Sonya Moisset

오픈 소스 소프트웨어 보안 핸드북 — 프로젝트 보안을 위한 최선의 방법

I translated my handbook on how to secure open source projects using GitHub tools in Korean. 이 핸드북에서는 데브시큐어옵스 접근 방식의 채택, 오픈 소스 취약점 대응, 보안 업무 자동화, 자산 파악 및 개발자에 대한 보안 교육 등 오픈 소스 프로젝트의 보안 상태를 개선할 수 있는 주요 단계에 대해 알아볼 수 있습니다.

Article/Publication / 11-19-2024

Guía de seguridad para software de código abierto — Mejores prácticas para asegurar tus proyectos

I translated my handbook on how to secure open source projects using GitHub tools in Spanish. En esta guía, descubrirás los pasos clave que puedes seguir para mejorar la seguridad de tus proyectos de código abierto, incluyendo la adopción de un enfoque de DevSecOps, abordar las vulnerabilidades de código abierto, automatizar las tareas de seguridad, conocer tus propios activos y proporcionar capacitación en seguridad a los desarrolladores.

Article/Publication / 11-18-2024

Guide de sécurité pour les logiciels open source — Meilleures pratiques pour sécuriser vos projets

French version of my handbook on how to secure open source projects using GitHub tools. Dans ce guide, vous découvrirez les étapes clés que vous pouvez suivre pour améliorer la sécurité de vos projets Open Source, notamment en adoptant une approche DevSecOps, en traitant les vulnérabilités Open Source, en automatisant les tâches de sécurité, en connaissant vos propres actifs et en proposant une formation en sécurité aux développeurs.

Article/Publication / 11-17-2024

Securing AI: A Practical Guide to AI Threats and Mitigation Strategies

Deep dive into the types of threats outlined by OWASP and beyond. You’ll learn concrete, actionable steps to protect your teams AI projects from the biggest threats and get a chance to grasp the gravity of AI security by live-hacking AI applications/LLMs. Demo of GitHub Copilot, how to use it, and how to secure vulnerable code. Implement tools to increase the visibility of vulnerabilities within your pipeline.

Speaking (conference/usergroups) / 11-14-2024

Code Fast, Secure Smarter The Dual Path of AI Development

Webinar for Ladies Hacking Society organisation on risks in using gen AI in coding, how to get around the vulnerabilities, how to (and not to) use GitHub Copilot in your IDE and more

Speaking (conference/usergroups) / 07-30-2024

CodeSecDays - How to augment DevSecOps with AI?

Roundtable on GenAI's dual role in cybersecurity. Discussions on threat mitigation versus internal tool adoption, securing coding assistants, leveraging LLMs in supply chain security, and valuable insights on harnessing GenAI to enhance your DevSecOps practices.

Speaking (conference/usergroups) / 06-27-2024

CodeSecDays - How to build a better security and developer relationship?

Roundtable discussion on overcoming challenges in software supply chain security, focusing on open-source dependencies and DevSecOps collaboration. Discussions on improving security and developer relationships, leveraging emerging tools, and addressing fragmentation in security solutions.

Speaking (conference/usergroups) / 06-20-2024

An Intro to DevSecOps

This video is for students interested in cybersecurity and DevSecOps and using TryHackMe (4 million users). An introduction to DevSecOps, and answering commonly asked questions from the TryHackMe community. Demo of the GitHub Marketplace to showcase security tools and how they can be implemented for their new DevSecOps learning path. Explanation of CI/CD pipeline and how you can leverage tools using GitHub.

Video/Podcast / 05-30-2024

Community Contributions

오픈 소스 소프트웨어 보안 핸드북 — 프로젝트 보안을 위한 최선의 방법

Guía de seguridad para software de código abierto — Mejores prácticas para asegurar tus proyectos

Guide de sécurité pour les logiciels open source — Meilleures pratiques pour sécuriser vos projets

Securing AI: A Practical Guide to AI Threats and Mitigation Strategies

Code Fast, Secure Smarter The Dual Path of AI Development

CodeSecDays - How to augment DevSecOps with AI?

CodeSecDays - How to build a better security and developer relationship?

An Intro to DevSecOps

Related Stars

Sonya Moisset

Community Contributions

오픈 소스 소프트웨어 보안 핸드북 — 프로젝트 보안을 위한 최선의 방법

Guía de seguridad para software de código abierto — Mejores prácticas para asegurar tus proyectos

Guide de sécurité pour les logiciels open source — Meilleures pratiques pour sécuriser vos projets

Securing AI: A Practical Guide to AI Threats and Mitigation Strategies

Code Fast, Secure Smarter The Dual Path of AI Development

CodeSecDays - How to augment DevSecOps with AI?

CodeSecDays - How to build a better security and developer relationship?

An Intro to DevSecOps

Related Stars

Thiago Avelino

Barbara Forbes

Daniel Stenberg

Gleb Bahmutov