DevSecOps Tool Hands-On Session with

This session is designed for engineers and security practitioners who want hands-on, practical experience with leading DevSecOps tools in real-world scenarios. We’ll dive into actual pipelines, dashboards, or IaC code and work through:

-Integrating SAST tools like Coverity or SonarQube into CI/CD
-Using SCA tools like BlackDuck or OWASP Dependency-Check
-Generating and analyzing SBOMs (Software Bill of Materials)
-Setting up secrets detection or container scanning tools
-Writing custom security gates for build pipelines
-Triage workflow for managing and prioritizing security findings

You’ll walk away with a clearer understanding of tool setup, best practices, and how to fit them into your existing environment.

Bring your project or use a sample repo provided during the session!

I’m Najib Radzuan, a DevOps/DevSecOps Architect with over 16 years of hands-on experience helping individuals and organizations adopt secure and scalable engineering practices. I’ve served in diverse roles—from developer to DevOps engineer to solution manager—across cloud and on-prem environments.

My passion lies in mentoring professionals in career transformation, especially those transitioning into DevOps and DevSecOps roles. I provide practical, real-time guidance in CI/CD, infrastructure as code, and secure software delivery.

I’m well-versed in tools and platforms like Azure, AWS, Alibaba Cloud, Terraform, Ansible, and Git-based automation. Whether you're building your first pipeline or need enterprise-level architecture advice, I’m here to help you upskill, gain confidence, and succeed.

Let’s bridge the gap between where you are and where you want to be in your DevSecOps journey.