLC

In today’s digital world, security breaches and data thefts are becoming more and more common. As a result, secure coding practices have become a top priority for software developers. However, with the increased reliance on software, comes the increased risk of security breaches and data thefts. It’s crucial for developers to follow secure coding practices to mitigate these risks.

The Session will cover the following topics:

  1. Identifying common security vulnerabilities
  2. Debugging and testing secure code
  3. Incorporating security into the SDLC

 

Session 2: Securing Web and API endpoint for C-native deployments

Today’s web application security practice still heavily relies on securing web-apps as monolithic entities at the point of ingress, far from the app being protected. This approach fails to effectively secure cloud-native apps, especially ones that have embraced microservices. A new breed of web-app security practice is on the horizon called Cloud-native WAAP (Web Application and API Protection). Cloud-native WAAPs deeply integrate into C-native environments, are low-maintenance and self-sufficient, and are DevOps adept. Open-appsec is an open-source cloud-native WAAP that protects your web apps and APIs. It uses a machine learning (ML) engine to continuously analyze the HTTP/S requests made by users as they interact with your web application or API. The open-appsec engine learns how users normally interact with your web application and provides preemptive web app & API threat protection against OWASP-Top-10 and zero-day attacks. It can be deployed as an add-on to Kubernetes Ingress, NGINX, Envoy (soon), and API Gateways.

Sai Karthik

Lead technologist - Cloud Security & DevSecOps at Check Point Software Technologies

About Sai Karthik

Sai Karthik is an accomplished Cloud Security Architect at Check Point with a strong background in public cloud security and network security. He has been working as a Cloud Security SME for over 4 years and has an overall security engineering experience of 7 years. He has specialized expertise in cloud native security and DevSecOps and is responsible for managing and technically driving engagements across APAC. Sai’s technical skill set is predominantly revolves around public cloud security, with a focus on AWS, Kubernetes, containers and various CICD tools. From a security tooling point-of-view Sai specializes in CSPM, CWPP, Application Security testing tools, and CNAPP. Sai’s career began as a Linux systems engineer, and he has worked as a freelance Linux systems admin in the past. In addition to his professional accomplishments, Sai has a passion for OSINT and is an amateur mixologist and whiskey nerd in his free time.

We use cookies to ensure you get the best experience on our website.Read Privacy Policy
close