Behaviour-aware Security Smell Detection for Infrastructure as Code
Presentation, 22nd Belgium-Netherlands Software Evolution Workshop, Nijmegen, Netherlands
Presentation, 22nd Belgium-Netherlands Software Evolution Workshop, Nijmegen, Netherlands
Presentation, 2nd Workshop on Configuration Languages, Cascais, Portugal
Demo, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
Breakout session, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
DevOps has transformed software development and deployment by promoting seamless collaboration between teams to boost speed, reliability, and innovation. Infrastructure as Code (IaC), managing computing infrastructure through executable source code, plays a central role, ensuring predictability, efficiency, and reliability. For instance, Ansible serves as a versatile IaC tool, simplifying configuration management and automation, while Docker packages apps and their dependencies into isolated containers for consistent execution, and Helm streamlines Kubernetes app management. In this session, we explore IaC security challenges, including Ansible vulnerability detection techniques, Docker container package monitoring, and insights from Helm chart security analysis. Learn how to address security challenges in these popular IaC tools.
Presentation, 23rd IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM'23), Bogotá, Colombia
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Presentation, Dagstuhl Seminar 23082 "Resilient Software Configuration and Infrastructure Code Analysis", Dagstuhl, Germany
In this talk, we present our journey towards and our experiences in transposing static analyses from application to infrastructure code.
Demo, Cybersecurity: Strategic research and industry impact, Mechelen, Belgium
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Poster, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Online
Presentation, 20th Belgium-Netherlands Software Evolution Workshop (BENEVOL'21), Virtual (originally 's-Hertogenbosch, Netherlands)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
Presentation, 18th International Conference on Mining Software Repositories (MSR'21), Virtual (originally Madrid, Spain)
Presentation, 28th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER'21), Virtual (originally Honolulu, Hawaii, USA)
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Presentation, 20th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM2020), Virtual (originally Adelaide, Australia)
Presentation, 18th Belgium-Netherlands Software Evolution Workshop (BENEVOL'19), Brussels, Belgium