Secure your Supply Chain and Workload

Name: Secure your Supply Chain and Workload
Start: 2023-06-15T17:30:00+02:00
End: 2023-06-15T20:30:00+02:00
Location: CShift 3rd floor

Göteborg

Jun 15, 2023, 3:30 – 6:30 PM (UTC)

In-person event

About this event

A final event before we head into the summer!
Agenda:
17.30 Doors open, Food and drinks sponsored by Cshift
18:00 SLSA, SigStore, SBOM and Software Supply Chain Security. What does that all mean really? - Abdelfettah
18:30 Short break
18:45 Unveiling the Secrets of the Cloud: Unmasking the Current Exploitable Vulnerabilities in Cloud Infrastructure - Jesper
20:00 We head to a pub somewhere nearby and continue talking to each other.

Abdelfettah Sghiouar (senior Cloud Developer Advocate @Google Cloud)
Abdel started his career in datacenters in Morocco and now lives in Sweden working with Google Cloud Professional Services.
Have you heard of SLSA, SigStore or SBOM or the new fuzzy word in the street “Software Supply Chain Security'' before ? Maybe yes if you are avide reader of some tech publications out-there. But what does this all mean really ? Or rather should you care ? Well the answer is it depends. In this talk the speaker will attempt to clarify these words, what they mean and present a state of the security world with tools and methodologies people and organizations are implementing to ensure software is secured from dev to production.
Jesper Larsson (freelance IT security researcher and penetration tester)
Jesper is a member of the well-renowned penetration testing firm Cure53 and focused on cloud and infrastructure security. He participation as one of the hackers in the SVT production "_Hackad" and also co-founders and organizers of SecurityFest and Säkerhetspodcasten.
To run your infrastructure through a cloud provider is a no-brainer. You have the possibility to start small and scale to infinity and beyond. There is no longer a risk of running out of hardware performance or storage exhaustion. We have established the norm of continuous everything, but what about the security aspects?
This talk will cover cloud security concepts from a penetration tester's perspective. What problems have we solved? What is being exploited? Where should we focus our security efforts?
If you would like to speak at or host future meetups, please reach out to us, either in person at the event, via this platform, slack or email. We'd love to hear your story!