Application Security

Security should not be an afterthought to the development process. Yet, many organizations see developers and security engineers as separate disciplines. We like to differ.

DevSecOps Benelux is an alliance of experts, consultants and tooling vendors with a focus on knowledge sharing and promotion of application security.

Learn more Join Meetup

The Application Security Landscape

Application Security starts where the protection of the application delivery infrastructure ends. Firewalls, access policies and network security cannot protect against attacks on vulnerabilities in the application logic, the cloud architecture or the user's endpoint.

SAST, DAST and IAST

Analysis of Application Code.

RASP

Real-time protection against zero day vulnerabilities through virtual patches.

SCA

Software Component Analysis highlights problems in 3rd party libraries.

Security Awareness

Developers learn about security with rich context and actionable advice.

Cloud Security Orchestration

Integrity and safety of containers.

Datacenter Security

Protection against memory dumps or unsanctioned access from within.

Mobile Endpoint Security

Protection against flaws in the user's browser or device.

Secure Software Development

To make it stick, security must be implemented in the development lifecycle.

Our Mission

The goal of DevSecOps is to integrate security into the development lifecycle and better integrate the development and security responsibilities within an organization

Our mission is to bring professionals and experts together to exchange knowledge, share best practices and learn about tools and processes that support the transition to an integrated development and security operation.

We do this by organizing meetups and webinars with speakers from the industry sharing experience in the field. And by organizing hands-on workshops with products and services of industry leaders.

Learn more Get a free advice

Upcoming Meetups

Join us for the upcoming meetups.

Open Source Vulnerabilities in Software Development - Am I really exposed?

October 15th 15:00 CET

Vulnerabilities in Open Source libraries are found and published. Many tools are available to scan your project for the libraries in your build, their exact version and whether these have a known vulnerability. But that doesn't mean that your application is vulnerable. Found out what the latest insights are in OSA exposure assessment.

register

Panel Discussion - Automation: Hype or Fate?

August 6th 15:30 CET

One of the goals of DevSecOps is to build security testing into the development process. There are many tools and best practices to achieve this across the development life cycle. What are the limitations of automation and what is the influence of the human factor? Is further automation our fate as tools become smarter? Or do we need to focus on human processes to keep the hype in check?

view replay

The forgotten attack surface; How to test your API

July 2nd 16:00 CET

In this online Meetup we will talk about the challenges of security testing API's, how to approach the subject in the CD/CI pipeline and how to foster awareness of the threats in API programming. With Martin Knobloch of OWASP and Frans van Buul of Webinspect.

Security Awareness & Skill Development for Coders - tips for working from home

April 23rd 16:00 CET

In this session we will look at Security Awareness, Coding Skills, Code Bashing and how to make Appsec Education fun & time effective.

view replay

Mobile App Security; New attack vectors (and how to defend)

April 2nd 16:00 CET

In this session we will look at the security aspects of Mobile Applications and Devops: How to secure your mobile apps and what are the new attack vectors. With Alex Wimmer and Morten Ruud of Promon.

view replay

Stay up to date!

Be the first to know of our next meetups, webinars an workshops.