Panel: Security Against Modern Threats

Disclaimer: This summary has been generated by AI. It is experimental, and feedback is welcomed. Please reach out to info@qconlondon.com with any comments or concerns.

In the "Panel: Security Against Modern Threats," industry experts discussed contemporary challenges in securing the software supply chain and shared insights into effectively managing these threats.

Key discussion points included:

  • Resilience by Design: Building systems and workflows that prioritize security to counteract the sophistication of modern threats.
  • Zero Trust Approach: The importance of a zero-trust model in securing CI/CD pipelines and the broader software supply chain.
  • Real-world Incidents Lessons: Sharing lessons from past security incidents to better prepare for and mitigate future risks.
  • Balancing Developer Velocity and Security: Addressing the tension between maintaining quick development cycles and ensuring robust security measures.
  • AI Security: Challenges and strategies for securing AI models, especially concerning sensitive data and vulnerabilities unique to AI systems.

Throughout the discussion, panelists emphasized the need for continuous monitoring, comprehensive testing, and an organizational culture that fosters security awareness and education across all levels.

This is the end of the AI-generated content.

Details coming soon.

Date

Tuesday Apr 8 / 02:45PM BST ( 50 minutes )

Location

Windsor (5th Fl.)

Slides

Slides are not available

Share

Share Share

From the same track

Session security

Securing AI Assistants: Strategies and Practices for Protecting Data

Tuesday Apr 8 / 03:55PM BST

The data behind AI copilots is not only their most critical asset but also a key strategic consideration for enterprises and SMBs alike.

Speaker image - Andra Lezza

Andra Lezza

OWASP London Chapter Leader, 10+ Years of Experience Building AppSec Program

Session software supply chain

Trust No One: Securing the Modern Software Supply Chain with Zero Trust

Tuesday Apr 8 / 01:35PM BST

Can you truly trust your software supply chain? As cloud-native software development surges, threat actors increasingly target the supply chain, exploiting vulnerabilities in CI/CD pipelines, dependencies, and container images.

Speaker image - Emma Yuan Fang

Emma Yuan Fang

Senior Cloud Security Architect @EPAM, DevSecOps, Cloud Security Advocate, Strategist and Public Speaker, Ex-Microsoft, CISSP

Session

Secure by Design: Building Security into Engineering Workflows and Teams

Tuesday Apr 8 / 10:35AM BST

Security doesn't have to be a blocker- it can be an enabler. In this session, we’ll explore how to seamlessly integrate secure development practices into engineering workflows while fostering a culture of collaboration and shared ownership.

Speaker image - Stefania Chaplin

Stefania Chaplin

Founder & CEO @DevStefOps, Previously Solutions Architect @GitLab, AWS Certified Security - Speciality

Session open source

Empower Your Developers: How Open Source Dependencies Risk Management Can Unlock Innovation

Tuesday Apr 8 / 11:45AM BST

As security practitioners, we face the challenge of driving innovation whilst needing to balance security risks.

Speaker image - Celine Pypaert

Celine Pypaert

Vulnerability Manager @Johnson Matthey, Women in CyberSecurity UK Volunteer, Book Contributor, Ex-Microsoft

Session

Unconference: Resilient Engineering Practices for Security Against Modern Threats

Tuesday Apr 8 / 05:05PM BST