Security vulnerability management: OWASP DefectDojo

[mwager]

Title: Security vulnerability management: OWASP DefectDojo

• Speaker: Michael Wager (and maybe additional collegue)
• Affiliation: https://secure-io.de
• Preferred month: *
• Duration: regular (30min)
• Language: German or english, depends on audience

Short description

Various security scanners are used in AppSec programes (Src code, OSS supply chain, container images, etc.), generating a lot of data. DefectDojo is an open source central vulnerability management solution from OWASP to centrally manage these scan results and view the security status of applications.

We could talk a bit about OWASP, the Secure Development Lifecycle, AppSec programs & DevSecOps and finally give a demo of DefectDojo.

Audience

Developers, Project-Managers, DevOps-Engineers - basically anyone working in IT & SW-Development.

Regards!
Michael
https://mwager.de/about/

[stale]

This talk proposal has been automatically marked as stale because it has not had recent activity. It will be closed after 6 months if no further activity occurs. If you still plan to do this talk then answer here.

[mwager]

Would this be of relevance? Else feel free to close it :)

[maxammann]

I recently watched a talk at 38C3. I'd be interested in another talk!

[timidak]

I'd be interested in this talk, too. @mwager, do you still want to give your talk?
If so, what about the Web&Wine events in the first quarter of the year? ☺️

[mwager]

@timidak yes Q1 would be fine! Is there already a timeline for the next event(s)?

Or information how we could apply? :)