When DevOps principles are widely adopted, the way from code to a running application has never been shorter. This enables both features, functionality, and fixes to be rolled out continuously. The term DevSecOps quickly appeared to show that security needed to be an integral part of any CI/CD pipelines with defined checks and tests between the different stages.

Join mnemonic and Palo Alto Networks on Tuesday 7th of February to learn how developers create secure code, and how we use market-leading tools to automate much of the process.

In addition, we will present how we at mnemonic use Prisma Cloud from Palo Alto Networks; a suite covering security for all steps of the application's lifecycle. From the developers' code to your cloud assets’ security posture and the needed help to automatically address newly discovered vulnerabilities and mitigate ongoing attacks.

Agenda

08.00-09.00 Registration and breakfast

09:00-09:10 Welcome and introduction

09:10 - 09:50 Secure coding

with Sebastian Florin Sanislav, Security Consultant, mnemonic

What are the most common security pitfalls when writing code?

There is no doubt that during the last decade the software development process has evolved significantly. However, the security considerations required when writing code have not changed at the same pace.

Many of the vulnerabilities found today are the same as they were years ago, just in different forms. That is why it is important to have a process in place that takes these pitfalls into consideration.

During the talk Sebastian will look at:

• A high-level overview of what to focus on when developing secure code
• Our process for performing code reviews in mnemonic
• Real-life examples of vulnerabilities found in code during past assessments

Technical level: 4/5
Language: English

09:50 - 10:05 Break

10:05 - 10:35 Using Prisma Cloud to automate secure coding

with Chrysoula Kielland, Security Consultant, mnemonic

There are many tools to help you secure cloud-native applications. However, each of them specialise on a different stage of the application's lifecycle.

Prisma Cloud brings the puzzle together and addresses the entire process; from code to cloud. How can you get more secure code without losing efficiency? Chrysoula will present the tool and show how it can help you automate this process. During the talk Chrysoula will look at:

• How is Prisma Cloud different from the existing point solutions?
• Why should we put all eggs into Palo Alto’s basket?
• How does Prisma Cloud secure Infrastructure as Code and containerised apps?
• Prisma Cloud's new functionality: open-source library scanning.

Technical level: 3/5
Language: English 

10:35 - 10:50 Break

10:50- 11:20 Palo Alto Prisma Cloud Suite - secure applications from code to cloud

med Marius Holmsen, Palo Alto Networks

Prisma Cloud is a complete platform that secures the full journey from the cloud to code security to runtime protection across multiple clouds, and even private cloud. This presentation is a walk-through of the different modules and features that will explain how one can benefit from a single pane of glass that enhances your visibility and overall security.

As we move towards cloud native applications it creates a challenge to identify and secure this new application framework. With Prisma Cloud, we provide security and visibility to enhance the abilities for the security team, and automate the interaction between the developer and security team to "shift left" and provide security as a part of the development process.

Technical level: 3/5
Language: Norwegian