Session 1: From attack to writing code...what do you need to know as a developer? We will look at a concrete attack called: "XML external entity attack (XXE)" and see how we can trace it back to writing code. The described mitigations are simple: configure your parser securely, but is it this simple? We will focus on some examples and see if we can catch the attack with tests, code reviews, etc. Nanne Baars, Developer at Xebia and OWASP WebGoat Project lead

Session 1: Threat Modelling Kubernetes Cloud native container and Kubernetes systems bring new threats and risks to our precious workloads. As cloud technologies undergo rapid innovation and new tools and techniques emerge, security can get left behind. The answer to this conveyor-belt of potential insecurity? Threat modelling!

We’re proud to announce our Series F funding at a $8.5B valuation, co-led by Capital Ventures and Tiger Global! We believe in helping the world’s developers build secure applications and equipping security teams to meet the demands of the digital world. Thank you to our investors and community for supporting our vision. We're excited to continue our journey of advancing and leading developer security.

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.