dev-sec-ops

Talk - Secrets of a High Performance Security Focussed Agile Team

Kim discusses how and why Agile Development Teams fail at security, and how to stop failing.

Workshop - Web Developer Quiz Night

Attacking a set of carefully curated questions around info-sec, white hat, black hat, attack and defense.

Diogo Mónica on Docker Security

Diogo Mónica talks with Kim Carter about Docker Security on Software Engineering Radio.

Francois Raynaud on DevSecOps

Francois Raynaud and Kim Carter discuss what’s wrong with the traditional delivery approach and why we need to change. On Software Engineering Radio.

Talk - The Art of Exploitation

At JS Remote Conf: Kim examines and demonstrates a collection of essential attacks, commonly used in the exploitation and demise of many individuals and organisations today.

Talk - The Art of Exploitation

At NZ.JS: Kim examines and demonstrates a collection of essential attacks, commonly used in the exploitation and demise of many individuals and organisations today.

Workshop - Developing a high-performance security focussed Agile Team

DevSecCon, Singapore: Quality (security included) does not have to be neglected when you’re planning, building and running a high-performance development team. Kim will set the stage with how and why Agile development teams fail, explained with a familiar anecdote taken from his new book “Holistic Info-Sec for Web Developers”, coupled with how you can change this.

Talk - Agile Security for Web Developers

Join Kim at AgileNZ 2016 for an exploration into an insightful set of steps he has learned, from an architectural, engineering and penetration testing perspective.

Workshop - Holistic Info-Sec for Web Developers - Intense

Kiwicon hands-on threat modelling, attack and defence strategy training for Web Developers wishing to understand their attackers better, stay ahead of them and create cost effective defence strategies.

Workshop - Security Regression Testing with ZapAPI and NodeGoat

At AWS Auckland, Kim will demonstrate the OWASP Zap API with NodeGoat, which helps you identify vulnerabilities in your web application as you create it, rather than at the end of a project.