DEVSECOPS
READY FOR NEXT
Securing the Mission-Critical Software Supply Chain
June 27 | 09:30 am – 04:30 pm | London
Boost your DevOps and SSC Practices
JFrog invites you to a FREE full-day event in London, where you can stay ahead of the game and always be Ready For Next!
You will learn:
- Strategies for protecting your software supply chain from security exposures
- Different approaches to analyzing your source code and binary artifacts for security issues
- What is the SBOM and why is it important for all developers?
- Best Practices for Well-Architected DevOps on AWS
The event is FREE of charge, courtesy of JFrog!
We have a limited number of seats. Please RSVP to confirm your spot!
event will start in
speakers
Or Yaacov
VP of SolutionS
Engineering
ROHIT KUMAR SINGH
Solutions Architect – Enterprise FSI
AIDAN KNOWLES
Sr Cybersecurity Engineer
BATEL ZOHAR
Developer Advocate
Roy Ben ShOushan
Solutions Engineering Manager
Yair Mizrahi
Senior Security Researcher
HELEN BEAL
Chief Ambassador
agenda
Curious to learn what lies ahead in the world of software delivery? In this session, we will explore the realm of DevOps and DevSecOps platforms. Prepare to discover why prominent organizations worldwide are embracing a revolutionary approach to delivering, securing, and releasing software. Our aim is to introduce you to an impactful solution that transforms the entire software development lifecycle, from code creation to production, reshaping the way software is delivered and protected. Get ready for an inspiring journey into the future of software delivery. Get Ready for Next!
10:40 AM
Ensuring software security is essential for any organization that wants to prevent risks from entering their software development lifecycle (SDLC). In this talk, we will explore the key principles of software security and how to integrate them into your development process. We’ll show you how to identify potential risks in your SDLC and provide you with practical solutions to mitigate them. Additionally, we’ll discuss the importance of software bill of materials (SBOM), and how it can help you to secure your software supply chain.
11:05 AM
11:25 AM
Developers are now the target! As DevOps practices become ubiquitous, the responsibility of maintaining company assets has shifted from IT professionals to developers and DevOps engineers. However, this paradigm shift has also made developers a prime target for attackers. In this talk, we will explain in detail the modern attack techniques that target developers, while focusing on malicious package attacks. We will also discuss the severity of classic attack techniques, such as exploiting public vulnerabilities (CVEs), and delve into practical ways to differentiate between CVE “noise” and genuine severe vulnerabilities.
12:05 PM
As part of the growing demand for end-to-end software supply chain solutions, we’re introducing a release and promote solution. With JFROG’s platform organizations can drive a full secure, traceable, immutable and extendable release while applying the necessary gates to ensure risk free release processes.
12:35 PM
Join Aidan as he takes you on a journey through Workday’s DevSecOps transformation. In this session, he will share his firsthand experience in expanding JFrog Xray API with serverless automation, enabling the scaling of open source governance from CI/CD pipelines to serverless environments. Discover the challenges faced, the strategies implemented, and the valuable insights gained along the way. Gain practical knowledge and inspiration to elevate your own DevSecOps practices and drive excellence in your organization.
13:05 PM
In this session, you will learn about all of the components required to align your DevOps practices to the pillars of the AWS Well-Architected Framework. Review organization adoption, development lifecycle, quality assurance, automated governance, and observability.
DevOps is all about balancing throughput with stability but research in recent years has shown that for many enterprises DevOps adoption has stalled and they are unable to lift themselves out of the medium-level performance category and reach the higher level capabilities and fully realize the promise of DevOps. In this talk, Helen looks at why that is and, in particular, where security can slow us down and how we can use techniques such as value stream management alongside DevSecOps to accelerate the flow of value to our customers and deliver exception and safe digital experiences. Key takeaways:
|
We will discuss the new approaches emerging in the DevOps market including software supply chain security, software development life cycle controls, and the increased need for provenance of software