Programm: Montag, 5. Oktober – Schwerpunkt Security

14:30 – 15:30

You can’t hack what you can’t see The rise and complexity of cloud computing has not necessarily made this model defunct, but it needs extending more than ever before. Reto Kaeser

(Co-Founder & CTO von astarios)



15:30 – 16:30 How to cause (or prevent) a massive data breach – secure coding and IDOR

Most infosec professionals are aware of the massive First Financial Corporation data breach that leaked 885 million sensitive documents in 2019. What should developers do? Most industry experts advise them to "think like a hacker". Anna Bacher

(CTO von Jaroona)

16:30 – 17:30 DevSecOps: Security in DevOps You managed to introduce an agile development and operations process to your team(s). And now? How can you add security to your DevOps and get to the next level? Join us on our journey and see the tools and processes we tried and learned to value. Listen to our experiences so you do not have to make all of them yourself. Aarno Aukia

(CTO & Co-Founder von VSHN – The DevOps Company)

17:30 – 18:30 Decoupled authorization using Policy as Code Learn how to decouple authorization checks from your application using Policy as Code, implemented by the open-source software "Open Policy Agent" (OPA). We want to show how it applies to our use cases at Swisscom Cloud Native environment and complement our explanation through a demo. Denys Vitali

(DevSecOps Engineer bei Swisscom)