• Home
  • (ISC)2 Singapore Chapter Knowledge-Sharing Event - Automating a Full DevSecOps Pipeline
 

(ISC)2 Singapore Chapter Knowledge-Sharing Event - Automating a Full DevSecOps Pipeline

  • 17 Sep 2019
  • 6:30 PM - 9:00 PM
  • To be advised

Registration

  • Complimentary for (ISC)2 Singapore Chapter members
  • Invited guests of chapter EXCO and partner associations
  • Complimentary for ISACA Singapore Chapter members
  • Dear Members, 

    Come and join us for another knowledge sharing & networking event. At this event, we look at showcasing a fully automated DevSecOps pipeline from Contrast Security APAC.

  •  

  • Synopsis

    Objectives and takeaways from the sharing:

    1.  Illustrating the current challenges and pitfall of AppSec in CI/CD pipeline
    2. Achieving the highest level of automation in the Pipeline; the ability to accurately identify vulnerabilities during functional testing (CI) and be able to protect the application in production (CD)
    3. Able to accurately identify the high risk open source libraries and the ability to deter targeted attacks on the vulnerable lib on the fly.
    4. Illustrate Pipeline with Jenkins, IDE, JIRA, Pivotal, Burp, Docker and ETC.

 

Where and When:                                                                                                

  • Venue: To be advised

  •  Date: 17th September 2019, Tuesday
  • Time:   6:30pm (1830 hrs) Registration and Networking
  • Tickets:  – Free for (ISC)2 Singapore Chapter and ISACA Singapore Chapter members 

  

This is a chapter professional development event thus 2 CPE hours will be available. 

(ISC)2 Singapore Chapter members please login and register through the (ISC)2 Singapore Chapter website on the Upcoming Events page.

 

Presenters' Bio:

Jarkko Laemsae

Jarkko (MSc, CISSP) is a Technical Specialist at Contrast Security, enabling organizations with DevSecOps for fun and profit.

Jarkko kickstarted his career in security by researching and popularizing fuzz testing back in 2000. Together with Secure Programming Group at University of Oulu, Finland (OUSPG) he discovered and responsibly disclosed hundreds of critical vulnerabilities in SNMP, LDAP, VoIP and IPSec implementations. He then joined Codenomicon to develop commercial security testing products, and thus continued to impact and improve the security of critical infrastructure worldwide. He was influential to the discovery of OpenSSL Heartbleed vulnerability in 2014.

His current work revolves around securing modern software at scale, along with DevOps, agile, CI/CD, containers, kubernetes, PaaS, IAST, RASP and alike.

 

Ram Devarajan

Ram is Senior Technical Consultant at Contrast Security APAC, brings over 6 years of Application Security experience along with more than 15 years as an IT Professional.     

Before Joining Contrast Security APAC, he was Working as a Senior Technical Consultant/Technical Account Manager in HP/HPE/Micro Focus (Fortify), delivering technical assistance to customers and partners worldwide for technical problems using all Fortify products (source code and website assessment).

Apart from that was managing and mentoring a Team of Technical Consultants; Also, recognised with “One HPE Employee Award” for January 2016.

 

Jeff Chen

Jeff brings over 18 years of Cyber Security; Enterprise and Embedded test automation experiences to the Contrast Security APAC team.  Jeff was most recently the co-founder of Trinity Technologies where he helped built it from a startup to a leading integrator for safety critical application testing and industry compliance verification in Asia.

Prior to co-founding Trinity Technologies, Jeff was the VP of Parasoft APAC where he expanded the operation from one location in 2003 to eight by 2011 and saw his respective regional revenue grew by more than 500%. Jeff has extensive knowledge and hands on experience in application security and enterprise application testing. Prior to joining Parasoft, Jeff was with a military system integrator where he represented multiple security technologies such as Northrop Grumman NEWS (Network Early Warning Systems) and was involved in C4ISR and Cyber Security Projects for Taiwan Armed Forces.

  

      

Note: (ISC)2 members from Singapore are not members of (ISC)2 Singapore Chapter by default. Please ensure that you have signed up separately with the Singapore Chapter at www.isc2chapter.sg

Membership Rates:
Professional Member: $50/- year
Associate Member (Non-credential holders): $30/- year
Student Member: $10/- year

All prices are in Singapore dollars.

 

 

© Copyright 2019. (ISC)² Singapore Chapter. All Rights Reserved.

Powered by Wild Apricot Membership Software