Today I attended the Italian RubyDay with a talk about application security. More in details the talk was about how to use ruby to automate some security tests as described in the Owasp Testing Guide.

Something about the community

Meanwhile the afternoon talks’ session is still ongoing, I can tell about the good vide I had from this experience. This was the first time I gave a talk for a software developer conference and I was really nervous this morning.

Actually when talking in Owasp Conferences we are all in the same IT area, with the same skills and the same expertize… well, true to be told, there are a lot of great hackers at Owasp conference.

Talking about security in a for developers conference is a truly amazing experience. It’s like playing a soccer play as away team.

Ruby Italian community is small if compared to #java, #php or #js ones. I think that it’s driven by some resilience into the enterprise world to adopt new technologies.

We’re still stucking into the #java, #spring, #hibernate and #oracle architectural pattern.

Something doesn’t change

As far as this morning slides weren’t yet ready. The same old story applied. A lot of stuff to do at work, Daniele drawing energies, my knee asking for recovering and my sleeping needs, drove away from preparing a good talk in those weeks.

This morning on the underground I packed up the posts I’m writing on ruby for pentester topic in a keynote and arranged my rubygems for the demo time.

Everything was fine, demos were affected by the demo effect and something didn’t work but I was very satisfied about the talk goes.

People made questions. People were interested in appsec topics.

It seems that developers do care about security and they want to learn more.

Something I learnt today

Talking at developers conferences is fun. There are a lot of smart guys to talk with, a lot of wine and interesting talks about new technologies.

As far as ruby programming language is strictly tied with the startup world, there is a lot of energy in making business, inventing new services, creating something new.

And in Italy we do need something new.

Ruby developers are either interested in #appsec topics. They are trained to test their code with tdd and bdd so introducing some sort of security tests is just a matter of habits.

Here it is my talk slideshow. Enjoy it.