DevOpsDays Chicago 2023


In 2023, the demand for secure software development skills is at an all-time high. As DevOps professionals, we need to focus on secure CI/CD pipelines, helping developers secure code, and securing supply chains.

During this workshop we’ll discuss best practices to lock down CI pipelines and how to …

Read More

Eddie Knight on #event

KCDC: All your Security Shifted to the Left


In this half-day workshop: We look at how to implement secure coding practices, and then move on to discuss the ins and outs of modern continuous integration. After we lock down our CI pipelines, we’ll look at how to find vulnerabilities in our dependencies. Armed with that information we’ll learn …

Read More

Eddie Knight on #event

How I Got Involved with the OpenSSF


Let’s get it out of the way early: it’s not always clear how you can best plug into organizations like OpenSSF. That’s why I’m writing this guest blog post as an “outsider.” I’m just your average tech employee who has become progressively more involved since my company, Sonatype, became members of …

Read More

Cloud Native Security Slam


Organizer and host of this annual event. The topic was recently announced for 2023.

Security Slam is a 30-day challenge designed to help creators and users of CNCF projects improve their software supply chain security at scale. Participants will have access to the Security Slam Library, which will …

Read More

Return Home