Resilient Engineering Practices for Security Against Modern Threats

Software supply chains, composed of diverse tools, dependencies, and collaborative workflows, have become critical targets for malicious actors. Attackers exploit vulnerabilities in open-source components, CI/CD pipelines, and automated engineering processes, exposing organizations to significant risks. Resilience in this context demands a shift from reactive defenses to proactive strategies that integrate security directly into engineering workflows, ensuring vulnerabilities are addressed before they can be exploited.

From this track

Session

Supply Chain Security and the Real World: Lessons From Incidents

Tuesday Apr 8 / 10:35AM BST

Supply chain security is becoming more and more important, but it is often talked about in abstract and general terms that do little to help the average organization.

Speaker image - Adrian Mouat

Adrian Mouat

Technical Community Advocate @Chainguard, Complainer of Supply Chain Security & Author of "Using Docker"

Session

Empower Your Developers: How Open Source Dependencies Risk Management Can Unlock Innovation

Tuesday Apr 8 / 11:45AM BST

As security practitioners, we face the challenge of driving innovation whilst needing to balance security risks.

Speaker image - Celine Pypaert

Celine Pypaert

Vulnerability Manager @Johnson Matthey

Session software supply chain

Trust No One: Securing the Modern Software Supply Chain with Zero Trust

Tuesday Apr 8 / 01:35PM BST

Can you truly trust your software supply chain? As cloud-native software development surges, threat actors increasingly target the supply chain, exploiting vulnerabilities in CI/CD pipelines, dependencies, and container images.

Speaker image - Emma Yuan Fang

Emma Yuan Fang

Senior Cloud Security Architect @EPAM, DevSecOps, Cloud Security Advocate, Strategist and Public Speaker, Ex-Microsoft, CISSP

Session

Secure by Design: Building Security into Engineering Workflows and Teams

Tuesday Apr 8 / 02:45PM BST

Security doesn't have to be a blocker- it can be an enabler. In this session, we’ll explore how to seamlessly integrate secure development practices into engineering workflows while fostering a culture of collaboration and shared ownership.

Speaker image - Stefania Chaplin

Stefania Chaplin

Founder & CEO @DevStefOps, Previously Solutions Architect @GitLab, AWS Certified Security - Speciality

Session security

Securing AI Copilots: Strategies and Practices for Protecting Data

Tuesday Apr 8 / 03:55PM BST

The data behind AI copilots is not only their most critical asset but also a key strategic consideration for enterprises and SMBs alike.

Speaker image - Andra Lezza

Andra Lezza

Principal Application Security Specialist @Sage, 10+ Years of Experience Building AppSec Programs, OWASP London Chapter Leader

Session

Unconference: Resilient Engineering Practices for Security Against Modern Threats

Tuesday Apr 8 / 05:05PM BST

Date

Tuesday Apr 8 / 10:35AM BST

Share

Share Share

Track Host

Sonya Moisset

Staff Security Advocate @Snyk

Sonya is a Staff Security Advocate and a lifelong traveler who lived in the Middle East, North Africa, and East Asia.

She’s passionate about Cybersecurity, DevSecOps and AI. She’s part of the OpenUK Security Advisory Board, an OpenUK ambassador and 2x OpenUK Honoree, 4x Github Star, 5x Top contributor for freeCodeCamp, TryHackMe room creator, 3x CyberGirls fellowship mentor, ambassador for Girlcode, and 2022 #TechWomen100.

Sonya is a DevSecOps/Cloud Security Advocate, an internal public speaker, a tech advocate, and a mentor.

Her motto is #GetSecure, #BeSecure & #StaySecure.

Read more
Find Sonya Moisset at: