In a world where vulnerabilities like Log4J, Spring4Shell, and the XZ Backdoor make headlines, securing our software ecosystem has never been more critical. In this session, Soroosh, a hands-on solution architect with experience working on security platform services for large enterprises like Rabobank, will share practical strategies and best practices for securing the software development process, applicable to both small startups and large organizations.
Key takeaways and questions that will be answered in this session:
- [Live Demo] What is a "Supply Chain Attack," and how dangerous can it be?
- An example of lateral movement that begins with a basic SQL injection attack and escalates to gaining root access to a Kubernetes cluster
- Exploring new attack vectors in the AI era and the defense strategies to detect, prevent and mitigate them
- Most effective low-hanging practices to secure your CI/CD process
- Practical strategies on how Software Bill of Materials (SBOM) help us prepare for the next Log4Shell crisis?
- What does DevSecOps mean, and what is its main objective?
Speaker
Soroosh Khodami
Solution Architect @Code Nomads | 10+ Years in Diverse Domains
Soroosh is a software engineer and software architecture enthusiast, passionate about building simple but impactful solutions. With over 10 years of experience in diverse domains, including Telecom, Media & Entertainment, and E-Commerce. He has worked with small startups and large enterprises serving 80 million active subscribers. Currently working as a Solution Architect at Rabobank via Code Nomads. Soroosh strongly believes in the power of collaborative learning and enjoys sharing his experiences and insights with other developers.
