DevOpsDays Zürich

Derek Yu &
David Sommer

31 May - 1 June 2022 | Alte Kaserne Winterthur

Derek Yu

Principal Security Consultant @ Zühlke Engineering AG

Derek comes from Taiwan and currently works at Zühlke Engineering in Zurich as a Principal Consultant in Cybersecurity. He did his doctoral studies at ETH Zurich in computer science, focusing on web security, secure routing, applied cryptography, and various system security topics. His day-to-day tasks include establishing sustainable security development processes, IoT security design, and developing client business in cybersecurity. At work, Derek finds the most fun in designing effective security measures that are friendly to users and developers; outside of work, Derek likes the occasional bouldering.

  • LinkedIn
  • LinkedIn

David Sommer

Lead Security Consultant @ Zühlke Engineering AG

"Security is a design principle!" This is my conclusion after being involved in secure software development since my teens, while financing studying Physics as a security analyst, and finally receiving a PhD in Security and Privacy from ETH Zurich. Now, I follow my passion at Zühlke and try to make the digital world a more secure place. With expertise in designing and establishing secure protocols, the most fun part of my job is breaking these and improving business processes with the won experiences.


Cybersecurity Beyond Automation

Automated security testing has elegantly addressed many cybersecurity concerns in modern software development. Besides incorporating security gates in CI/CD pipelines, however, there are additional measures to ensure that our innovation can withstand the growing threat landscape. In this talk, we will share our experiences in applying critical security best practices that help protect your customers’ data and ensure business continuity. We put these security practices in the context of relevant industry standards to show a holistic view of a mature security development lifecycle.