Agenda:

15:45 Overview of DevSecOps

In this talk, we will discuss and learn about what is DevSecOps and how does it fit into DevOps and agile streams.In addition to that we talk about few tools. Metrics and implementation models

16:30 Auditing Docker containers

Auditing the docker containerized environments from security perspective.

We will go through various methods to effectively perform a security Audit of docker based containerised environments.

17:40 Infrastructure code security testing

Presentation plan:

1) Infrastructure as code (IaC)

2) Software development lifecycle

3) Secure SDLC

4) Infrastructure as a code just like an application code

5) Static infrastructure code analysis prior to deployment

6) DEMO