Agile has made it possible to deliver a lot product lines and service lines almost like instant coffee , tea and instant everything. It has created a lot of diverse needs especially the need to keep pace with Dev and Operations and everything is expected to continuous along the pipeline without breaking anything along the way. This would mean features , security , builds , releases and the whole nine yards that go with putting your app or product out there. We shall look at DEVSECOPS along with why everything else associated with this initiative that needs to be continuous . Without this mindset agile shall be a term that shall not have much of relevance let alone deliver a product or feature in the best quality and time frame.
Agile Project Failures: Root Causes and Corrective ActionsTechWell
Agile initiatives always begin with the best of intentions—accelerate delivery, better meet customer needs, or improve software quality. Unfortunately, some agile projects do not deliver on these expectations. If you want help to ensure the success of your agile project or get an agile project back on track, this session is for you. Jeff Payne discusses the most common causes of agile project failure and how you can avoid these issues—or mitigate their damaging effects. Poor project management, ineffective requirements development, failed communications, software development problems, and (non)agile testing can all contribute to project failure. Learn practical tips and techniques for identifying early warning signs that your agile project might be in trouble and how you can best get your project back on track. Gain the knowledge you need to guide your organization toward agile project implementations that serve the business and the stakeholders.
Agile Project Failures: Root Causes and Corrective ActionsTechWell
Agile initiatives always begin with the best of intentions—accelerate delivery, better meet customer needs, or improve software quality. Unfortunately, some agile projects do not deliver on these expectations. If you want help to ensure the success of your agile project or get an agile project back on track, this session is for you. Jeff Payne discusses the most common causes of agile project failure and how you can avoid these issues—or mitigate their damaging effects. Poor project management, ineffective requirements development, failed communications, software development problems, and (non)agile testing can all contribute to a failing project. Learn practical tips and techniques for identifying early warning signs that your agile project might be in trouble and how you can best get your project back on track. Gain the knowledge you need to guide your organization toward agile project implementations that serve the business and the stakeholders.
Integrating Project Management with Service Management Best Practices Event B...Google
SureSkills Belfast Breakfast Briefing on 'Integrating Project Management with Service Management Best Practices Event, April 3rd 2014'.
The event aimed to show that the points of integration between Project Management and Service Management. Given the minimal industry discourse on integrating Project Management and Service Management, we used the event as an open discussion with industry professionals and local industry case studies combined with a very interactive Q&A session.
Guest Speakers on the day included:
- Bill Heffernan, Principal Service Management Consultant at SureSkills / CEO SP3 Services
- Domingos Ferreira, Director at Quantum Outsource
- Ruaidhri McSharry, Chief Operating Officer & Director Service of Service Management at SureSkills
Date of event: Thursday, 3rd of April 2014
Venue: Europa Hotel Belfast
If you require any additional details about this event email Marketing@SureSkills.Com or contact your SureSkills Belfast account manager on 028 9093 55 55.
Agile Project Failures: Root Causes and Corrective ActionsTechWell
Agile initiatives always begin with the best of intentions—accelerate delivery, better meet customer needs, or improve software quality. Unfortunately, some agile projects do not deliver on these expectations. If you want help to ensure the success of your agile project or get an agile project back on track, this session is for you. Jeff Payne discusses the most common causes of agile project failure and how you can avoid these issues—or mitigate their damaging effects. Poor project management, ineffective requirements development, failed communications, software development problems, and (non)agile testing can all contribute to project failure. Learn practical tips and techniques for identifying early warning signs that your agile project might be in trouble and how you can best get your project back on track. Gain the knowledge you need to guide your organization toward agile project implementations that serve the business and the stakeholders.
Agile Project Failures: Root Causes and Corrective ActionsTechWell
Agile initiatives always begin with the best of intentions—accelerate delivery, better meet customer needs, or improve software quality. Unfortunately, some agile projects do not deliver on these expectations. If you want help to ensure the success of your agile project or get an agile project back on track, this session is for you. Jeff Payne discusses the most common causes of agile project failure and how you can avoid these issues—or mitigate their damaging effects. Poor project management, ineffective requirements development, failed communications, software development problems, and (non)agile testing can all contribute to a failing project. Learn practical tips and techniques for identifying early warning signs that your agile project might be in trouble and how you can best get your project back on track. Gain the knowledge you need to guide your organization toward agile project implementations that serve the business and the stakeholders.
Integrating Project Management with Service Management Best Practices Event B...Google
SureSkills Belfast Breakfast Briefing on 'Integrating Project Management with Service Management Best Practices Event, April 3rd 2014'.
The event aimed to show that the points of integration between Project Management and Service Management. Given the minimal industry discourse on integrating Project Management and Service Management, we used the event as an open discussion with industry professionals and local industry case studies combined with a very interactive Q&A session.
Guest Speakers on the day included:
- Bill Heffernan, Principal Service Management Consultant at SureSkills / CEO SP3 Services
- Domingos Ferreira, Director at Quantum Outsource
- Ruaidhri McSharry, Chief Operating Officer & Director Service of Service Management at SureSkills
Date of event: Thursday, 3rd of April 2014
Venue: Europa Hotel Belfast
If you require any additional details about this event email Marketing@SureSkills.Com or contact your SureSkills Belfast account manager on 028 9093 55 55.
2011 06 15 velocity conf from visible ops to dev ops finalGene Kim
My presentation called "Creating the Dev/Test/PM/Ops Supertribe: From Visible Ops To DevOps"
2011 Velocity Conference:
http://velocityconf.com/velocity2011/public/schedule/detail/21123
Right on the heels of the Manifesto for Agile Software Development, a new movement with the moniker DevOps has further advanced software delivery. Although the Agile software development movement brought iterative and incremental concepts to our industry, in many organizations its reach was relegated to only the application development teams. In many cases, this moved the bottlenecks in organizations from application development to release management, IT operations and business program and portfolio management decision making. This local optimization leads to real world application of Agile software development being perceived as unsuccessful and increased probability of being thrown away for the comfort in the illusions of control of plan-driven approaches.
The promise of DevOps is to further improve our ability to make holistic optimizations from business to software delivery to operations and ultimately increase feedback into our business decision making processes. This promise involves the application of The Three Ways as described by Gene Kim: Flow, Feedback and Continuous Experimentation and Learning. Even for those that were able to take advantage of Agile software development we can not sit on our laurels. We must embrace continuous improvement in order to fend off the effects of “Software is Eating the World” as Marc Andreessen pronounced. DevOps provides a view on the culture, practices, tools and processes for how valuable software is delivered, operated and evolved to enable competitive advantage.
DOES14 - Jonny Wooldridge - The Cambridge Satchel Company - 10 Enterprise Tip...Gene Kim
Jonny Wooldridge, CTO, The Cambridge Satchel Company at the DevOps Enterprise Summit 2014
View video: https://www.youtube.com/watch?v=CzUTztwcc58
View Jonny Wooldridge's blog: http://www.enterprisedevops.com
Following 3.5 years building a DevOps capability and culture at M&S I will be condensing the experience down to 10 Enterprise DevOps tips that are relevant to companies of all sizes and complexities. Bringing start-up lean thinking to an enterprise was never going to be easy but the lessons learned are relevant to us all.
There are dozens of myths about Agile development. But before jumping into specific misconceptions, let’s have a look at some common business challenges:
For senior-level execs: do you value revenue growth or cost containment?
For project managers: do you value team efficiency or effectiveness?
For developers: do you value code quantity or quality?
In each scenario, you probably struggled to make a choice given that your two options were not mutually exclusive.
Posing the question this way creates a false dilemma since you likely value both options but to varying degrees. So the better question is, of the two options, which do you value more?
What skills and personality do you need for a career in DevOps?Puppet
We talked to dozens of engineers, managers and recruiters whose jobs (or the jobs they're hiring for) emphasize DevOps practices to see what insights they have to share. In this SlideShare you'll find quotes from them detailing the skills they think will help you be successful.
For all their advice and insights, get the full ebook at https://puppet.com/devops-and-you.
Optimizing DevOps strategy in a large enterpriseEyal Edri
Large enterprises today are pacing a flood of multiple devops tools to choose from for their infrastructure. The problem intensifies when you have dozens of devops teams across the world, each with his own background of devops tools and knowledge and each with his own agenda of pushing to use his tools. How would you leverage this distributed, disconnected knowledge into a single working devops knowledge source, and common infrastructure to leverage the whole enterprise? Come and hear about Red Hat Global CI initiative to hear on one possible approach for taking on the battle.
Seven Deadly Habits of Dysfunctional Software ManagersTechWell
As if releasing a quality software project on time were not difficult enough, poor management dealing with planning, people, and process issues can be deadly to a project. Presenting a series of anti-pattern case studies, Ken Whitaker describes the most common deadly habits-and ways to avoid them. These seven killer habits are mishandling employee incentives; making key decisions by consensus; ignoring proven processes; delegating absolute control to a project manager; taking too long to negotiate a project's scope; releasing an "almost tested" product to market; and hiring someone who is not quite qualified-but liked by everyone. Whether you are an experienced manager struggling with some of these issues or a new software manager, you'll take away invaluable tips and techniques correcting these habits-or better yet, avoiding them altogether. As a bonus, every attendee will receive a copy of Ken's full-color 7 Deadly Habits comic .
Scaling Agile: Remembering Tolstoy’s Unhappy Family AnalogyTechWell
While Agile has become mainstream at the team level with much research and practical experience, scaling agile to the enterprise is a topic of increasing interest and practice—with some successes and some spectacular failures. As Tolstoy wrote, “Happy families are all alike; each unhappy family is unhappy in its own way.” Mariya Breyter shares anti-patterns for scaling agile that you need to recognize quickly and change right away. Most agile scaling frameworks address agile processes and organizational structures. However, Mariya thinks it is time to look at agile scaling from the perspective of individual team members: developers, architects, testers, or any member of a cross-functional agile team. Using examples from multiple companies that she transitioned to agile at scale, Mariya describes how you can enhance your agile implementation at the enterprise level and avoid the pitfalls that can sink an enterprise agile program.
Slides from my talk at CoDeOSL 2015, http://www.code-conf.com/osl15/
Abstract:
------------
We are witnessing perhaps the most disruptive and innovative period in IT in our time. Those not transforming their IT organizations towards DevOps and Continuous Delivery (CD) risk being left behind to die. This talk will place DevOps and CD in a historical context and explain how and why this paradigm shift will radically change how businesses acquire customers and deliver value to them.
"The Lean Mindset": Mary & Tom Poppendieck's Keynote at AgileDayChile 2013ChileAgil
Mary & Tom Poppendieck bring to us their analysis of the famouse rescue of the 33 chilean miners through lean glasses, and they propose a Lean Mindset grounded in business & technological success cases around the world.
If you like the ideas raised in this presentation, don't forget to check out my latest book, Directing the Agile Organisation (http://theagiledirector.com/book).
Learn how to improve your Software Development or Business Intelligence processes using modern Agile project management in a fun, friendly and effective way!
Traditional software project management is based on hierarchically driven, fixed outcome systems and processes. Agile project management, however, is an iterative planning & development approach that can be applied, day-to-day, to improve overall quality and customer satisfaction.
This two day course covers the basic concepts of Agile project management and how these methodologies can be used within your organisation. This course aims to provide the tools for software managers and teams to improve customer satisfaction through the rapid and continuous delivery of useful software. We also look at how to use the best of traditional (or waterfall) processes within Agile techniques.
With the advent of microservices , containers and on demand computing and the rate at which code is getting churned out every single day we need to automate or perish. DevOps or Build at Scale and how to have a hands free approach like autonomous cars is what companies need the most today. It is no longer OK to say we build it someone will test it and certify it , it needs to happen in real time and all at once the Build, Automate and Test in a continuous pipeline. How can companies stay on top by effectively making use of Automation shall be looked at in this talk.
Cloud has brought in the concept of managing security within bounded contexts. All else is outside the scope of the service provider or the hosting vendor. How do you plan for scope security activities around the nebulous scope of the cloud especially in a hybrid / multi cloud scenarios where clear cut boundaries are not well defined.How can architecture frameworks help you to fix this issue which is like trying to safeguard a fort not knowing which doors to lock and where to start ?The talk will focus on how enterprise architecture frameworks can help create the much needed trace ability and help define the scope of the security architecture activity. Using tried and tested means has the advantage of not having to reinvent the wheel and avoid missing out plugging the weak links within your enterprise.
2011 06 15 velocity conf from visible ops to dev ops finalGene Kim
My presentation called "Creating the Dev/Test/PM/Ops Supertribe: From Visible Ops To DevOps"
2011 Velocity Conference:
http://velocityconf.com/velocity2011/public/schedule/detail/21123
Right on the heels of the Manifesto for Agile Software Development, a new movement with the moniker DevOps has further advanced software delivery. Although the Agile software development movement brought iterative and incremental concepts to our industry, in many organizations its reach was relegated to only the application development teams. In many cases, this moved the bottlenecks in organizations from application development to release management, IT operations and business program and portfolio management decision making. This local optimization leads to real world application of Agile software development being perceived as unsuccessful and increased probability of being thrown away for the comfort in the illusions of control of plan-driven approaches.
The promise of DevOps is to further improve our ability to make holistic optimizations from business to software delivery to operations and ultimately increase feedback into our business decision making processes. This promise involves the application of The Three Ways as described by Gene Kim: Flow, Feedback and Continuous Experimentation and Learning. Even for those that were able to take advantage of Agile software development we can not sit on our laurels. We must embrace continuous improvement in order to fend off the effects of “Software is Eating the World” as Marc Andreessen pronounced. DevOps provides a view on the culture, practices, tools and processes for how valuable software is delivered, operated and evolved to enable competitive advantage.
DOES14 - Jonny Wooldridge - The Cambridge Satchel Company - 10 Enterprise Tip...Gene Kim
Jonny Wooldridge, CTO, The Cambridge Satchel Company at the DevOps Enterprise Summit 2014
View video: https://www.youtube.com/watch?v=CzUTztwcc58
View Jonny Wooldridge's blog: http://www.enterprisedevops.com
Following 3.5 years building a DevOps capability and culture at M&S I will be condensing the experience down to 10 Enterprise DevOps tips that are relevant to companies of all sizes and complexities. Bringing start-up lean thinking to an enterprise was never going to be easy but the lessons learned are relevant to us all.
There are dozens of myths about Agile development. But before jumping into specific misconceptions, let’s have a look at some common business challenges:
For senior-level execs: do you value revenue growth or cost containment?
For project managers: do you value team efficiency or effectiveness?
For developers: do you value code quantity or quality?
In each scenario, you probably struggled to make a choice given that your two options were not mutually exclusive.
Posing the question this way creates a false dilemma since you likely value both options but to varying degrees. So the better question is, of the two options, which do you value more?
What skills and personality do you need for a career in DevOps?Puppet
We talked to dozens of engineers, managers and recruiters whose jobs (or the jobs they're hiring for) emphasize DevOps practices to see what insights they have to share. In this SlideShare you'll find quotes from them detailing the skills they think will help you be successful.
For all their advice and insights, get the full ebook at https://puppet.com/devops-and-you.
Optimizing DevOps strategy in a large enterpriseEyal Edri
Large enterprises today are pacing a flood of multiple devops tools to choose from for their infrastructure. The problem intensifies when you have dozens of devops teams across the world, each with his own background of devops tools and knowledge and each with his own agenda of pushing to use his tools. How would you leverage this distributed, disconnected knowledge into a single working devops knowledge source, and common infrastructure to leverage the whole enterprise? Come and hear about Red Hat Global CI initiative to hear on one possible approach for taking on the battle.
Seven Deadly Habits of Dysfunctional Software ManagersTechWell
As if releasing a quality software project on time were not difficult enough, poor management dealing with planning, people, and process issues can be deadly to a project. Presenting a series of anti-pattern case studies, Ken Whitaker describes the most common deadly habits-and ways to avoid them. These seven killer habits are mishandling employee incentives; making key decisions by consensus; ignoring proven processes; delegating absolute control to a project manager; taking too long to negotiate a project's scope; releasing an "almost tested" product to market; and hiring someone who is not quite qualified-but liked by everyone. Whether you are an experienced manager struggling with some of these issues or a new software manager, you'll take away invaluable tips and techniques correcting these habits-or better yet, avoiding them altogether. As a bonus, every attendee will receive a copy of Ken's full-color 7 Deadly Habits comic .
Scaling Agile: Remembering Tolstoy’s Unhappy Family AnalogyTechWell
While Agile has become mainstream at the team level with much research and practical experience, scaling agile to the enterprise is a topic of increasing interest and practice—with some successes and some spectacular failures. As Tolstoy wrote, “Happy families are all alike; each unhappy family is unhappy in its own way.” Mariya Breyter shares anti-patterns for scaling agile that you need to recognize quickly and change right away. Most agile scaling frameworks address agile processes and organizational structures. However, Mariya thinks it is time to look at agile scaling from the perspective of individual team members: developers, architects, testers, or any member of a cross-functional agile team. Using examples from multiple companies that she transitioned to agile at scale, Mariya describes how you can enhance your agile implementation at the enterprise level and avoid the pitfalls that can sink an enterprise agile program.
Slides from my talk at CoDeOSL 2015, http://www.code-conf.com/osl15/
Abstract:
------------
We are witnessing perhaps the most disruptive and innovative period in IT in our time. Those not transforming their IT organizations towards DevOps and Continuous Delivery (CD) risk being left behind to die. This talk will place DevOps and CD in a historical context and explain how and why this paradigm shift will radically change how businesses acquire customers and deliver value to them.
"The Lean Mindset": Mary & Tom Poppendieck's Keynote at AgileDayChile 2013ChileAgil
Mary & Tom Poppendieck bring to us their analysis of the famouse rescue of the 33 chilean miners through lean glasses, and they propose a Lean Mindset grounded in business & technological success cases around the world.
If you like the ideas raised in this presentation, don't forget to check out my latest book, Directing the Agile Organisation (http://theagiledirector.com/book).
Learn how to improve your Software Development or Business Intelligence processes using modern Agile project management in a fun, friendly and effective way!
Traditional software project management is based on hierarchically driven, fixed outcome systems and processes. Agile project management, however, is an iterative planning & development approach that can be applied, day-to-day, to improve overall quality and customer satisfaction.
This two day course covers the basic concepts of Agile project management and how these methodologies can be used within your organisation. This course aims to provide the tools for software managers and teams to improve customer satisfaction through the rapid and continuous delivery of useful software. We also look at how to use the best of traditional (or waterfall) processes within Agile techniques.
With the advent of microservices , containers and on demand computing and the rate at which code is getting churned out every single day we need to automate or perish. DevOps or Build at Scale and how to have a hands free approach like autonomous cars is what companies need the most today. It is no longer OK to say we build it someone will test it and certify it , it needs to happen in real time and all at once the Build, Automate and Test in a continuous pipeline. How can companies stay on top by effectively making use of Automation shall be looked at in this talk.
Cloud has brought in the concept of managing security within bounded contexts. All else is outside the scope of the service provider or the hosting vendor. How do you plan for scope security activities around the nebulous scope of the cloud especially in a hybrid / multi cloud scenarios where clear cut boundaries are not well defined.How can architecture frameworks help you to fix this issue which is like trying to safeguard a fort not knowing which doors to lock and where to start ?The talk will focus on how enterprise architecture frameworks can help create the much needed trace ability and help define the scope of the security architecture activity. Using tried and tested means has the advantage of not having to reinvent the wheel and avoid missing out plugging the weak links within your enterprise.
Shift Left Security – Guidance on embedding security for a Digital Transforma...Yazad Khandhadia
How to effectively plan and use people, process and technology controls within Information Security to influence Culture during a Digital Transformation
Shift Left Security: Development Does Not Want to Own It.Aggregage
Shifting security left to the earliest part of development is currently in the spotlight in the developer world. What teams are now discovering is, this approach results in misdirected ownership for developers and a frustrated security team. In the current climate, we cannot afford to let security implementations falter. It's time to manage your team's energies to maximize DevOps efficiency, all the while maintaining top security standards. Join Shlomo Bielak, and learn how to keep your DevSecOps team focused and connected without creating silos.
DevSecOps is a new way to deliver security as part of the Software Supply Chain. It supports a built-in process and faster security feedback loop for DevOps teams.
VMWare Tech Talk: "The Road from Rugged DevOps to Security Chaos Engineering"Aaron Rinehart
This session will cover the foundations DevSecOps and the application of Chaos Engineering for Cyber Security. We will cover how the craft has evolved by sharing some lessons learned driving digital transformation at the largest healthcare company in the world, UnitedHealth Group. During the session we will talk about DevSecOps, Rugged DevOps, Open Source, and how we pioneered the application of Chaos Engineering to Cyber Security.
We will cover how DevSecOps and Security Chaos Engineering allows for teams to proactively experiment on recurring failure patterns in order to derive new information about underlying problems that were previously unknown. The use of Chaos Engineering techniques in DevSecOps pipelines, allows incident response and engineering teams to derive new information about the state of security within the system that was previously unknown.
As far as we know Chaos Engineering is one of the only proactive mechanisms for detecting systemic availability and security failures before they manifest into outages, incidents, and breaches. In other words, Security focused Chaos Engineering allows teams to proactively, safely discover system weakness before they disrupt business outcomes.
Secure Your DevOps Pipeline Best Practices Meetup 08022024.pptxlior mazor
Our technology, work processes, and activities all depend on if we trust our software to be developed in a safe and secure manner. Join us virtually for our upcoming "Secure Your DevOps Pipeline: Best Practices" Meetup to learn how to integrate security in the development process, DevSecOps advance methods, manage the implement secure coding analysis and how to manage software security risks.
Protecting Agile Transformation through Secure DevOps (DevSecOps)Eryk Budi Pratama
Respresenting Cyber Defense Community (cdef.id) to present and share my view on Secure DevOps / DevSecOps. Through this presentation, I shared several insights about:
1. How to balance the risk and controls in the "great shift left" paradigm (agile)
2. DevOps activities
3. How to seamlessly integrate security into DevOps
4. How to "shift left" the security"
5. Get started with Secure DevOps / DevSecOps
6. Case Study about DevSecOps implementation
For further discussion, especially how to secure digital and agile transformation in your organization, don't hesitate to contact me :)
You got DevOpsed! Your sysadmin team got renamed as the DevOps team. Developers got prod access. Code deploys to prod happen multiple times a day now. In the eyes of the business, things are great. Yet, the security team continues to be left out and really nothing seems to be better. In fact it feels worse.
Time to learn how to hack some devops for great good.
This talk will equip you with advice and tools to join in on the devops. You will also leave with a sample continuous delivery pipeline that is armed to dangerous and ready to identify security issues in a typical web application stack.
We'll use a range of open source technology including OWASP ZAP, gauntlt, brakeman, nmap, sqlmap, arachni and more.
Mike Spaulding - Building an Application Security Programcentralohioissa
Application Security in many organizations is a simply a 'wish list' item, but with some staff and some training, AppSec can be a reality, even for a small organization. This talk will discuss the best practices, strategies and tactics, and resource planning to build an internal AppSec function - enterprise to 'mom & pop' operations will all benefit from this talk.
Similar to Agile Relevance in the age of Continuous Everything .... (20)
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
2. Misys
BFL
Consultant and Technology Evangelist
with companies to help them in their
business transformation and digital
transformation journeys
Training and mentoring Architects and
Technology leaders
Enterprise Architecture Expert with the
Digital India Initiative
Ex Vice Chair TOGAF® Standing
Committee
Governing Board Member CCICI
WHAT DO I DO ?
10. In 2017, the Equifax credit reporting agency
used Struts in an online portal, and due to
Equifax not identifying and patching a
vulnerable version of Struts, attackers were
able to capture personal consumer information
such as names, Social Security numbers, birth
dates and addresses of over 148 million US
consumers, nearly 700,000 UK residents, and
more than 19,000 Canadian customers.
EQUIFAX SCAM
12. SALESFORCE.COM GENERATES 50 PERCENT OF ITS
REVENUES VIA ITS API VIA ITS API.
TRAVEL SITE, EXPEDIA, A WHOPPING 90 PERCENT OF
ITS REVENUE IS CONDUCTED VIA ITS API.
18. ENTER
DEV SECOPS / SEC DEV / RUGGED DEV OPS
= SECURITY AUTOMATION AT SCALE
19. IMPACT OF SECURITY ON BUSINESS
Proliferation of Shadow IT
Business Agility impacted due to slow security cycles.
Security unable to keep pace with Business
Adhoc projects and rogue development
True DevOps requires maturity
Slow threat assessments
Not enough patching
Reactive security posture of the company
SECURITY OPERATIONS
20. WHAT ARE WE MISSING HERE ?
Courtesy :Henrik Kniberg
21. 1. We need to discover a solution that is valuable, usable, feasible and viable.
2. We need to deliver a solution that is reliable, scalable, performant and maintainable.
& Of Course SECURE
WHAT WE ARE NOT CAPTURING ARE THE UNDERLYING ISSUES
22. Value Risk - will they use/buy it?
Usability Risk - can they use it?
Feasibility Risk - can we build it?
Business Viability Risk - will this work for our business?
Security Risk – Is our solution vulnerable or hack proof ?
SOLVE OR BRAINSTORM ON THESE RISKS BEFORE YOU WRITE A LINE OF CODE
23. DISCOVERY AND DELIVERY
Courtesy : Marty Cagan SVPG
Build to learn
Build to run a business
DUAL TRACK AGILE - JEFF PATTON
More frequent
Iterations per week
1 or 2 Iterations per week
PRODUCT MANAGERS / DESIGNERS
ENGINEERS
24. Adapted from Courtesy : Marty Cagan SVPG
SECURITY
ADDING SECURITY TO THE ATTRIBUTE LIST
29. By 2021, DevSecOps practices will be embedded
in 80 per cent of development teams, up from 15
per cent in 2017.
-Gartner
30. DEV SEC OPS - WHY
Pace of innovation meets – Pace of Security Automation
Scalable Architectures need Scalable Security
Vulnerabilities need to be healed at the rate at which software is getting churned.
Risk Identification and Remediation at the speed of delivery
31. Slow threat assessments
Can't patch fast enough
Reactive security posture
Lack of business agility
Slow to onboard new customers
Slow turn around time
Trailblazer dev projects gone wrong
Lack of SecOps agility
PROBLEMS AS THEY STAND
33. WHAT WE NEED ?
MONITORING
&
SECURITY
TO BE ADDED TO
MAKE IT CONTINOUS
PLAN – CODE –BUILD-TEST-RELEASE-DEPLOY-OPERATE-MONITOR-PLAN
34. CLOUD ADDS TO THE COMPLEXITY
MOVING TO THE CLOUD
BABY STEPS
MORE THAN ONE
CLOUD
MULTI
CLOUD SCENARIO
SECURITY RESOURCES
& CHECKLISTS
COMPLIANCE AND
REGULATIONS
OPEX
36. WHAT DEVELOPERS WANT ?
Ease of checking in and checking out
Able to play and experiment with emerging technologies
Ability to push code regardless of the platform
ABOVE ALL A GOOD NIGHTS SLEEP
37. DEVS
DEV
ITIL COMPLIANCE
REDUCE CARBON
FOOTPRINT
TEST
GO GREEN
SUPPORT DIFF ENVS
TICKETING
SECURITY
VIRTUALIZE
CMRB
PCI DSS
KEEP THE LIGHTS ON
WRITE CODE
TEST SOME AND
RELEASE
HOW OPERATIONS FOLKS SEE DEVELOPERS
NETWORKS
OS
ACCESS CONTROL
38. WHAT MAKES SECURITY FOLKS RELAX
ALL VULNERABILITIES ARE DISCOVERED AND FIXED IN TIME
ALL COMPLIANCES AND REGULATIONS ARE MET
ALL ATTACKS HAVE A PLANNED STRATEGY AND NO SURPISES
ABLE TO KEEP IN PACE WITH THE SPEED OF DEVELOPMENT
AUTOMATED PROCESSES FOR STATIC AND DYNAMIC TEST ( SAST , DAST , IAST )
39. WHAT WE NEED IS TOOLS AND PROCESS ?
MONITORING
&
SECURITY
TO BE ADDED TO
MAKE IT CONTINOUS
CHECKS PRESENT
CHECKS PRESENT
NEEDS ACTION
NEEDS ACTION
NEEDS ACTION
NEEDS ACTION
40. CI / CD SOLUTION IS ONE OF THE
IMPORTANT TOOLS FOR DEVSECOPS
41. CI / CD PIPLELINE IS WHERE THE ACTION HAPPENS
BUILD PROCESSES ALONG THAT
1. REVIEW ACCESS ROLES
2. HARDENNING SERVERS AND NODES
3. ARTIFACTS / THIRD PARTY LIBS VALIDATION BEFORE ADDING THEM TO THE TRUNK
4. STATIC CODE ANALYSIS
5. DYNAMIC ANALYSIS
43. DO NOT LET SECURITY BREAK YOUR BUILD
When Cl breaks (and it breaks) it impacts everyone and everything in the process.
Creating a significant delay in the release cycle.
Start implementing security before the Continuous integration stage.
If you have 365 developers and each developer breaks only a single build once a year (usually much
more), you have an average of one build break per day.
45. SECURITY WISH LIST
OPERATIONAL CHECKS
AUTOMATIC FAULT DETECTION
AND CORRECTION
AUTOMATION REMIADIATION
AUTOMATIC AUDITING & FORENSICS
CODE LEVEL CHECKS
SECURE CODING PRACTICES
PRO ACTIVE CONTROLS IN THE CODE
BUILD LEVEL CHECKS
VULNERABILITY CHECKS
CONFIGURATION SCRUBBING
DEPLOY CHECKS
CONTINOUS VULNERABILITY SCANS
PICK ONLY AUTHENTIC IMAGES
GRANT JUST ENOUGH SERVER ACCESS
56. Positive testing determines that your application works
as expected. If an error is encountered during positive
testing, the test fails.
Negative testing ensures that your application can
gracefully handle invalid input or unexpected user
behavior.
57. Invite both sides of the table to the meeting DEV and OPS
Incidents
Threat Modelling
Security Sprints Etc.
61. CREATE A CULTURE WHICH IS HIGH ON THE SECURITY DNA
Make it public when you fix things and update on internal wiki
Share Point or CMDB for all fixes on Security
Do not make it personal fix the issue not the person
Arrange for tech talks to spread the know how of the fixes
Educate DEV and OPS to read security tool analysis well
Shadow resources who could build capabilities
62. The further right the project is
on the DevOps scale the
further
left it should start
implementing security checks
68. Add security verification to Cl/CD Pipelines
Critical security bugs break the build
In the first three months following this presentation you should:
Create Negative Unit Tests from existing positive unit tests
Lessons on top 3 security bugs
High security bugs break the build
Within six months you should:
Regular lessons on AppSec, including a security exercise or simulation
Improvements of security processes for speed and removal of obstacles
Creation of parallel security pipeline
Medium security bugs break the build
NEXT STEPS FOR YOU