2024-11-23 –, Ngaio Marsh Theatre
I finally work somewhere which cares about security! These are the tools we're using to improve our products.
There are any number of talks about security tools for web development but very few for IoT. In my new job we're using Github (Dependabot, Secrets Manager, CodeQL), SonarQube, Mend, Nessus and others. I will go through how we use these and how useful they are, particularly because we're using Yocto which isn't directly supported by some of these.
I’ve been an embedded developer for 20 years. I haven’t bothered learning web development because I still think the internet is a passing fad, but I’ve been forced to think about security after we added networking to our products