DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

PenTesting from the inside: every Engineer can think like a Hacker

Session
Until August 26:
✓ Save up to $320
✓ Group discount
✓ Extra specials for freelancers
Register now
Until August 26:
✓ Save up to $320
✓ Group discount
✓ Extra specials for freelancers
Register now
Until August 12:
✓ Workshop Day for free
✓ Save up to $580
✓ 10% team discount
Register now
Until August 12:
✓ Workshop Day for free
✓ Save up to $580
✓ 10% team discount
Register now
Until August 19:
✓ Transformation Day for free
✓ Save up to € 830
✓ Raspberry Pi or C64 Mini for free
Register now
Bis 19. August:
✓ Transformation Day gratis
✓ Bis zu 830 € sparen
✓ Raspberry Pi oder C64 Mini gratis
Jetzt anmelden

Until conference starts:
✓ Team discounts
✓ All inclusive 4-Day Passes available

Register Now

Until conference starts:
✓ Team discounts
✓ All inclusive 4-Day Passes available

Register Now

Thank you for the great conference
✓ See you in 2022!
Danke für die tolle Konferenz
✓ Wir sehen uns 2022!
Infos
Tuesday, September 28 2021
09:00 - 09:45

If you ask software engineers, most of them will say that obviously they care about security. Unfortunately, the reality of competing priorities often relegates security testing to the annual third-party penetration test report… too little, too late!

DevSecOps advocates a mindset where security is everybody’s responsibility and that with the right tools and knowledge, but this cannot happen without proper support and upskilling. The good news is, as engineers we are fast learners, we love to solve problems… and we like to try and break things.

Over the last year, I have been running “Internal PenTest” events with several groups of developers, testers and SREs. For a day, we step back from the usual work and cross to the other side to answer the question: can we hack the applications that we’ve been developing? Equipped with the wealth of insider knowledge, the team explores a specific area of the application, models threats, searches for vulnerabilities and attempts to exploit them.

So far, every session has always finished with a list of security fixes, but the real value is in the learning, when engineers will go back to their daily work with this new hacking knowledge and build more secure applications.

Take me to the full program of Zum vollständigen Programm von New York New York .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Singapore Singapur .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Munich München .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von London London .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Berlin Berlin .

This Session Diese Session belongs to the gehört zum Programm von New YorkNew York program. Take me to the current program of . Hier geht es zum aktuellen Programm von New York New York , Singapore Singapur , Munich München , London London or oder Berlin Berlin .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the road to DevOps

Live Demo #slideless

Showing how technology really works