The scary story of DevSecOps

Abstract

You probably know about Linux Install Parties? Then let’s do the same with Security, we will follow the DevSecOps approach of the US Department of Defense. For that, nothing could be easier, come with your computer, your opensource project and your tools (IDE, CI/CD). After a few presentation slides, we will go step by step through the security of your application. If your application is dockerized, we will evoke the good practices of the ANSSI on this subject. We will see, through this workshop, how GitOps/CI/CD allow us and organizations to improve our posture towards security.