It’s been a couple of months since Log4Shell ruined many Christmas holidays for developers, architects, ITOps and especially Dev(Sec)Ops teams. How did this incident help us strengthen our software supply chain? How have DevSecOps adopted their delivery and operations orchestration to prevent using vulnerable code or react faster once a new breach is detected?
In this session we cover stories from DevSecOps teams that were on the frontlines when Log4Shell hit. We look into application security approaches and tools to detect vulnerabilities during delivery as well as in production and see how open source projects such as Falco, Keptn and others help DevSecOps teams to enforce a “Secure by Default” policy!