holistic-info-sec-for-web-developers

Workshop to initialise, train and deploy the Jade Security Champions across the Jade Development Teams.

The security defaults of Docker are designed to get you up and running (“just work”) quickly, rather than being the most secure. There are many default configurations that can be improved upon. In this talk Kim will walk through improving the security of Docker hosts, containers, networking and deployments.

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.

Kim's flagship Software Developer focussed training, this time at OWASP New Zealand Day conference.

Full Day Interactive Workshop focussing on building security into your Development Team(s).

A three part book series focused on lifting the security knowledge of Software Developers, Engineers, and their teams, so that they can continuously deliver secure technical solutions on time and within budget, without nasty surprises. First book is complete, second book is content complete and currently in technical review.

At BSides Wellington: Kim discusses that Quality (security included) does not have to be neglected when you’re planning, building and running a high performance development team. He discusses how we fail and how to succeed.

All Day DevOps Live! Interview with All Day DevOps speaker, Kim Carter. Kim will be speaking about the "Secrets of a High Performance Security Focused Agile Team".

Kim's flagship Software Developer focussed training, this time at Christchurch Hacker Conference (CHCon).

Kim discusses how and why Agile Development Teams fail at security, and how to stop failing.