Session
Hackers Don’t Miss Like Ronaldo. Defend Your Pipeline Before They Score.
Thursday 23 July
15:00 – 16:00
Educator 1
Back to agenda
This session provides local software developers with a hands-on guide to implementing DevSecOps practices that address real challenges in the Mauritian software development environment. Attendees will explore common pipeline vulnerabilities, including hardcoded secrets, outdated dependencies, insecure containers, and unsafe coding patterns and see how these issues can be exploited if left unchecked.
Through a live demonstration of a deliberately vulnerable application, participants will learn to detect and prevent these vulnerabilities using free, industry-standard tools such as Gitleaks, Trivy, and OWASP Dependency-Check. The session demonstrates how to integrate these tools into CI/CD pipelines, embrace Shift Left security, and automate vulnerability detection, providing practical, actionable strategies that developers can immediately apply to their projects.
By attending, participants will gain a buffet of experiences and ideas: they will learn concrete techniques to secure code, understand enterprise-level security workflows, and discover ways to integrate best practices into their own development processes, all while connecting concepts to the realities of software development in Mauritius.
Learning Outcomes:
- Identify common security vulnerabilities in modern development pipelines
- Apply practical DevSecOps tools to prevent breaches early
- Automate security scans within CI/CD workflows
- Translate enterprise-level security practices into local development environments
Reference:
- https://www.youtube.com/watch?v=ZUquwnJnfNw&t=1013s&pp=ygUPZ2l0bGVha3MgZ2l0aHVi
- https://www.youtube.com/watch?v=pZumqxTwLNw
- https://www.youtube.com/watch?v=hWiI700y3J0
Through a live demonstration of a deliberately vulnerable application, participants will learn to detect and prevent these vulnerabilities using free, industry-standard tools such as Gitleaks, Trivy, and OWASP Dependency-Check. The session demonstrates how to integrate these tools into CI/CD pipelines, embrace Shift Left security, and automate vulnerability detection, providing practical, actionable strategies that developers can immediately apply to their projects.
By attending, participants will gain a buffet of experiences and ideas: they will learn concrete techniques to secure code, understand enterprise-level security workflows, and discover ways to integrate best practices into their own development processes, all while connecting concepts to the realities of software development in Mauritius.
Learning Outcomes:
- Identify common security vulnerabilities in modern development pipelines
- Apply practical DevSecOps tools to prevent breaches early
- Automate security scans within CI/CD workflows
- Translate enterprise-level security practices into local development environments
Reference:
- https://www.youtube.com/watch?v=ZUquwnJnfNw&t=1013s&pp=ygUPZ2l0bGVha3MgZ2l0aHVi
- https://www.youtube.com/watch?v=pZumqxTwLNw
- https://www.youtube.com/watch?v=hWiI700y3J0
