Demo, Cybersecurity: Strategic research and industry impact, 3rd edition, Mechelen, Belgium
Demonstration of a Software Composition Analysis (SCA) for Ansible Infrastructure-as-Code plugins. The analysis identifies dependencies on third-party software. The outcome is used to comprehend the software supply chains of Ansible artifacts.
Breakout session, Cybersecurity: Strategic research and industry impact, 3rd edition, Mechelen, Belgium
In this session, we’ll review the essential tools for managing development dependencies (e.g., Maven, npm), deployment dependencies (e.g., Docker, Kubernetes), and infrastructure configurations (e.g., Ansible, Puppet) in the software supply chain—and highlight the unique security challenges that come with each. We’ll present the latest research into these security challenges, and demystify the inner workings of the newest tools designed to tackle them.
Presentation, 22nd Belgium-Netherlands Software Evolution Workshop, Nijmegen, Netherlands
Presentation, 2nd Workshop on Configuration Languages, Cascais, Portugal
Demo, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
Breakout session, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
DevOps has transformed software development and deployment by promoting seamless collaboration between teams to boost speed, reliability, and innovation. Infrastructure as Code (IaC), managing computing infrastructure through executable source code, plays a central role, ensuring predictability, efficiency, and reliability. For instance, Ansible serves as a versatile IaC tool, simplifying configuration management and automation, while Docker packages apps and their dependencies into isolated containers for consistent execution, and Helm streamlines Kubernetes app management. In this session, we explore IaC security challenges, including Ansible vulnerability detection techniques, Docker container package monitoring, and insights from Helm chart security analysis. Learn how to address security challenges in these popular IaC tools.
Presentation, 23rd IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM'23), Bogotá, Colombia
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Presentation, Dagstuhl Seminar 23082 "Resilient Software Configuration and Infrastructure Code Analysis", Dagstuhl, Germany
In this talk, we present our journey towards and our experiences in transposing static analyses from application to infrastructure code.
Demo, Cybersecurity: Strategic research and industry impact, Mechelen, Belgium
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Poster, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Online
Presentation, 20th Belgium-Netherlands Software Evolution Workshop (BENEVOL'21), Virtual (originally 's-Hertogenbosch, Netherlands)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
Presentation, 18th International Conference on Mining Software Repositories (MSR'21), Virtual (originally Madrid, Spain)
Presentation, 28th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER'21), Virtual (originally Honolulu, Hawaii, USA)
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Presentation, 20th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM2020), Virtual (originally Adelaide, Australia)
Presentation, 18th Belgium-Netherlands Software Evolution Workshop (BENEVOL'19), Brussels, Belgium