talk

Talk - Purple Teaming with OWASP purpleteam

This talk covers: What is OWASP PurpleTeam? Why you would want it in your build pipelines. How you go about setting it up? What the work-flows look like.

Talk - Dev Team Security: Back to the Future

This talk visits: The past, present and future of how our Development Teams have and will measure the security maturity of the software delivered.

Talk - Purple Teaming with OWASP purpleteam

This talk covers: What is OWASP PurpleTeam? Why you would want it in your build pipelines. How you go about setting it up? What the work-flows look like.

Talk - Purple Teaming with OWASP purpleteam

This talk covers: What is OWASP PurpleTeam? Why you would want it in your build pipelines. How you go about setting it up? What the work-flows look like.

Talk - Purple Teaming with OWASP purpleteam

This talk covers: What is OWASP PurpleTeam? Why you would want it in your build pipelines. How you go about setting it up? What the work-flows look like.

Talk - Incident Response and Application Intrusion Detection

Talk by Chris and Kim on Incident Response and Application Intrusion Detection

Talk - Building PurpleTeam (a Security Regression Testing SaaS) - From PoC to Alpha

Developers / Engineers know that a build pipeline is an essential part of creating robust and reliable software, but what to put in it? This talk covers the creation of purpleteam from PoC to Alpha release, and why it’s an ideal fit for the security regression testing slot of your build pipeline.

Talk - Hardening Your Docker Infrastructure

The security defaults of Docker are designed to get you up and running (“just work”) quickly, rather than being the most secure. There are many default configurations that can be improved upon. In this talk Kim will walk through improving the security of Docker hosts, containers, networking and deployments.

Talk - Security Regression Testing on OWASP Zap Node API

The OWASP ZAP HTTP intercepting proxy is useful for manually attacking your Web apps and APIs. Now, we have the official Node API to programatically drive ZAP to regression test our creations. Kim will show you how to build a fully featured security regression testing CLI, consumable by your CI/nightly builds.

Talk - Secrets of a High Performance Security Focussed Agile Team

At BSides Wellington: Kim discusses that Quality (security included) does not have to be neglected when you’re planning, building and running a high performance development team. He discusses how we fail and how to succeed.