Hear me out: Documentation-powered security

Presented at Canterbury Hacker Camp (2022), Nov. 25, 2022, 5:05 p.m. (Unknown duration).

Documentation is often either put in the too hard basket, or created once and put on the shelf to gather dust, unused. What would it be like to work in a place where security is powered in large part by documentation and runbooks? Where security is founded on and improved by documentation? And how could you improve your own workplace with better docs? Come and hear some real examples and practical tips as Nick from GitLab shares what makes an effective runbook, how collaboration keeps them fresh & accurate, and how great docs set you up for security automation. It's not rocket science, but by seeing how it works in practice you'll hopefully be inspired to get that keyboard clacking to power improved security. Visit https://gitlab.com/nmalcolm/nmalcolm/-/issues/1 for the slides and links to other resources.

Presenters:

  • Nick Malcolm - GitLab
    Nick specialises in Application Security and is an AppSec Engineer at GitLab, and has previously been a consultant in roles like Cloud Security & Governance. He regularly presents at meetups and conferences, including CHCon 2020, OWASP Day 2020 and 2017, CyberCon AU 2018, and AppSec AU 2017.

Links: