SecurityConference45min
Are We Ready For The Next Cyber Security Crisis Like Log4Shell?
This session covers practical strategies for securing the software development process against modern threats like supply chain attacks and AI-era vulnerabilities. It includes live demos, best practices for CI/CD security, SBOM usage, DevSecOps principles, and real-world examples to help organizations of all sizes defend their software ecosystems.
Soroosh KhodamiCode Nomads
talkDetail.whenAndWhere
Tuesday, February 10, 14:15-15:00
Room C
talks.roomOccupancytalks.noOccupancyInfo
"AI era is bright, but full of terrors!"
In a world where vulnerabilities like Log4Shell, Spring4Shell, and the XZ Backdoor make headlines, securing our software ecosystem has never been more critical. In this session, Soroosh, a hands-on architect with experience working on security platform services for large enterprises like Rabobank, will share practical strategies and best practices for securing the software development process, applicable to both small startups and large organizations.
Key takeaways and questions that will be answered in this session:
In a world where vulnerabilities like Log4Shell, Spring4Shell, and the XZ Backdoor make headlines, securing our software ecosystem has never been more critical. In this session, Soroosh, a hands-on architect with experience working on security platform services for large enterprises like Rabobank, will share practical strategies and best practices for securing the software development process, applicable to both small startups and large organizations.
Key takeaways and questions that will be answered in this session:
- [Live Demo] What is a "Supply Chain Attack," and how dangerous can it be?
- An example of lateral movement that begins with a basic SQL injection attack and escalates to gaining root access to a Kubernetes cluster
- Exploring new attack vectors in the AI era and the defense strategies to detect, prevent and mitigate them
- Most effective practices to secure your CI/CD process
- Practical strategies on how Software Bill of Materials (SBOM) help us prepare for the next Log4Shell crisis?
- What does DevSecOps mean, and what is its main objective?
Soroosh Khodami
Soroosh is a software engineer and software architecture enthusiast, passionate about building simple but impactful solutions. With over 10 years of experience in diverse domains, including Telecom, Media & Entertainment, and E-Commerce. He has worked with small startups and large enterprises serving 80 million active subscribers. Currently working as a Solution Architect at Rabobank via Code Nomads. Soroosh strongly believes in the power of collaborative learning and enjoys sharing his experiences and insights with other developers.
talkDetail.shareFeedback
talkDetail.feedbackNotYetAvailable
talkDetail.feedbackAvailableAfterStart
talkDetail.signInRequired
talkDetail.signInToFeedbackDescription
occupancy.title
occupancy.votingNotYetAvailable
occupancy.votingAvailableBeforeStart
talkDetail.signInRequired
occupancy.signInToVoteDescription
comments.speakerNotEnabledComments