DevSecOps Road Trip Germany stop - Sven Ruppert & Mathias Conradt
00:00 - Welcome to the Germany stop
06:10 - Session 1: Polyglot apps lead to polyglot security holes. It's time to fight back!
22:50 - Session 2: User Profiling through Open Source Intelligence (OSINT)
47:39 - Q&A
Session 1: Polyglot apps lead to polyglot security holes. It's time to fight back!
With convenience on the developer side, based on dependencies, abstraction layers and the composition of technologies we are getting up speed in our production pipeline. But at the same time, it's Pandora's box in terms of security too. How can you close this gap and eliminate the weaknesses? I'll show you how to start with free tools to protect your stack against known security vulnerabilities, increase productivity while working fast efficient and comfortable and why quality based on an excellent test-coverage will be your safety belt.
Sven Ruppert, Developer Advocate at Frog
Session 2: User Profiling through Open Source Intelligence (OSINT)
When we as consumers log on to an online service with just using a single piece of information like an email address, phone number, username or via Social provider such as Facebook/Google/Twitter, what kind of information can actually be derived from that in order for somebody to run some user profiling on us?
The recon work based on openly available information out on the internet is called Open Source Intelligence (or short: OSINT) and is especially useful for marketing departments for targeted marketing activities. It allows to put together a more comprehensive user profile based on an initial single factor. However, this might not always happen with the consent of the user. This talk will give an overview of what is technically possible and what we as consumers should watch out for.
Mathias Conradt, Senior Solutions Engineer at Snyk