AppSec & DevSecOps Singapore schedule

• Practical use cases for AI-driven security in CI/CD pipelines
• Automating code review and threat modelling with minimal friction
• Improving detection accuracy and reducing false positives
• Operating and governing AI-assisted security tooling at scale 

• Strategies to increase development velocity without compromising security standards
• Designing pipelines and controls that scale with fast-moving engineering teams
• Managing risk and accountability in highly automated development environments
• Cultural and operational changes needed to embed security into everyday delivery

 Speakers
Reuben Athaide Head Innovation, Application Security and Assurance
Standard Chartered 

• Best practices for integrating SAST, DAST, and runtime protection into CI/CD pipelines
• Modern threat modelling techniques and secure coding practices for high-velocity teams
• Balancing security coverage with development speed to avoid bottlenecks
• Case studies of AppSec adoption at scale without slowing innovation

• What you’ll learn: How to implement robust identity and access controls in CI/CD pipelines without slowing development
• Practical strategies for managing secrets, service accounts, and role-based access in automated workflows
• Balancing developer agility with strict security policies to prevent breaches and insider threats
• Integrating identity management tools into DevSecOps workflows for continuous monitoring, auditing, and compliance 

• Strategies for restoring systems quickly while preserving security and compliance
• Maintaining team productivity and workflow continuity during and after incidents
• Practical approaches to learning from every incident: improving processes and preventing repeat issues

• Embedding security controls into CI/CD workflows to protect API endpoints
• Threat modelling and risk mitigation for API-driven applications
• Balancing rapid API innovation with robust security practices 

• Integrating security practices from design to deployment in Agile workflows
• Upskilling engineers and staff to maintain security resilience under pressure
• Creating a culture where security is a shared responsibility, not an afterthought 

• Architecting CI/CD workflows to maintain continuity during breaches or system failures
• Best practices for rapid recovery and minimising downtime after security incidents
• Building robustness into DevSecOps processes: redundancy, fail-safes, and automated safeguards 

• Leveraging threat intelligence to proactively protect software and pipelines
• Advanced techniques: adversarial simulation, red teaming, and vulnerability management
• Using insights from real-world attacks to inform CI/CD security policies
• Embedding intelligence into automated pipelines for continuous risk awareness