Welcome to the DevSecOps Workshop

We will kick off the workshop with a short look at the objectives, agenda, and the speakers.

Speaker: Daniel Linhart | Managing Partner & Co-Founder | Auvaria

What is DevSecOps and how to adopt it?

More and more companies are adopting DevOps philosophies, practices, and tools to increase the velocity in delivering their services. However, traditional security practices where security is evaluated at a later stage within the DevOps lifecycle by a dedicated security team can often not keep up the speed and slow down service delivery. DevSecOps integrates the term security into DevOps and means that security should be adressed from the beginning. In this talk, we have a closer look at DevSecOps and how to get started with it.

Speaker: Daniel Linhart | Managing Partner & Co-Founder | Auvaria

Mitigating Risks in Software Supply Chain Security

By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done. In this session, we’ll explore the software supply chain as an attack vector – by identifying risks and mitigation strategies throughout the software development processes and environment. Join us to learn how you can meet new requirements and protect your software from these attacks.

Speaker: Harry Kimpel | Principal Solutions Architect | Snyk

Short Break & Refreshments

Access Management as Code

Managing access rights in a hyper-growth scenario is challenging, especially for your IT teams. In this workshop, we'll explore how automation and managing your entitlements and accesses as code can save your IT team a tremendous amount of time, and help you keep your organization secure.

Speaker: Quentin Laplanche | Director, Core Infrastructure and Security Platform | Bitpanda

Hands-on Lab: Implementing Security Policies as Code with Open Policy Agent

Open Policy Agent (OPA) is an open source policy engine that enables the enforcement of policies across your environment. During this hands-on example you create your own policies as code using OPA's policy language Rego to check compliance of your Terraform infrastructure changes before the deployment.

Speaker: Daniel Linhart | Managing Partner & Co-Founder | Auvaria

Closing and Feedback

Before we move on to the networking, we will wrap up the day with learnings and feedback.

Speaker: Daniel Linhart | Managing Partner & Co-Founder | Auvaria

Networking with Drinks & Snacks