Come and join us for another knowledge sharing & networking event. At this event, we look at showcasing a fully automated DevSecOps pipeline from Contrast Security APAC.
Objectives and takeaways from the sharing:
- Illustrating the current challenges and pitfall of AppSec in CI/CD pipeline
- Achieving the highest level of automation in the Pipeline; the ability to accurately identify vulnerabilities during functional testing (CI) and be able to protect the application in production (CD)
- Able to accurately identify the high risk open source libraries and the ability to deter targeted attacks on the vulnerable lib on the fly.
- Illustrate Pipeline with Jenkins, IDE, JIRA, Pivotal, Burp, Docker and ETC.
Where and When:
Venue: To be advised
- Date: 17th September 2019, Tuesday
- Time: 6:30pm (1830 hrs) Registration and Networking
- Tickets: – Free for (ISC)2 Singapore Chapter and ISACA Singapore Chapter members
This is a chapter professional development event thus 2 CPE hours will be available.
(ISC)2 Singapore Chapter members please login and register through the (ISC)2 Singapore Chapter website on the Upcoming Events page.
Jarkko (MSc, CISSP) is a Technical Specialist at Contrast Security, enabling organizations with DevSecOps for fun and profit.
Jarkko kickstarted his career in security by researching and popularizing fuzz testing back in 2000. Together with Secure Programming Group at University of Oulu, Finland (OUSPG) he discovered and responsibly disclosed hundreds of critical vulnerabilities in SNMP, LDAP, VoIP and IPSec implementations. He then joined Codenomicon to develop commercial security testing products, and thus continued to impact and improve the security of critical infrastructure worldwide. He was influential to the discovery of OpenSSL Heartbleed vulnerability in 2014.
His current work revolves around securing modern software at scale, along with DevOps, agile, CI/CD, containers, kubernetes, PaaS, IAST, RASP and alike.
Ram is Senior Technical Consultant at Contrast Security APAC, brings over 6 years of Application Security experience along with more than 15 years as an IT Professional.
Before Joining Contrast Security APAC, he was Working as a Senior Technical Consultant/Technical Account Manager in HP/HPE/Micro Focus (Fortify), delivering technical assistance to customers and partners worldwide for technical problems using all Fortify products (source code and website assessment).
Apart from that was managing and mentoring a Team of Technical Consultants; Also, recognised with “One HPE Employee Award” for January 2016.
Jeff brings over 18 years of Cyber Security; Enterprise and Embedded test automation experiences to the Contrast Security APAC team. Jeff was most recently the co-founder of Trinity Technologies where he helped built it from a startup to a leading integrator for safety critical application testing and industry compliance verification in Asia.
Prior to co-founding Trinity Technologies, Jeff was the VP of Parasoft APAC where he expanded the operation from one location in 2003 to eight by 2011 and saw his respective regional revenue grew by more than 500%. Jeff has extensive knowledge and hands on experience in application security and enterprise application testing. Prior to joining Parasoft, Jeff was with a military system integrator where he represented multiple security technologies such as Northrop Grumman NEWS (Network Early Warning Systems) and was involved in C4ISR and Cyber Security Projects for Taiwan Armed Forces.