$1200 Fullstack Live Event Free With a Membership!

Fortifying Cybersecurity with OWASP Top Ten, AWS, and GitHub Actions

Uncover Hidden Risks and Build Smarter Security Systems for Cloud and APIs

Live on 04. April 2025 | 13:00 - 16:00 GMT

Days

Hours

Minutes

Seconds

Building a Resilient Infrastructure

Are you well prepared for the next cyberattack? In this exclusive Fullstack Live Event, you will learn from Christian Wenz, Shankara Hariharan, and Michael Kaufmann how to protect APIs using the OWASP API Security Top 10, build a secure AWS-Infrastructure, and secure your software supply chain with GitHub Actions and SALSA.

Protecting Your Digital Assets

Gain hands-on insights from leading security experts. Learn to understand critical attack vectors, apply best practices, and secure your cloud and DevOps projects sustainably. Join us live online and optimize your security strategy with proven methods and innovative solutions!

Program

13:00 - 13:45 | Bullet-Proof | Christian Wenz

The OWASP Top Ten as a list of the ten biggest security risks for web applications has been a de facto standard for over ten years. Somewhat out of the limelight, however, there are other lists. The OWASP API Security Top Ten was updated in 2023 and highlights risks for APIs. Since arguably almost every web application relies on APIs these days, it’s imperative that we address them. In the talk, we’ll take a look at how the list came about and then go through all the points. In particular, we are of course interested in what this means for common web stecks. Which points are relevant, and how can we take technology-specific countermeasures

14:00 - 14:45 | Security-First Mindset: Architecting a Safe Heaven on Cloud | Shankara Hariharan

In this presentation, we will explore the fundamentals of building a secure AWS architecture, grouped into three key security realms:

Realm 1: Organizational Security Posture and Governance

We will delve into AWS Control Tower, a service that simplifies the setup and governance of a secure, multi-account AWS environment, ensuring a strong organizational security foundation.

Realm 2: Data Protection, Storage Services, Database Services, and Access Management

We will discuss AWS Key Management Service (KMS), AWS Identity and Access Management (IAM), AWS storage services, and AWS database services, focusing on secure access control, encryption of sensitive data, secure storage solutions, and database security.

Realm 3: Continuous Monitoring and Compliance

This segment will cover AWS CloudTrail, AWS Security Hub, AWS Inspector, and AWS Macie, providing tools for comprehensive visibility, continuous monitoring, data protection, and compliance management of your AWS resources. These services integrate seamlessly with AWS Security Hub to offer a centralized view of security alerts and compliance status.

Join us to learn best practices and strategies for securing your AWS infrastructure effectively across these critical areas.

15:00 - 15:45 | Securing Your Software Supply Chain with GitHub Actions and SALSA |Michael Kaufmann

In an era where software supply chain attacks are on the rise, ensuring the security and integrity of your build and deployment pipelines has never been more critical. In this session, we’ll dive into how GitHub Actions and the Supply-chain Levels for Software Artifacts (SALSA) framework can help you fortify your software supply chain.

We’ll start by exploring common vulnerabilities in modern pipelines and why attackers are increasingly targeting the software supply chain. From there, we’ll introduce SALSA, an open-source framework designed to provide end-to-end supply chain integrity. You’ll learn how to implement its key principles, such as provenance tracking, reproducible builds, and tamper-proof logs.

Finally, we’ll demonstrate how to leverage GitHub Actions to integrate these practices seamlessly into your CI/CD workflows. With practical examples, actionable tips, and insights into real-world scenarios, this talk will leave you equipped to turn your pipeline into a fortress. Whether you’re a DevOps engineer, software developer, or security professional, you’ll gain the knowledge and tools to stay one step ahead of potential threats.

Join us and learn about...

API Security Essentials – Understand the OWASP API Security Top Ten and protect your web applications from critical attacks.

Secure Cloud Architectures – Learn how to develop a robust security strategy using AWS Control Tower, IAM & KMS.

Software Supply Chain Protection – Use GitHub Actions & SALSA to secure your build and deployment processes against attacks.

Continuous Monitoring & Compliance – Gain full transparency and control over your infrastructure with AWS Security Hub, CloudTrail & Macie.

Expert Knowledge for

Developers & Software Engineers who want to securely develop and protect web applications, APIs, and CI/CD pipelines.

DevOps & Cloud Experts looking to optimize their AWS security strategy with best practices for governance, monitoring, and access control.

Security Professionals & IT Decision-Makers who aim to detect threats early and implement a secure software supply chain along with effective protection measure

Get to know our expert

Christian Wenz

Web & Security Guru | Author of over 100 books | Microsoft MVP & Zend PHP Certification

Shankara Hariharan

Shankar is a Principal Engineer and 2x Certified Solutions Architect for AWS and GCP

Michael Kaufmann

Expert in Software Architecture, Java Enterprise, and DevOps

Register Now and Join Our Fullstack Live Event

$ 10

Monthly

$100 off 3 conference tickets every year
Access all Live Events, Read content & Courses
6 month access to conference recordings

Inquire Now

Access all content on the platform
Up to 28% off conference tickets
Book your tickets directly on the platform
Training insights for team leads
easy training approval system

Already have Fullstack?

You’re all set! Grab a pen and paper and simply check back in at the time of the event to participate. Want to see more Fullstack Live Events? Browse through the complete list of events here.