DevSecOps Road Trip UK stop - Andrew Martin & Lili Kastilio
Session 1: Threat Modelling Kubernetes
Cloud native container and Kubernetes systems bring new threats and risks to our precious workloads. As cloud technologies undergo rapid innovation and new tools and techniques emerge, security can get left behind. The answer to this conveyor-belt of potential insecurity? Threat modelling!
Andrew Martin, CEO & Co-Founder of Control Plane
Session 2: Your 3rd party dependencies are disasters waiting to happen
With recent increase of data breaches, it is now more important than ever to really start paying attention to application security. As we introduce more and more open source dependencies into our code bases, performance is no longer the only concern. With every new dependency we are potentially bringing in new vulnerabilities that attackers are waiting to exploit. Anyone can introduce vulnerable packages. How do you know that the open source package you just added in is not going to cause your customers data ending up for sale on the dark market?
Lili Kastilio, Technical Services Architect at Snyk