Reto Kaeser
You can’t hack what you can’t see
#1about 3 minutes
The cultural shift from DevOps to DevSecOps
DevOps succeeded by fostering a culture of shared responsibility, and now security must be integrated to break down the final silo.
#2about 8 minutes
Integrating security into requirements and design phases
Proactively address security by defining abuse cases during requirements and classifying or anonymizing data during the design phase.
#3about 5 minutes
Hardening the CI/CD pipeline with automated security tools
Shift security left by integrating automated vulnerability management for dependencies and continuous penetration testing into the CI/CD process.
#4about 3 minutes
Why traditional firewalls fail against internal east-west traffic
Most network traffic occurs internally between services (east-west), bypassing perimeter firewalls and exposing a soft interior to application-level attacks.
#5about 3 minutes
Moving from perimeter defense to workload microsegmentation
Protect against internal threats by decoupling security from the network and applying logical firewalls directly to each workload through microsegmentation.
#6about 4 minutes
Applying Zero Trust principles with security as code
Implement a Zero Trust model by having developers define workload communication intentions as code, which automatically generates and enforces security policies.
#7about 2 minutes
The benefits of a modern workload-centric security architecture
Adopting a Zero Trust, workload-centric model provides benefits like increased agility, complete application-level visibility, automated compliance, and real-time forensics.
#8about 1 minute
A developer's responsibility to build secure software
Developers must take ownership of security by adopting a paranoid mindset to build more resilient software in an increasingly dangerous cloud environment.
Related jobs
Jobs that call for the skills explored in this talk.
Matching moments
05:49 MIN
Cybersecurity is a foundational necessity not a passing trend
Decoding Trends: Strategies for Success in the Evolving Digital Domain
03:08 MIN
Shifting security left with collaborative threat modeling
We adopted DevOps and are Cloud-native, Now What?
04:48 MIN
The expanding role of developers in security
Vulnerable VS Code extensions are now at your front door
03:50 MIN
Common attack vectors and the zero trust principle
Walking into the era of Supply Chain Risks
04:29 MIN
The modern DevSecOps approach to application security
Maturity assessment for technicians or how I learned to love OWASP SAMM
04:00 MIN
The expanding security responsibilities of developers
Vue3 practical development
02:26 MIN
Why developers make basic cybersecurity mistakes
Don't Be A Naive Developer: How To Avoid Basic Cybersecurity Mistakes
02:28 MIN
Key takeaways on IDE and developer tool security
You click, you lose: a practical look at VSCode's security
Featured Partners
Related Videos
33:20DevSecOps: Security in DevOps
Aarno Aukia
51:41Climate vs. Weather: How Do We Sustainably Make Software More Secure?
Panel Discussion
21:53Simple Steps to Kill DevSec without Giving Up on Security
Isaac Evans
37:36Walking into the era of Supply Chain Risks
Vandana Verma
27:36Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?
Tino Sokic
22:18Why Security-First Development Helps You Ship Better Software Faster
Michael Wildpaner
27:32Security Pitfalls for Software Engineers
Jasmin Azemović
45:19Security Challenges of Breaking A Monolith
Reinhard Kugler
Related Articles
View all articles
.png?w=240&auto=compress,format)
From learning to earning
Jobs that call for the skills explored in this talk.
iits-consulting GmbH
München, Germany
Intermediate
Go
Docker
DevOps
Kubernetes
SYSKRON GmbH
Regensburg, Germany
Intermediate
Senior
.NET
Python
Kubernetes
smartclip Europe GmbH
Hamburg, Germany
Intermediate
Senior
GIT
Linux
Python
Kubernetes
Peter Park System GmbH
München, Germany
Senior
Python
Docker
Node.js
JavaScript
HvS-Consulting GmbH
Garching b. München, Germany
Intermediate
Senior
.NET
Angular
TypeScript
RDT INGENIEROS