DevOps Conference
The Conference for Continuous Delivery, Microservices,
Containers, Clouds and Lean Business

PenTesting from the inside: every Engineer can think like a Hacker

Session
Until February 17:
✓ Save up to £333
✓ Arduino Starter Kit or Amazon Echo Dot for free
✓ Group discount
Register now
Until February 17:
✓ Save up to £333
✓ Arduino Starter Kit or Amazon Echo Dot for free
✓ Group discount
Register now
Bis zum 3 März:
✓ Sparen Sie bis zu 892 €
✓ Transformation Day gratis
✓ Raspberry Pi oder Arduino gratis
Jetzt anmelden
Until March 3:
✓ Save up to 892€
✓ Transformation day for free
✓ Raspberry Pi or Arduino for free
Register now
Thank you for joining!
Register now
Thank you for joining!
Register now
Thank you for attending
Thank you for attending
Thank you for attending!
Danke für Ihre Teilnahme!
Infos
Monday, September 27 2021
11:15 - 12:00

If you ask software engineers, most of them will say that obviously they care about security. Unfortunately, the reality of competing priorities often relegates security testing to the annual third-party penetration test report… too little, too late!

DevSecOps advocates a mindset where security is everybody’s responsibility and that with the right tools and knowledge, but this cannot happen without proper support and upskilling. The good news is, as engineers we are fast learners, we love to solve problems… and we like to try and break things.

Over the last year, I have been running “Internal PenTest” events with several groups of developers, testers and SREs. For a day, we step back from the usual work and cross to the other side to answer the question: can we hack the applications that we’ve been developing? Equipped with the wealth of insider knowledge, the team explores a specific area of the application, models threats, searches for vulnerabilities and attempts to exploit them.

So far, every session has always finished with a list of security fixes, but the real value is in the learning, when engineers will go back to their daily work with this new hacking knowledge and build more secure applications.

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von London London .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Berlin Berlin .

Take me to the full program of Zum vollständigen Programm von New York New York .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Singapore Singapur .

This Session belongs to the Diese Session gehört zum Programm vom New YorkNew York program. Take me to the program of . Hier geht es zum Programm von Munich München .

This Session Diese Session belongs to the gehört zum Programm von New YorkNew York program. Take me to the current program of . Hier geht es zum aktuellen Programm von London London , Berlin Berlin , New York New York , Singapore Singapur or oder Munich München .

Stay tuned:

Behind the Tracks

 

Kubernetes Ecosystem

Docker, Kubernetes & Co

Microservices & Software Architecture

Maximize development productivity

Continuous Delivery & Automation

Build, test and deploy agile

Cloud Platforms & Serverless

Cloud-based & native apps

Monitoring, Traceability & Diagnostics

Handle the complexity of microservices applications

Security

DevSecOps for safer applications

Business & Company Culture

Radically optimize IT

Organizational Change

Overcome obstacles on the road to DevOps

Live Demo #slideless

Showing how technology really works