Reto Kaeser

You can’t hack what you can’t see

The 'castle and moat' is a myth. With 80% of traffic moving laterally, your biggest threat is already inside your perimeter.

You can’t hack what you can’t see
#1about 3 minutes

The cultural shift from DevOps to DevSecOps

DevOps succeeded by fostering a culture of shared responsibility, and now security must be integrated to break down the final silo.

#2about 8 minutes

Integrating security into requirements and design phases

Proactively address security by defining abuse cases during requirements and classifying or anonymizing data during the design phase.

#3about 5 minutes

Hardening the CI/CD pipeline with automated security tools

Shift security left by integrating automated vulnerability management for dependencies and continuous penetration testing into the CI/CD process.

#4about 3 minutes

Why traditional firewalls fail against internal east-west traffic

Most network traffic occurs internally between services (east-west), bypassing perimeter firewalls and exposing a soft interior to application-level attacks.

#5about 3 minutes

Moving from perimeter defense to workload microsegmentation

Protect against internal threats by decoupling security from the network and applying logical firewalls directly to each workload through microsegmentation.

#6about 4 minutes

Applying Zero Trust principles with security as code

Implement a Zero Trust model by having developers define workload communication intentions as code, which automatically generates and enforces security policies.

#7about 2 minutes

The benefits of a modern workload-centric security architecture

Adopting a Zero Trust, workload-centric model provides benefits like increased agility, complete application-level visibility, automated compliance, and real-time forensics.

#8about 1 minute

A developer's responsibility to build secure software

Developers must take ownership of security by adopting a paranoid mindset to build more resilient software in an increasingly dangerous cloud environment.

Related jobs
Jobs that call for the skills explored in this talk.

Matching moments

The security risks of AI-generated code and slopsquatting
05:55 MIN

The security risks of AI-generated code and slopsquatting

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

Europe's push for digital independence from US tech
05:17 MIN

Europe's push for digital independence from US tech

WeAreDevelopers LIVE – AI, Freelancing, Keeping Up with Tech and More

Building trust through honest developer advocacy
02:48 MIN

Building trust through honest developer advocacy

Devs vs. Marketers, COBOL and Copilot, Make Live Coding Easy and more - The Best of LIVE 2025 - Part 3

The security challenges of building AI browser agents
06:33 MIN

The security challenges of building AI browser agents

AI in the Open and in Browsers - Tarek Ziadé

Prompt injection as an unsolved AI security problem
07:39 MIN

Prompt injection as an unsolved AI security problem

AI in the Open and in Browsers - Tarek Ziadé

Final advice for developers adapting to AI
03:07 MIN

Final advice for developers adapting to AI

WeAreDevelopers LIVE – AI, Freelancing, Keeping Up with Tech and More

Preventing exposed API keys in AI-assisted development
03:45 MIN

Preventing exposed API keys in AI-assisted development

Slopquatting, API Keys, Fun with Fonts, Recruiters vs AI and more - The Best of LIVE 2025 - Part 2

The role of a freelancer integrated within a team
01:53 MIN

The role of a freelancer integrated within a team

WeAreDevelopers LIVE – AI, Freelancing, Keeping Up with Tech and More

Featured Partners

Related Videos

See all videos
Simple Steps to Kill DevSec without Giving Up on Security21:53

Simple Steps to Kill DevSec without Giving Up on Security

Isaac Evans

DevSecOps: Security in DevOps33:20

DevSecOps: Security in DevOps

Aarno Aukia

Typed Security: Preventing Vulnerabilities By Design58:19

Typed Security: Preventing Vulnerabilities By Design

Michael Koppmann

Climate vs. Weather: How Do We Sustainably Make Software More Secure?51:41

Climate vs. Weather: How Do We Sustainably Make Software More Secure?

Panel Discussion

Why Security-First Development Helps You Ship Better Software Faster22:18

Why Security-First Development Helps You Ship Better Software Faster

Michael Wildpaner

Walking into the era of Supply Chain Risks37:36

Walking into the era of Supply Chain Risks

Vandana Verma

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?27:36

Unleashing the Power of Developers: Why Cybersecurity is the Missing Piece?!?

Tino Sokic

What The Hack is Web App Sec?24:01

What The Hack is Web App Sec?

Jackie

Related Articles

View all articles
CH
Chris Heilmann
Dev Digest 138 - Are you secure about this?
Hello there! This is the 2nd "out of the can" edition of 3 as I am on vacation in Greece eating lovely things on the beach. So, fewer news, but lots of great resources. Many around the topic of security. Enjoy! News and ArticlesGoogle Pixel phones t...
Dev Digest 138 - Are you secure about this?

From learning to earning

Jobs that call for the skills explored in this talk.