Modern tech stacks are complex and piled high with multiple frameworks, cloud infra, solutions etc. You can’t write PHP and FTP it to a server anymore. Meanwhile Security requirements are growing and Security teams are mandating ever more checks, tests and faster remediation.

As a result, Dev teams drown in fragmented tools, reporting in inconsistent formats, and brittle pipelines that seem to break only when you are in a hurry.

This is no way to work. In this talk we share our learnings from building Smithy, an Open Source, developer-first SDK and lightweight workflow engine designed to orchestrate security tools, normalize outputs using OCSF, enrich with custom info and persist results as structured evidence.

During this session, we’ll walk through the technical and design lessons we learned while building the Smithy SDK and Workflow Engine.

We’ll explore why normalization of JSON output to a common format makes sense for many use cases, and how a 60-line integration can now run anywhere — from CI to containers to secure enclaves.

You’ll learn how to transform raw scanner output into normalized, traceable events; how to add context for triage and remediation; and how to create resilient, observable automations that can survive flaky APIs, odd edge cases, and craft real-world DevSecOps workflows.

Whether you’re building your own security tooling or tired of duct-taping YAML together, this talk offers practical, reusable patterns — and an open-source foundation to build on.