Changes to your program have been saved!

x

Please log in to change your schedule!

x

Your rating has been saved!

x

Please log in to add a talk into your program!

x
Daniel Cuthbert

Daniel Cuthbert

Global Head of Cyber Security Research

Banco Santander

DETAILS

JUNE
12
14:00 - 18:00
Riverview Building, Svornosti 2, Prague 5

Workshop Focus

Dev
Design
Business
Marketing

Frictionless CI/CD Security

Adding security into your pipeline has traditionally been a hack of note. It's frustrating and drives many away from the benefits of looking for bugs at commit time using Static Application Security Testing (SAST) tools.

This workshop looks at breaking that frustrating cycle and shows you how to get the best out of two freely available and, frankly, amazing tools called Semgrep and GitHub's CodeQL. We will play with:

- Software Composition Analysis (SCA) tools and learn how to easily create a Software Bill of Materials (SBOM).
- Adding Semgrep into your IDE workflow.
- Using GitHub Actions to add Semgrep & CodeQL to scan for vulnerabilities on push/pull requests.

You’ll also learn how all these tools work, what to expect from them, and how to understand your findings and ignore the noise. This workshop is hands-on. Daniel wants to see your code, so you can learn how to try and secure it without hating all things security in the process.

This half-day workshop is only available for participants who attend on-site.

Daniel Cuthbert

Daniel is the Global Head of Security Research for a large bank. With a career spanning over 20 years on both the offensive and defensive side, he's seen the evolution of hacking from small groups of curious minds to organised criminal networks and nation states we see today. He is the original co-author of the OWASP Testing Guide, released in 2003 and now the co-author of the OWASP Application Security Verification Standard (ASVS).

0%

Before you level up your skills at WebExpo

We use cookies and similar technologies to offer you a better browsing experience.

To get the most out of your visit, please accept them to make sure WebExpo’s website stays at the top of its game. You can adjust your cookie settings now by clicking “Manage my cookies” or change your preferences at any time by clicking on “Update my Cookies” in the footer.