This session is designed for engineers and security practitioners who want hands-on, practical experience with leading DevSecOps tools in real-world scenarios. We’ll dive into actual pipelines, dashboards, or IaC code and work through: -Integrating SAST tools like Coverity or SonarQube into CI/CD -Using SCA tools …
This hands-on session is tailored for developers, DevOps engineers, or security professionals who want to design and implement a secure CI/CD pipeline using GitLab CI. We'll cover: -Designing secure GitLab pipelines with .gitlab-ci.yml -Integrating SAST, SCA, DAST, secret detection, and container scanning -Automating security gates …
In this session, you’ll learn how to generate, manage, and continuously maintain a Software Bill of Materials (SBOM) using BlackDuck Software Composition Analysis (SCA). This hands-on mentoring session will cover: -Introduction to SBOM and its importance for security, compliance, and EU CRA/NTIA standards -Setting up …
Interested in breaking into DevSecOps or strengthening your fundamentals? This session is designed for engineers, developers, and IT professionals who want to understand the core principles of integrating security into DevOps workflows. In this session, we’ll cover topics such as: -What is DevSecOps and why …
This session is designed for security engineers, developers, and compliance officers who want to assess and manage the risks of using open-source components in their applications. We'll walk through: -Identifying high-risk OSS components in your codebase -Using SCA tools (e.g., BlackDuck, OWASP Dependency-Check) to assess …
