Talks
Conference Talks & Presentations
Here you’ll find my conference talks, workshops, and presentations.
Attackers Guide to CI/CD
DevOpsDays Ljubljana 2025 | September 13, 2025 | Ljubljana, Slovenia
Exploring CI/CD security from an attacker’s perspective, demonstrating common vulnerabilities and exploitation techniques.
Breaking The Box
DCTF25 | March 29-30, 2025 | Ljubljana, Slovenia
A deep dive into container security, covering fundamental concepts, benefits, and potential vulnerabilities. Topics include:
- Container basics: lightweight, portable, and executable software packages
- Container properties: isolation, encapsulation, and resource restriction
- Container security considerations: running as root by default, Docker daemon implications
- Kernel security features: Seccomp, AppArmor, and SELinux
- Real-world container breakouts and exploitation demonstrations
Containers: A peek under the hood
DCTF24 | April 13, 2024 | Ljubljana, Slovenia SecTalks LJU0x1A | March 27, 2024 | Ljubljana, Slovenia
An introduction to container technology fundamentals, focusing on how containers work and their security implications:
- Namespaces and their role in isolation
- Control groups (cgroups) for resource management
- Chroot and capabilities for confinement
- How misconfigurations lead to security vulnerabilities
- Demo-heavy presentation with practical examples
Video on YouTube | Slides & Notes | Meetup event
GitLab CI Language Server
DevOpsDays Ljubljana 2024 | Ljubljana, Slovenia
Addressing the challenges of managing complex GitLab CI YAML files and presenting a practical solution to simplify workflows:
- Challenges of large GitLab CI configurations
- Introduction to gitlab-ci-ls: a GitLab CI Language Server
- Features: Go To Definition, Find References, autocompletion, hover information, diagnostics
- Practical tips for managing CI/CD pipelines at scale