Fixing What’s Broken: One Line at a Time

Official Website link

• Fixing What’s Broken: One Line at a Time – Security Days Fall 2026

WS4-03 | March 27 (Fri) 10:00-11:30 | 5F | Workshop | Consecutive Translation

Workshop Overview

Security advice is often generic, disconnected, or overly idealistic — especially when applied to real-world systems made of tangled cloud setups, developer toolchains, fragile CI/CD pipelines, and unpredictable AI interfaces. In this workshop, we focus on doing security the way it actually works: fixing what’s broken, one config line at a time.

Guided by the NIST Cybersecurity Framework (Identify → Protect → Detect → Respond → Recover, with a dash of Governance), we walk through:

• Inventorying your environment using tools you already have
• Detecting dangerous misconfigurations in software and infrastructure
• Applying sustainable, code-driven protections to your pipelines and environments
• Responding to threats without overreaction
• Recovering with automation, not panic

Whether you’re dealing with cloud drift, CI/CD chaos, or prompt-injected hallucinations, this workshop gives you a holistic and practical defensive roadmap — ready to implement in real enterprise environments.

Learning Outcomes

• Build actionable inventories across software, infrastructure, and AI systems
• Identify and detect high-risk misconfigurations using SBOMs, IaC scans, and cloud tooling
• Apply secure-by-default configurations in CI/CD pipelines and cloud IAM
• Implement mitigation strategies for prompt injection and insecure AI behavior
• Map improvements to NIST CSF and defend security decisions to stakeholders

Audience Level

Beginner — The student has an interest in the topic presented and general technology knowledge that a power user or undergraduate student may have acquired.

Prerequisites

1. Personal Laptop with unrestricted internet access
2. Google Account with Access to Google Cloud Console & Cloud Shell (reference)
3. Personal GitHub Account
4. Discord Account for support

Due to the short duration of the workshop, dedicated troubleshooting support is not provided. If your system does not work, the recommended approach is to observe how others are progressing and try again after the workshop.

Event Information

• Event: Security Days Fall 2026 (Tokyo)
• Session Code: WS4-03
• Date & Time: March 27, 2026 (Fri) 10:00-11:30
• Venue: Tokyo Venue (5F)
• Format: Workshop
• Translation: Consecutive translation available
• Instructor: Anant Shrivastava | Founder, Cyfinoid Research
• Official Site: Security Days Fall 2026