Developers Don’t Want Someone Looking Over Their Shoulder
Engineering teams thrive when they have autonomy and ownership, not when they have to wait on code reviews from AppSec. In this session, Suzie Prince (Head of Product, DevOps, Atlassian) and Gareth Rushgrove (VP, Product, Snyk) discuss the importance of autonomy for developers, what tools to give them to autonomously to deal with vulnerabilities that require security expertise, and why it’s so important for security to start with development teams.
VP of Product, Snyk
Head of Product, DevOps, Atlassian
Never Get Pwned! Understanding the OWASP Top 10
If you’re a software developer, chances are you’ve seen a lot of security vulnerabilities in the software you’re working on, even if you didn’t realize it.
In this workshop you’ll learn what the 10 most critical security issues in web applications are and how to prevent them. In particular, you’ll get to explore 3 of the top 10 vulnerabilities in a devastating way:
- Cross-site scripting (XSS)
- Broken authentication
- Injection attacks (SQLi)
You’ll see how these issues can creep into your applications, what the consequences can be, and how to prevent that from happening.
Co-founder Secure Delivery & OWASP Global Board Member, Secure Delivery
Snyk Demo track
The Developer-First Security Experience on OpenShift
Snyk and Red Hat believe that DevSecOps is best scaled when developers can take security into their own hands, empowered by tools that enable and encourage IT Operations and security teams to participate in, and gain visibility into, the vulnerability remediation process. Toward this end, we’re collaborating to seamlessly integrate security throughout the CodeReady Toolchain, part of the OpenShift developer experience, to help our users realize these benefits, regardless of the team they belong to. In this session, we’ll show you how to fully leverage Snyk’s capabilities within your OpenShift environment on your journey to DevSecOps.
Principal Solutions Architect, Red Hat