Secure your Supply Chain and Workload


Jun 15, 2023, 3:30 – 6:30 PM

In-person event

About this event

A final event before we head into the summer!


17.30 Doors open, Food and drinks sponsored by Cshift

18:00 SLSA, SigStore, SBOM and Software Supply Chain Security. What does that all mean really? - Abdelfettah

18:30 Short break

18:45 Unveiling the Secrets of the Cloud: Unmasking the Current Exploitable Vulnerabilities in Cloud Infrastructure - Jesper

20:00 We head to a pub somewhere nearby and continue talking to each other.

Abdelfettah Sghiouar (senior Cloud Developer Advocate @Google Cloud)

Abdel started his career in datacenters in Morocco and now lives in Sweden working with Google Cloud Professional Services.

Have you heard of SLSASigStore or SBOM or the new fuzzy word in the street “Software Supply Chain Security'' before ? Maybe yes if you are avide reader of some tech publications out-there. But what does this all mean really ? Or rather should you care ? Well the answer is it depends. In this talk the speaker will attempt to clarify these words, what they mean and present a state of the security world with tools and methodologies people and organizations are implementing to ensure software is secured from dev to production.

Jesper Larsson (freelance IT security researcher and penetration tester)

Jesper is a member of the well-renowned penetration testing firm Cure53 and focused on cloud and infrastructure security. He participation as one of the hackers in the SVT production "_Hackad" and also co-founders and organizers of SecurityFest and Säkerhetspodcasten.

To run your infrastructure through a cloud provider is a no-brainer. You have the possibility to start small and scale to infinity and beyond. There is no longer a risk of running out of hardware performance or storage exhaustion. We have established the norm of continuous everything, but what about the security aspects?

This talk will cover cloud security concepts from a penetration tester's perspective. What problems have we solved? What is being exploited? Where should we focus our security efforts?

If you would like to speak at or host future meetups, please reach out to us, either in person at the event, via this platform, slack or email. We'd love to hear your story!


  • Abdelfettah SGHIOUAR


    Senior Cloud Developer Advocate

  • Jesper Larsson


    Principal Security Consultant



Thursday, June 15, 2023
3:30 PM – 6:30 PM UTC


  • Jessica Andersson

    Leader of Platform Engineering, CNCF Ambassador

  • Peter Rosell


    Event Organizer

  • Edvin Norling


    DevOps Engineer

  • Anders Johansson

    Etraveli Group AB

    Event Organizer

  • John Andreas Erlandsson

    Devies Cloud & Engineering


  • Alexander Lindeskär


  • Mikael Johansson



CShift logo