GET /congress/2025/event/a022566b-f89e-4025-bebe-ad239d018602/?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept
{
"id": "a022566b-f89e-4025-bebe-ad239d018602",
"kind": "sos",
"name": "Security for small engineering teams",
"slug": "security-at-startupssmall-teams",
"url": "https://api.events.ccc.de/congress/2025/event/a022566b-f89e-4025-bebe-ad239d018602/?format=api",
"track": null,
"assembly": "sos",
"room": "c2d2090b-32f1-48e9-9233-b43de3066aa6",
"location": null,
"language": "en",
"description": "https://docs.google.com/presentation/d/1DpV4sVjJ__9z0k74aTIG5l8h2qM3nG-9caeSTv6Suig/edit?usp=sharing\r\n\r\nAvailable until day 3 + 7 days. Contains contact and slides.\r\n\r\nThe only skipped slide is the one about rulesets, it also contains an OSS release for compliance work.\r\n\r\n--------\r\n\r\n\r\nHow do you manage security in small software engineering teams or startups (2-50 people)?\r\nWhat did you implement? Which changes did you implement or push for as a security person?\r\n\r\nI previously worked at a small NGO and startup and want to create a space to share experiences.\r\n\r\nInitially, I'll give some insights about what I implemented in the past year, however the goal is to have a discussion.\r\n\r\nTopics might include:\r\n- Fuzzing\r\n- Responsible disclosure (both incoming and outgoing)\r\n- DefectDojo, Dependabot and SecObserve\r\n- GitHub's security features\r\n- Static analyzers ranging from Semgrep to Zizmor\r\n\r\nPut in notes here if you want to join! https://cryptpad.fr/pad/#/2/pad/edit/3iZ8MLCkX9I3xcTsh6uc2LwA/",
"schedule_start": "2025-12-29T17:00:00+01:00",
"schedule_duration": "00:50:00",
"schedule_end": "2025-12-29T17:50:00+01:00"
}