Secure your LINE Chatbot with Jirayut Nimsaeng (Dear) CEO & Founder, Opsta (Thailand) Co.,Ltd. 

Do you think you are secure? 

Jirayut Nimsaeng (Dear) Jirayut has been involved in DevSecOps, Container, Cloud Technology and Open Source for over 10 years. He has experienced and succeeded in transforming several companies to deliver greater values and be more agile. ● Founder and CEO of Opsta (Thailand) Co.,Ltd. ● Cloud/DevSecOps Transformation Consultant and Solution Architecture ● First Certified Kubernetes Administrator (CKA) and Certified Kubernetes Security Specialist (CKS) in Thailand ● First Thai Google Cloud Developer Expert (GDE) in Thailand ● Google Cloud Certified - Professional Cloud Architect and Associate Cloud Engineer #whoami 

● What is DevSecOps? ● Cloud Native Security ● Live Demo Agenda 

What is DevSecOps? 

Generic DevOps Flow & Components Dev Ops VCS CI ARTIFACTS CD DEV UAT PRD LOAD TESTING MONITORING SUPPORT TOOLS AUTOMATION & INFRASTRUCTURE AS CODE COMMUNICATION INFRASTRUCTURE 

Dev Ops Sec VCS CI ARTIFACTS CD COMMUNICATION DEV UAT PRD SECURITY LOAD TESTING MONITORING SUPPORT TOOLS AUTOMATION & INFRASTRUCTURE AS CODE When put Security into DevOps INFRASTRUCTURE 

Dev Ops Sec VCS CI CD DEV UAT PRD LOAD TESTING MONITORING SUPPORT TOOLS AUTOMATION & INFRASTRUCTURE AS CODE COMMUNICATION DevSecOps Flow INFRASTRUCTURE SECURITY SHIFT LEFT WITH AUTOMATION ARTIFACTS 

Dev Ops Sec VCS CI ARTIFACTS CD DEV UAT PRD INFRASTRUCTURE AUTOMATION SECURITY LOAD TESTING MONITORING SUPPORT TOOLS AUTOMATION & INFRASTRUCTURE AS CODE Automation Security COMMUNICATION 

Secure Coding SAST SCA Vulnerability Assessment Penetration Testing IASTz Threat Intelligence Multi-Tenancy Landing Zone Secrets Management DAST Binary Analysis Threat Modeling SOC SOAR CWPP CSPM Security Automation in every steps Compliance Validation 

Cloud Native Security 

Cloud Native Technologies https://landscape.cncf.io 

VCS CI ARTIFACTS CD DEV UAT PRD AUTOMATION SECURITY MONITORING AUTOMATION & INFRASTRUCTURE AS CODE Apps SUPPORT TOOLS Cloud Native and DevSecOps Components 

Cloud-native application protection platforms (CNAPPs) 

Shut up and Show me your CODE https://github.com/opsta/opsta-line-bot https://github.com/opsta/opsta-line-bot 

● Are you sure you don’t have LINE channel secret in your code? ● DevSecOps is not easy (but worth it) ● DevSecOps will only benefit if you invest in it ● You can learn something new when you fix vulnerability ● START TODAY! Key Takeaways 

What we offer DevSecOps Platform Engineering Portal (Subscription) End-to-end platform engineering ecosystem with self-service portal that provides a seamless experience from onboarding applications to day-2 operations. DevSecOps Transformation Security Automation Self-Service Automation Infrastructure Hybrid Multi-Cloud Infrastructure Kubernetes Service Provider Centralized Monitoring Training Consulting Service Centralized Application & DevSecOps Tools Management Streamline Access to All DevSecOps Tools, Build Application Structures, and Control Permissions. Security Governance Dashboard Centralized Dashboard for SAST, DAST, SCA, Container Scan, etc. Ready for Day 2 Operation Observability Dashboards to Quickly Identify Root Causes Best Practice DevSecOps Templates Zero-effort DevSecOps configuration on Cloud-Native application. Our Product Our Solution and Service 

fb.me/DearJirayut www.linkedin.com/in/jirayut/ [email protected] www.opsta.co.th Jirayut Nimsaeng (Dear) Founder & CEO of Opsta https://github.com/opsta/opsta-line-bot https://github.com/opsta/opsta-line-bot 

No content