Methodik & PraxisWhat does it take to deploy to production with confidence?
Abstract
Wed 15:35 - 16:20 Uhr | 2024
How often do we question the wisdom of releasing to production on a Friday afternoon? Has the production software been tested thoroughly enough to identify vulnerabilities? If we do find security problems in production, what steps can we take to fix them? And how can we take preventative measures against potential problems or attacks? Recently, software supply chain security has become an increasingly important topic. Concepts such as SBOMs, SLSA, Reproducible Builds and CI/CD Security are often discussed to address previous concerns. This session will explore these concepts and provide guidance on how to apply them to your individual projects. We will focus on tools, guides, proposals from the OSSF Foundation, CNCF, OWASP and CDF
Ixchel Ruiz has developed software application & tools since 2000. Her research interests include Java, dynamic languages, client-side technologies and testing. Java Champion, Oracle ACE pro, Testcontainers Community Champion, CDF Ambassador, Hackergarten enthusiast, Open Source advocate, public speaker and mentor.
Andres Almiray
I code for fun and help others in the process. Java Champion. Speaker. Co-founder of Hackergarten & Hack.Commit.Push. Creator of JReleaser 🚀