BSidesLuxembourg3d ago

โš™๏ธ Harden Your DevSecOps Pipeline Workshop!

๐—Ÿ๐—˜๐—ฉ๐—˜๐—Ÿ ๐—จ๐—ฃ ๐—ฌ๐—ข๐—จ๐—ฅ ๐—–๐—œ/๐—–๐——: ๐—•๐—จ๐—œ๐—Ÿ๐——๐—œ๐—ก๐—š ๐—” ๐—ฆ๐—˜๐—–๐—จ๐—ฅ๐—˜ ๐—ฃ๐—œ๐—ฃ๐—˜๐—Ÿ๐—œ๐—ก๐—˜ ๐—ช๐—œ๐—ง๐—› ๐—ข๐—ฆ๐—ฆ (4h Workshop) with ๐—”๐—ก๐——๐—ข๐—ก๐—œ ๐—”๐—Ÿ๐—ข๐—ก๐—ฆ๐—ข & ๐—ฃ๐—”๐—–๐—ข ๐—ฆ๐—”๐—ก๐—–๐—›๐—˜๐—ญ
Whatโ€™s the "perfect" secure CI/CD pipeline? This hands-on 4h workshop shows you using open-source tools: integrate SAST (Semgrep), SCA, secrets detection (TruffleHog), IaC scanning, container vuln checks (Trivy), and more across the full DevSecOps lifecycle. Through live demos (break & fix), youโ€™ll see each stageโ€™s security goal, tool integration, and principles โ€“ not just copy-paste, but adaptable techniques for your own hardened pipelines.

Led by Andoni Alonso https://bsky.app/profile/andoniaf.unicrons.cloud (Prowler Open Cloud Security, unicrons.cloud founder, ex-SRE turned security/CTF pro) & Paco Sanchez https://pretalx.com/bsidesluxembourg-2026/speaker/UNNQE8/ (SRE in Developer Productivity/Platform Engineering, pragmatic tool-builder).

๐Ÿ“… Conference Dates: 6โ€“8 May 2026 | 09:00โ€“18:00
๐Ÿ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
๐ŸŽŸ๏ธ Tickets: https:// 2026.bsides.lu/tickets/
๐Ÿ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/

Build secure pipelines that actually work โ€“ OSS only! ๐Ÿš€
#BsidesLuxembourg #OSS #OpenSource #SecurePipeline #CICD #DevSecOps