Foredrag, workshops og skreddersydde kurs

Secretless access to Azure SQL server using Managed Identity - Hallstein Brøtan

Traditionally, the connection string to the Azure SQL database contains both username and password. Even if you store these credentials in Azure Key Vault, a password needs maintenance/rotation and it might end up in the wrong hands (for instance if sloppy developers keep the password on their development computers). I will demonstrate how your app can connect to the database without any credentials, using AAD authentication and Managed Identity.This method also works for other Azure resources.

You'll never use a password again!

Identity-Provider-as-Code – Lars Alexander

Wouldn't it be nice if you could configure your Identity Provider in a fast, consistent and repeatable way? You may already be using infrastructure-as-code solutions, like Terraform or Bicep, to create infrastructure in the cloud. But are you doing the same with your Identity Provider? In this talk, we'll discuss the benefits of using code to configure an Identity Provider, and look at how we can do this against Identity Providers like Okta, Auth0 and Azure AD. Including a quick, practical demo with Okta and Terraform.

Keeping our tech skills & mental health up-to-date – Leif Larsen

As developers we tend to put a lot of effort into keeping our tech skills up-to-date. But what about our mental state? In this talk, we will learn easy steps to implement for some key areas, in order for us to stay mentally healthy. These are short and concrete techniques, which can be utilized immediately.

Operational Security for Developers – Richard Sundby Anderssen

As with many things in life, the place to start is with yourself. And security is no exception. The easiest target is the human. But good routines help. In this lightning talk we'll discuss security habits you should consider as a developer; disk encryption including partitioning, package scanning, signing git tags and commits