Level Up Your Security Skills

Welcome to SecureChainCon, the premier online micro-conference for DevOps and Security professionals, proudly hosted by the Ortelius open-source community! Get ready for a half-day of engaging sessions and invaluable learning designed to keep you ahead in the fast-paced world of software security and DevOps automation. Our lineup of expert speakers from top organizations will share their insights, best practices, and real-world case studies on seamlessly integrating security into DevOps workflows.

KeyNotes:

• Tracy Bannon, Mitre “#NoHobbyists – What’s Really Needed to Shift CyberSecurity?”

Cybersecurity in software development is often treated as an afterthought, left to developers who must self-educate and experiment in their spare time. The #NoHobbyists movement challenges this status quo, advocating for a fundamental shift where cybersecurity is not a side project but a core discipline, fully integrated throughout the Software Development Lifecycle (SDLC). This presentation outlines a holistic approach to embedding security across people, process, technology, and culture. Instead of merely shifting security “left” in the SDLC, the proposal argues for shifting security everywhere, making it an inherent responsibility for all stakeholders, from developers to executives. Key strategies include the adoption of the Secure Software Development Framework (SSDF), threat modeling as a collaborative practice, and leveraging industry best practices such as OWASP, NIST SP 800-218, and secure coding standards.

• John Willis, Botchagalupe “AI-Powered Code Parsing and Semantic Analysis for DevOps Pipelines”

As software development ecosystems grow increasingly complex, the need for intelligent DevOps automation in script analysis and dependency management becomes critical. Join Jon Willis as he explores cutting-edge tools and techniques that leverage AI-driven code parsing and semantic analysis to enhance DevOps workflows. He will discuss the application of Large Language Models (LLMs) such as GPT-4, CodeBERT, and OpenAI Codex in parsing infrastructure and automation scripts, including Jenkinsfile, Dockerfile, Makefile, GitHub Actions, and Terraform. These models facilitate the identification of dependency installations (e.g., apt-get install, pip install, npm install) and pinpoint update points within scripts.

Secrets Unveiled

How Employers Find (and Hire) Top Talent

A panel discussion with Erin Lovern and Buffi Gresh

This panel discussion brings together two experienced technical recruiters who will share insights into how they leverage LinkedIn to identify and connect with top talent. They will reveal the strategies they use to search for candidates, what makes a profile stand out, and the common red flags they encounter.

For job seekers, the panelists will provide practical tips on networking effectively, the importance of LinkedIn, and applying for jobs in a way that captures recruiters’ attention. They will also discuss the do’s and don’ts of job applications, including how to navigate applicant tracking systems (ATS) and tailor applications for maximum visibility.

This interactive session will provide attendees with actionable advice to enhance their job search or recruitment process, bridging the gap between hiring managers and candidates in the digital age.

About the Presenters:
Erin Lovern is CEO and Founder of Grove Talent Group. Erin has extensive experience leading exponential growth within technology companies, both pre and post IPO. She brings a passion for helping organizations leverage talent acquisition as a competitive advantage by using a data-driven approach to hiring, eliminating biases through the development of core competencies and success measures to build the strongest, most inclusive teams possible.

Buffi Gresh is Chief of Staff, VP Global Business Operatons for Ensono. Buffi is a DevOps Leader, speaker working with hyper-growth companies on Business Value Modeling, Enablement, Thought Leadership, Business Development and Product GTM. Buffi has an MS Degree in Computer Science - Lehigh University / BS Physics & Mathematics / MSFT Certification / Cloud Certification

Register Today

Join Open Source Developers in Denver

Attend CDCon, held at Open Source Summit 2025 in the mile high city of Denver Colorado.

Why You Should Attend:

Open Source Summit is the premier event for open source developers, technologists, and community leaders to collaborate, share information, solve problems, and gain knowledge, furthering open source innovation and ensuring a sustainable open source ecosystem. It is the gathering place for open-source code and community contributors.

Open Source Summit is a conference umbrella, composed of a collection of events covering the most important technologies, topics, and issues affecting open source today including CDCon where DevOps is explored and improved.