The State of Secrets Sprawl report 2024 is now live!

DOWNLOAD
No items found.

CodeSecDays Virtual

COME AND SPEND HALF A DAY WITH GITGUARDIAN, SNYK, CHAINGUARD AND THEIR CREW!

Wednesday June 28

5:15 PM CEST → 08:30 PM CEST
11:15 AM EDT → 02:30 PM EDT
8:15 AM PDT → 11:30 AM PDT

Register below

By submitting this form, I agree to GitGuardian’s Privacy Policy

Thank you! Your registration has been recorded!
Oops! Something went wrong while submitting the form.

Register below

No items found.

A word from GitGuardian

Keeping software supply chain security simple shouldn't be rocket science or a headache. However, let's face it, it's not exactly a walk in the park either. With more and more people jumping on the bandwagon, developers and security engineers are left scratching their heads. That's why GitGuardian and their crew are joining forces to clear things up.

Join us at CodeSecDays virtual, where experts will share their insights on the present and future of software supply chain security. Expect our speakers to cover a range of topics such as software signing, open-source security, secrets management, and much more! You don’t want to miss out!

This jam-packed virtual event will provide an opportunity to learn, connect with security experts, and expand your network. Register now to reserve your spot on Wednesday June 28. We'll see you there!

Speakers

Eric Fourrier

Eric Fourrier

CEO & Co-founder at GitGuardian

Rachel Stephens

Rachel Stephens

Senior Analyst at RedMonk

Sonya Moisset

Sonya Moisset

Senior Security Advocate at Snyk

Eddie Zaneski

Eddie Zaneski

Staff Devrel, OSS Engineer at Chainguard

Cenk Kalpakoglu

Cenk Kalpakoglu

Co-founder & CEO at Kondukto

Nic Manoogian

Nic Manoogian

Senior Software Engineer at Doppler

Mackenzie Jackson

Mackenzie Jackson

Developer Advocate at GitGuardian

Kayssar Daher

Kayssar Daher

Security Engineer at GitGuardian

Agenda

June 28, 2023 5:30 PM

Imagine a world where software supply chain security is solved

Rachel Stephens

Senior Analyst at RedMonk

Sonya Moisset

Senior Security Advocate at Snyk

Nic Manoogian

Senior Software Engineer at Doppler

Kayssar Daher

Security Engineer at GitGuardian

Eddie Zaneski

Staff Devrel, OSS Engineer at Chainguard

Description:

Join our panel of security practitioners and software engineers from Snyk, GitGuardian, Doppler and Chainguard, with Rachel Stephens from RedMonk moderating as we imagine a world where the challenges of software supply chain security have been solved. A world where developers do not have to worry about the security implications of their code, where there are no more vulnerabilities in open-source software, and where secrets management is effortless and secure. What would such a world look like?

Break

06:15 PM CEST → 6:30 PM CEST
12:15 PM EDT → 12:30 PM EDT
09:15 AM PDT → 09:30 AM PDT

Track 1

June 28, 2023 6:30 PM

Tame Secrets Sprawl: Remediate At Scale & Prevent New Leaks

Every hardcoded secret is a risk. Still, no security engineer has enough time on their hand to go through thousands of incidents! Join Mackenzie Jackson to discover practical strategies to tackle secrets sprawl in your codebase. We will guide you through a framework that empowers your security teams to prioritize using context, investigate incidents collaboratively with development, and, lastly, equip developers with the right tools to stop leaks.

Speaker

Speakers

Mackenzie Jackson - Developer Advocate at GitGuardian
-
-
-
-
-
June 28, 2023 7:00 PM

The Iceberg: Your Attack Surface Just Got Bigger (How to mitigate risks in your OSS Projects)

Software supply chain attacks are not a new security concern, but recent high-profile attacks such as SolarWinds, CodeCov, and Kaseya have brought the topic to the forefront of cybersecurity awareness across the globe. Supply chain attacks have not only increased in volume and frequency, but have also become more sophisticated. This trend, together with the potentially wide impact of a singular successful supply chain attack, requires maintainers to take dedicated steps to ensure the security and integrity of their projects. You will learn how to secure your CI/CD pipeline by setting up guardrails at each stage and hardening your OSS projects.

Speaker

Speakers

Sonya Moisset - Senior Security Advocate at Snyk
-
-
-
-
-
June 28, 2023 7:30 PM

Detect intruders in your software supply chain

Our software supply chains are under constant attack, and the old ways of AppSec are not infallible. Attackers are now spearphishing developers, exploiting hardcoded secrets and contaminating the open-source ecosystem to find a way in. What might save us? Good old honeytokens. Decoy secrets or honeytokens, can help you lay traps in every corner of the DevOps pipeline: code repositories, CI pipelines, registries, and more... Join us to learn how to turn the table on attackers and trick them into revealing themselves!

Speaker

Speakers

Stanislas Crépin - Head of Solutions Engineering at GitGuardian
Ziad Ghalleb - Product Marketing at GitGuardian
-
-
-
-

Track 2

June 28, 2023 6:30 PM

Answer the Unanswerable with AppSec Metrics & Get Management Buy-In

How long did it take to fix critical vulnerabilities in the last quarter of the year?

Without metrics, it is challenging to answer these types of questions and prove the effectiveness of an AppSec program. While manually tracking AppSec metrics can be a challenging if not an impossible task, orchestration and automation can help unlock the power of AppSec metrics for a measurable AppSec program.

Speaker

Speakers

Cenk Kalpakoglu - Co-founder & CEO at Kondukto
-
-
-
-
-
June 28, 2023 7:00 PM

The Power of SecretOps: Automating Secrets Workflows

Learn about the core components of secrets management and how automating secrets workflows can significantly enhance security and operational safety in the DevOps process. From secrets storage and governance to orchestration, lifecycle management, and observability, we’ll walk through each layer of SecretOps, providing real-world insights and best practices. Get ready to empower your team with the tools and knowledge to streamline secrets management and ensure robust security practices in your organization.

Speaker

Speakers

Nic Manoogian - Senior Software Engineer at Doppler
-
-
-
-
-
June 28, 2023 7:30 PM

Wolfi OS & Building Declarative Containers

Building containers today is a very manual process that requires artisanally handcrafting a Dockerfile or copy/pasting one from the internet. Is there a better way? We think so, and that's why we built Wolfi OS. Wolfi is a stripped-down community Linux distro designed for the cloud-native era. It doesn't have a kernel of its own, instead relying on the environment (such as the container runtime) to provide one. Packages in Wolfi are declaratively built, which allows for smaller, more granular containers. In this session, you'll learn how to use Wolfi as your base container image to provide a secure foundation for your applications. You'll also learn how to declaratively build your own images using the same open-source tools that assemble Wolfi - apko and melange.

Speaker

Speakers

Eddie Zaneski - Staff Devrel, OSS Engineer at Chainguard
-
-
-
-
-

Reserve your spot now!

Reserve your spot now for CodeSecDays Virtual

Join GitGuardian and their crew!

Join GitGuardian and their crew!

Register below

By submitting this form, I agree to GitGuardian’s Privacy Policy

Thank you! Your registration has been recorded!
Oops! Something went wrong while submitting the form.

Register below