Level: Tehnical
Abstract:
Want to build secure applications without co-sponsoring a Formula 1 team?
Open source tools have become essential in today’s cybersecurity landscape, offering comprehensive, low cost solutions for securing modern applications.
In this workshop, we’ll explore the full spectrum of how open source tools can be leveraged to secure your applications from development to deployment, covering both the code and cloud layers. We’ll walk through specific tools like:
- ZAP for web application scanning
- Trivy for container security
- Checkov for threat detection in cloud assets
- Opengrep for SAST and IaC
All these tools will feed into DefectDojo, an open source vulnerability management platform that acts as a single dashboard to aggregate, visualize, and manage all your security findings. Through live demonstrations, you’ll see (and use) these tools in action and understand how to integrate this ecosystem into your development pipeline to enforce security at every stage.
We’ll also dive into real-world examples where open source tools excel and where they may not always be the best fit and how you can use AI to bridge the gap between commercial tools and open-source scanners.
By the end of this session, you’ll walk away with practical strategies to secure your application’s entire stack with open source tools, as well as an understanding of the limitations to be mindful of. This workshop is ideal for security engineers, developers, and DevOps teams looking to improve their security posture using open source solutions
Bio:
Mackenzie Jackson aka Mackenzie is a developer advocate with a passion for DevOps and code security. As the co-founder and former CTO of a health tech startup, he learnt first-hand how critical it is to build secure applications with robust developer operations.
Today as the Developer Advocate at GitGuardian, Mackenzie is able to share his passion for code security with developers and works closely with research teams to show how malicious actors discover and exploit vulnerabilities in code.