Soroosh is a software engineer and software architecture enthusiast, passionate about building simple but impactful solutions. With over 10 years of experience in diverse domains, including Telecom, Media & Entertainment, and E-Commerce. He has worked with small startups and large enterprises serving 80 million active subscribers. Currently working as a Solution Architect at Rabobank via Code Nomads. Soroosh strongly believes in the power of collaborative learning and enjoys sharing his experiences and insights with other developers.
Join us for an engaging and practical panel discussion on integrating security into every stage of the software development lifecycle! This session is all about embracing software security as an integral part of the development process, not just a tick-box exercise. Our distinguished panelists come from a diverse range of backgrounds and will share their unique insights, offering valuable takeaways for all attendees.
Why is this important? Today, security vulnerabilities can lurk in every corner, whether it's a missing patch or a misconfigured setting. This panel will explain how to seamlessly incorporate security practices into coding, testing and deployment. These experts will share practical strategies to enhance your software's security posture immediately, equipping you with the tools you need to do so.
Expect lively interaction! We will encourage questions and real-time feedback, making this a collaborative space where ideas flow freely. Whether you want to understand the latest tools, such as Software Bills of Materials (SBOMs), or learn the best ways to prevent vulnerabilities, you will walk away with useful strategies and a clearer path to fortifying your software development process.
Don't miss this chance to improve your development practices and protect your applications. Together, let's make secure software development an objective we can all achieve!
Panelist
Stefano Maestri, Alessio Soldano, Soroosh Khodami and Sohan Maheshwara
"AI era is bright, but full of terrors!"
In a world where vulnerabilities like Log4Shell, Spring4Shell, and the XZ Backdoor make headlines, securing our software ecosystem has never been more critical. In this session, Soroosh, a hands-on architect with experience working on security platform services for large enterprises like Rabobank, will share practical strategies and best practices for securing the software development process, applicable to both small startups and large organizations.
Key takeaways and questions that will be answered in this session:
- [Live Demo] What is a "Supply Chain Attack," and how dangerous can it be?
- An example of lateral movement that begins with a basic SQL injection attack and escalates to gaining root access to a Kubernetes cluster
- Exploring new attack vectors in the AI era and the defense strategies to detect, prevent and mitigate them
- Most effective practices to secure your CI/CD process
- Practical strategies on how Software Bill of Materials (SBOM) help us prepare for the next Log4Shell crisis?
- What does DevSecOps mean, and what is its main objective?
Searching for speaker images...