OWASP Helsinki DevSecOps Hackathon

From OWASP
Jump to: navigation, search

The OWASP DevSecOps mini hackathon took place at Keilaranta 15 on Sep 27th starting at 12:00.

Read the write-up of the Hackathon here: OWASP Helsinki DevSecOps Hackathon write-up.

Original description

The aim of the hackathon is to understand and gather experiences from bringing sec into devops practices. This means, that we bundle some security tools to the CI pipeline. There is already a list of tools that can be used, but each hackathon track team selects the tools that best fit to their purposes.

There are three tracks in the hackathon:

  1. Application security testing
  2. Platform security hardening and testing
  3. Vulnerability management

Our hackathon goal is to make sec aware pipeline for OWASP Juice Shop web application. (https://www.owasp.org/index.php/OWASP_Juice_Shop_Project).

The initial setup of the hackathon is a Jenkins server image having a pipeline for building the juice shop. Participants will be provided with instructions to install the Jenkins server and initial baseline, and more detailed instructions.

Prerequisites:

  • Bring your laptop with docker installed
  • Briefly look at the tools that can be utilized in your track

The hackathon starts at 12:00 (Noon) and lasts till 23:00. Pizza, snacks and beverages are served to the participants after 17:00 and the hackathon lasts till midnight. You are free to leave earlier, but we hope that every attendee can stay as long as possible.

After the hackathon we publish the results and achievements to OWASP Wiki page.

Any questions, please contact pekka.sillanpaa@owasp.org.

Hackathon pipeline.png