Sonya Moisset

View SonyaMoisset on GitHub

France

👋 Bonjour! I’m a Principal Security Engineer and a lifelong traveler who lived in the Middle-East, North Africa and Asia. Always looking for new challenges - I made a career change from International Business Consultant in 🇹🇳, 🇸🇦 and 🇸🇬 to Full Stack Software Engineer in 🇰🇷 to Principal Security Engineer in the 🇬🇧. 💖 Passionate about Open-source, DevSecOps and Cloud Computing 💻 Founder of Epic Women in Cyber/Epic Women in Tech ☁️ OpenUK Ambassador 👾 Snyk Ambassador 👩‍🎤 Ambassador at Girlcode 🛡️ Member of OWASP, LLHS and Women in Cloud ✍️ Writer for FreeCodeCamp 🎤 Public speaker & Tech advocate 🧠 INTJ-A 😀🌍🇫🇷🌈🦄🍱✈️💻☕️🎧🎬📷🕹️

Community Contributions

All Articles Video/Podcast Speaking Other Blog posts

Speaking (conference/usergroups) / 11-18-2021

DevSecCon Keynote Panel - Shifting left isn't enough - Why there's much more to achieving dev-first security

We’ve seen and heard plenty when it comes to shifting left, but what happens when you want or have to take your security even further? Where do you go and how do you get there? We talked about Security tooling and what could be the future for DevSecOps

Speaking (conference/usergroups) / 11-12-2021

Mastering migration: Building the right control environment for your business @ DTX Conference

Panel on what to take into account when doing cloud migration - what are the Security considerations to keep in mind

Speaking (conference/usergroups) / 11-09-2021

CSA UK AGM 2021: Diversity in Cyber Panel / Respect in cyber

The panel addresses questions: "Are we doing enough to attract diverse talent in industry? What changes would you like to see in the industry?"

Speaking (conference/usergroups) / 11-02-2021

Get To Know The Enemy: Hacker Motivations And Attack Techniques @ Women of Silicon Roundabout

Cybercrime is becoming increasingly expensive and widespread in every industry and data are among the most lucrative targets for hackers to make a quick profit. Malicious activities affecting companies are sophisticated and often difficult to mitigate. It is time for the companies to understand cybercrime, hacker motivation, attack techniques, and collaboration among threat actors.

Other / 10-19-2021

Snyk Ambassador

Really honoured to be a Snyk Ambassador and for giving me this opportunity to give back to the community -> https://snyk.io/snyk-ambassadors/

Speaking (conference/usergroups) / 09-29-2021

Keep Calm and Protect Your Open Source Projects @ Secure Coding Summit

How to secure your open source project using tools and GitHub Actions from the GitHub Marketplace - this includes Snyk, WhiteSource, GitGuardian, Datree, GuardRails, Dependabot, and many others

Speaking (conference/usergroups) / 09-23-2021

Dev(Sec)Ops: It’s people all the way down

A panel on DevSecOps and the interactions with developers - Security should not be siloed, what DevOps with Security really means

Speaking (conference/usergroups) / 09-06-2021

Get out of my cloud! Preventing a data breach @ Cyber Security & Cloud Expo

Panel on best practices on Cloud migrations, applying best security controls and preventing data breaches

Video/Podcast / 08-13-2021

Cyber Security Career Interview

CREST invited me for a session where I talked about my initiatives Epic Women in Cyber and Epic Women in Tech, my role at Photobox, my experience at Pride in London securing an open-source project using tools and applications from the GitHub marketplace and many other things.

Video/Podcast / 07-21-2021

Epic Women In Cyber | A Conversation With Sonya Moisset

Sonya Moisset is a long time techie and an epic woman in Cybersecurity. She walks us through her professional metamorphosis and how her experiences have shaped who she is today. Sonya is an advocate for women and inclusion in Cybersecurity. Not only does she mentor women through her initiatives but she inspires all by example by being a voice for so many across the world.

Article/Publication / 07-20-2021

Women in Cybersecurity: bridging the gender gap

Interview on diversity in the Cybersecurity field and how to bring more women to work in this field

Speaking (conference/usergroups) / 06-17-2021

Closing the security gap in your third-party connections @ Cloud Security Expo

Panel on Zero Trust model and supply chain attacks

Speaking (conference/usergroups) / 06-08-2021

Women in Cybersecurity

Conversation with Cajigo on how to attract more diverse talents into the Cybersecurity industry

Video/Podcast / 06-08-2021

The extraordinary journey into Cybersecurity

My journey from Business to Cyber, how to build a brand as a developer and the initiative “Epic Women in Cyber/Tech”, how to use the GitHub marketplace to secure your Open Source project (GitHub Actions, Dependabot, GitHub Boards, Security best practices, ...)

Speaking (conference/usergroups) / 06-02-2021

Security Best Practices for Cloud Technologies and How to Apply a Frictionless Model @ CloudTalkOnline 2021

Panel on how to apply Security best practices for cloud and implement Security tooling (scanning dependencies, secrets, code quality, etc)

Speaking (conference/usergroups) / 04-14-2021

Keep Calm and Secure Your CI/CD Pipeline @ Scot-Secure 2021

In her talk, Moisset discussed some of the practical tools that groups can use to keep CI/CD pipelines secure. In terms of scaling cybersecurity operations, she noted that there is a wealth of open-source resources available on sites like GitHub. (GitHub Marketplace) This allows organisations to leverage the expertise of an entire community to create security solutions. Not only does this help to develop best practices, sharing insights helps everyone better understand new threats and new solutions as they emerge.

Speaking (conference/usergroups) / 03-08-2021

The Code is Chaos - No One is Immune @ TECH(K)NOW DAY

Talk given at the TECH(K)NOW DAY Conference for the International Women's Day 2021 on Cybersecurity. Using GitHub marketplace to implement Security practices (Dependency Graph, Dependabot, Snyk)

Article/Publication / 03-03-2021

Cybersecurity in Healthcare Organizations

Healthcare cybersecurity then represents a critical issue, as patient health records contain an immense amount of personal and sensitive information. With the current sanitary crisis we are facing, cybersecurity threats are very likely to continue on increasing. Thus, it has become crucial that healthcare organizations implement strong security systems and embrace the technology development that will ensure better protection of data and information in the future.

Speaking (conference/usergroups) / 01-27-2021

Keep Calm and Secure Your CI CD Pipeline @ DevOpsTV

In this session, we’ll be focusing on work done with Pride in London (a project using Gatsby2, Contentful and Netlify) and showing you how to create a secure continuous integration/continuous deployment pipeline. You’ll learn how GitHub Marketplace helped the team automating and improving our workflow with different tools for accessibility, code coverage, code review, code quality, security and other functionalities (ChatOps with Slack). You’ll also find out what OWASP is and how to improve the workflow for your own open source projects using GitHub Marketplace applications.

Video/Podcast / 12-21-2020

Making Cyber Possible @ CyberPreserve

Challenges in the area of Cyber, how to secure open source projects using GitHub Actions and tools from the GitHub marketplace

Article/Publication / 12-11-2020

The key role of cybersecurity during lockdown

As the pandemic slowly made its way all around the world, most businesses and organizations had to send their workers home. Due to this, a lot of infrastructures and systems have been at risk of major cyberattacks and phishing. Armed with new technologies and techniques, the lockdown gave cybercriminals the perfect opportunity to target these vulnerable structures and networks.

Speaking (conference/usergroups) / 11-20-2020

DevSecOps Panel @ Puppetize Digital Conference

How organisations are integrating security into the delivery lifecycle, which practices they are adopting and important metrics to track.

Article/Publication / 11-03-2020

Epic Women in Tech

Initiative to showcase Epic Women in Cyber and learn more about their journey

Speaking (conference/usergroups) / 07-16-2020

Keep Calm & Fasten Your Seatbelt: Tips for web security @ WDD Conference 2020

Modern web development has many challenges and security is both very important and often under-emphasised. Many of today’s security professionals are beginning to recognise that unprotected web applications have become attractive targets for cybercriminals looking for easy entry points into their networks. It’s time to get serious about Web App Security!

Blogpost / 06-30-2020

My journey at Pride in London

A blogpost for Pride month on the work my team is doing on the Pride in London website and mobile applications - two open source projects using GitHub features and the GitHub marketplace (GitHub board, GitHub actions, CodeQL, Dependabot...)

Speaking (conference/usergroups) / 04-06-2020

How to protect your open source project | Case Study @ PickJS Conference

Webinar on cybersecurity, web application security and how to secure an open source project using the GitHub marketplace

Speaking (conference/usergroups) / 03-09-2020

The Code Of Chaos - No one is immune

Talk given at the JS Monthly International Women's Day 2020 on Cybersecurity

Speaking (conference/usergroups) / 03-02-2020

Keep Calm and Secure Your CI/CD Pipeline @ QCon London

I described how GitHub Marketplace helped Pride in London automating and improving our workflow with different tools for accessibility, code coverage, code review, code quality, security and other functionalities (alerting with Slack). I talked about what OWASP is and how to improve the workflow for open source projects using GitHub Marketplace applications.

Speaking (conference/usergroups) / 02-08-2020

Keep Calm and Fasten Your Seatbelts @ Time to React

A talk about security and hacking, supply chain attack, dependency checking, and which tools you can use on the GitHub marketplace to protect your projects (Dependabot, Snyk, ...)

Article/Publication / 11-01-2019

Epic Women in Cyber

Initiative to showcase Epic Women in Cyber and learn more about their journey

Article/Publication / 08-01-2019

Keep Calm and Hack The Box

Series of blogpost for FreeCodeCamp on Hack The Box machines for beginners