sec4dev 2022: Security for All

Recently, Mondoonauts had the pleasure of sponsoring the 2022 sec4dev conference in Vienna, Austria. The goal of the conference is to raise security awareness among software developers. Similarly, our goal at Mondoo is to bring security awareness to everyone. We believe security isn’t just the job of security professionals, so this was the perfect conference for Mondoo to sponsor.

Mondoo_graphics_sec4dev 2022 recap-02

sec4dev graphic image

Tested security (and other) knowledge

On one of the nights, Mondoo attended a pub quiz-style game that focused on security but had some general knowledge challenges in the mix as well. We were tasked with matching soundtracks to movies. One of the organizers was certain that no one would identify the music for Wonder Woman 1984, but she clearly wasn’t expecting a fan of DC Comics to be present!

The Mondoo team was tied for first, but sadly lost the tiebreaker question. Now we know when Bell Labs presented Unix to the outside world (it was October, 1973)!

lady at computer

Favorite talks

The talks covered all aspects of security, from how to introduce security to your machine learning projects to how to poke holes into (what you think is) a perfectly written Content-Security-Policy (CSP).

One presentation that stood out for me was by Tanya Janca. She spoke about building security champions across teams. Tanya outlined an eight-step plan to recruit willing colleagues to become their team's security champions. One essential task was to make sure that the would-be security champions are willing participants and not voluntold.

Another talk, by Johannes Bär, showed the audience some creative ways to hack fully managed Kubernetes pods. This was something we knew a thing or two about; my colleague, Scott Ford, was demonstrating that very task at devopsdays Charlotte in North Carolina the day before.

Monitor your infrastructure for security misconfigurations and maps those checks automatically to top compliance frameworks.

Security for everyone

Conferences like sec4dev are an important addition to the community and to the general conference ecosystem. Sec4dev was very focused on developers who are new to security who want to improve. The attendees ranged from junior to senior software engineers, all eager to learn.

We Mondoonauts enjoyed our time in Vienna. The experience was particularly rewarding because the conference and its organizers share Mondoo’s goal of bringing security awareness to everyone.

Yvo van Doorn

Yvo van Doorn works with customers & prospects seeking to understand the benefits of modernizing security for the cloud. He has more than a decade of system administration experience, and manually built and configured bare-metal servers for the first part of his career. Prior to Mondoo, Yvo worked at Auth0 as the technical expert for Northern Europe where he helped customers understand the benefits of identity in the cloud. Yvo is also co-chair of DevOpsDays, which hosts more than 60 events in cities all across the globe. Find Yvo sipping a hoppy IPA, exploring the great outdoors, or celebrating Dutch heritage with food and sport.

You might also like

Mondoo June 2024 Release Highlights
Mondoo May 2024 Release Highlights
Mondoo April 2024 Release Highlights