I was invited to give a vendor sponsored talk at Blackhat USA 2017 on how to use agile methods to improve and extend the capabilities of a SOC (Security Operations Center).
ntroduced in Splunk 6.2, the Distributed Management Console helps Splunk Admins deal with the monitoring and health of their Splunk deployment. In Splunk 6.3, we built views for Splunk Index and Volume Usage, Forwarder Monitoring, Search Head Cluster Monitoring, Index Cluster Monitoring, and tools for visualizing your Splunk Topology. Leverage Splunk DMC and come see the forest -and- the trees in your Splunk deployment!
Introduction to Agile software testing - The 5th seminar in public seminar series from KMS Technology which have been delivering from 2011 in every two months
Scaled Agile, Inc., is the provider of SAFe®, the world’s leading framework for business agility. Through learning and certification, a global partner network, and a growing community of over 800,000 trained professionals, Scaled Agile helps enterprises build agility into their culture so they can quickly identify and deliver customer value, capitalize on emerging opportunities, and improve business outcomes. Learn more at scaledagile.com.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
I was invited to give a vendor sponsored talk at Blackhat USA 2017 on how to use agile methods to improve and extend the capabilities of a SOC (Security Operations Center).
ntroduced in Splunk 6.2, the Distributed Management Console helps Splunk Admins deal with the monitoring and health of their Splunk deployment. In Splunk 6.3, we built views for Splunk Index and Volume Usage, Forwarder Monitoring, Search Head Cluster Monitoring, Index Cluster Monitoring, and tools for visualizing your Splunk Topology. Leverage Splunk DMC and come see the forest -and- the trees in your Splunk deployment!
Introduction to Agile software testing - The 5th seminar in public seminar series from KMS Technology which have been delivering from 2011 in every two months
Scaled Agile, Inc., is the provider of SAFe®, the world’s leading framework for business agility. Through learning and certification, a global partner network, and a growing community of over 800,000 trained professionals, Scaled Agile helps enterprises build agility into their culture so they can quickly identify and deliver customer value, capitalize on emerging opportunities, and improve business outcomes. Learn more at scaledagile.com.
Here’s your chance to get hands-on with Splunk for the first time! Bring your modern Mac, Windows, or Linux laptop and we’ll go through a simple install of Splunk. Then, we’ll load some sample data, and see Splunk in action – we’ll cover searching, pivot, reporting, alerting, and dashboard creation. At the end of this session you’ll have a hands-on understanding of the pieces that make up the Splunk Platform, how it works, and how it fits in the landscape of Big Data. You’ll experience practical examples that differentiate Splunk while demonstrating how to gain quick time to value.
Enterprise agile transformation is a complex journey. It involves cultural change, org restructuring, reinventing processes and tools, and a visionary who can lead the change.
Leading a large-scale agile transformation isn’t about adopting a new set of attitudes, processes, and behaviors at the team level… it’s about helping your company deliver faster to market, and developing the ability to respond to a rapidly-changing competitive landscape. First and foremost, it’s about achieving business agility. Business agility comes from people having clarity of purpose, a willingness to be held accountable, and the ability to achieve measurable outcomes. Unfortunately, almost everything in modern organizations gets in the way of teams acting with any sort of autonomy. In most companies, achieving business agility requires significant organizational change. Join @Mike Cottmeyer live from #Agile2017 during this workshop.
Presenter:
Dr. Gail Ferreira, Agile Practice Leader, MATRIX Resources, San Francisco Center of Excellence
Rapid scale directly impacts all levels of decision-making, planning, execution, culture, and communications for executives in hypergrowth companies. In this session, we will discuss how to organize, support, and tailor agile practices for teams and sub-teams in companies with a rapid growth cycle. We will share contemporary case studies of hypergrowth companies who have delivered agile at scale.
Topics will include:
• Basic agile and lean methods
• Scrum of Scrums
• SAFe
• Disciplined Agile Delivery (DAD)
• Agility at Scale (Ambler/Lines)
• Spotify model (Tribes, Squads, Chapters & Guilds, DSDM).
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5netmind
El Scaled Agile Framework (SAFe) es una base de conocimientos para adoptar métodos de trabajo ágiles en grandes organizaciones. SAFe presenta de forma gráfica un modelo de gestión para escalar la aplicación de las prácticas ágiles de un equipo a la gestión de programas, y de la gestión de programas al conjunto de la organización.
Este modelo para la adopción y transformación ágil de las organizaciones fué diseñado por Dean Leffingwell, a partir de sus libros “Agile Software Requeriments: Lean Requeriments for Teams Programs and the Enterprise” y “Scaling Software Agility: Best Practices for Large Enterprise”, y se ha implementado con éxito en grandes organizaciones de todo el mundo. 60 de las 100 compañías más grandes de Estados Unidos están utilizando SAFe como guía de referencia para la adopción de Agile.
El modelo de gestión propuesto por SAFe cubre el conjunto de la organización, desde los equipos, hasta los niveles de mayor responsabilidad. El modelo estructura en tres niveles: Equipo, Programa y Portfolio, aunque en la última versión, SAFe 4.0, introduce un 4º nivel opcional para soluciones de extremadamente grandes y complejas. Para cada uno de estos niveles SAFe define los roles, estructuras, actividades, artefactos, prácticas y técnicas adecuadas.
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives. Reviews principles and practices to improve culture, people, teams, processes and products, all from an Agile perspective
Digital Banking Operating Models
Lloyds Banking Group demonstrate how they use Splunk throughout IT Operations, supporting Digital Services such as online banking across the Group
Preparing and running a fully remote PI Planning session is complex and different than an in-person event. This slide deck was used during an Applied Frameworks' webinar with John Mulligan and Kevin Rosengren, both principal consultants, who talked about how best to prepare for remote PI Planning from the perspective of an RTE and ScrumMaster.
The "2017 Scrum by Picture" is something you can call Scrum Guide illustrated. It is based on the newest version of "Scrum Guide".
You will find the theory, scrum values, scrum team, scrum events including sprint, sprint planning, daily scrum, review and retrospective as well as scrum artifacts. All of those is explained in easy to follow, illustrated nicely presentation, which can assist you to catch the idea behind Scrum.
Feel free to share "2017 Scrum by Picture" with your Scrum friends.
Introduction to Scrum presentation which outlines common issues in software development, what is Scrum, and an introduction to the Scrum framework. This presentation has been used for training and presentations to both technology and business audiences.
Product Backlog - Refinement and Prioritization TechniquesVikash Karuna
This presentation describes the important techniques used in Product Backlog refinement and prioritization in Agile development. The various techniques described here are very useful for product managers, product owners, scrum masters, and agile teams.
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"admford
So you’ve been told that your organization is going to implement Agile methodologies across ALL of IT, and not just in development. And you’ve been given the responsibility to implement it in Security Operations, and without a clear plan or measurable objectives other than “make the team more efficient”. While one can complain that someone in the C-Suite heard of the book “Scrum: The Art of Doing Twice the Work in Half the Time”, you still have a job to do. So the basics of Project Management, Agile, Scrum & Kanban are covered and how one can shoehorn these concepts into working in an operations context. Oh, and there will also be some finagling of where DevOps stands regarding Agile and Operations.
Enterprise agile transformation is a complex journey. It involves cultural change, org restructuring, reinventing processes and tools, and a visionary who can lead the change.
Leading a large-scale agile transformation isn’t about adopting a new set of attitudes, processes, and behaviors at the team level… it’s about helping your company deliver faster to market, and developing the ability to respond to a rapidly-changing competitive landscape. First and foremost, it’s about achieving business agility. Business agility comes from people having clarity of purpose, a willingness to be held accountable, and the ability to achieve measurable outcomes. Unfortunately, almost everything in modern organizations gets in the way of teams acting with any sort of autonomy. In most companies, achieving business agility requires significant organizational change. Join @Mike Cottmeyer live from #Agile2017 during this workshop.
Presenter:
Dr. Gail Ferreira, Agile Practice Leader, MATRIX Resources, San Francisco Center of Excellence
Rapid scale directly impacts all levels of decision-making, planning, execution, culture, and communications for executives in hypergrowth companies. In this session, we will discuss how to organize, support, and tailor agile practices for teams and sub-teams in companies with a rapid growth cycle. We will share contemporary case studies of hypergrowth companies who have delivered agile at scale.
Topics will include:
• Basic agile and lean methods
• Scrum of Scrums
• SAFe
• Disciplined Agile Delivery (DAD)
• Agility at Scale (Ambler/Lines)
• Spotify model (Tribes, Squads, Chapters & Guilds, DSDM).
Foundations of the Scaled Agile Framework® (SAFe® ) 4.5netmind
El Scaled Agile Framework (SAFe) es una base de conocimientos para adoptar métodos de trabajo ágiles en grandes organizaciones. SAFe presenta de forma gráfica un modelo de gestión para escalar la aplicación de las prácticas ágiles de un equipo a la gestión de programas, y de la gestión de programas al conjunto de la organización.
Este modelo para la adopción y transformación ágil de las organizaciones fué diseñado por Dean Leffingwell, a partir de sus libros “Agile Software Requeriments: Lean Requeriments for Teams Programs and the Enterprise” y “Scaling Software Agility: Best Practices for Large Enterprise”, y se ha implementado con éxito en grandes organizaciones de todo el mundo. 60 de las 100 compañías más grandes de Estados Unidos están utilizando SAFe como guía de referencia para la adopción de Agile.
El modelo de gestión propuesto por SAFe cubre el conjunto de la organización, desde los equipos, hasta los niveles de mayor responsabilidad. El modelo estructura en tres niveles: Equipo, Programa y Portfolio, aunque en la última versión, SAFe 4.0, introduce un 4º nivel opcional para soluciones de extremadamente grandes y complejas. Para cada uno de estos niveles SAFe define los roles, estructuras, actividades, artefactos, prácticas y técnicas adecuadas.
Agile Kaizen: Continuous Improvement Far Beyond Retrospectives. Reviews principles and practices to improve culture, people, teams, processes and products, all from an Agile perspective
Digital Banking Operating Models
Lloyds Banking Group demonstrate how they use Splunk throughout IT Operations, supporting Digital Services such as online banking across the Group
Preparing and running a fully remote PI Planning session is complex and different than an in-person event. This slide deck was used during an Applied Frameworks' webinar with John Mulligan and Kevin Rosengren, both principal consultants, who talked about how best to prepare for remote PI Planning from the perspective of an RTE and ScrumMaster.
The "2017 Scrum by Picture" is something you can call Scrum Guide illustrated. It is based on the newest version of "Scrum Guide".
You will find the theory, scrum values, scrum team, scrum events including sprint, sprint planning, daily scrum, review and retrospective as well as scrum artifacts. All of those is explained in easy to follow, illustrated nicely presentation, which can assist you to catch the idea behind Scrum.
Feel free to share "2017 Scrum by Picture" with your Scrum friends.
Introduction to Scrum presentation which outlines common issues in software development, what is Scrum, and an introduction to the Scrum framework. This presentation has been used for training and presentations to both technology and business audiences.
Product Backlog - Refinement and Prioritization TechniquesVikash Karuna
This presentation describes the important techniques used in Product Backlog refinement and prioritization in Agile development. The various techniques described here are very useful for product managers, product owners, scrum masters, and agile teams.
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?"admford
So you’ve been told that your organization is going to implement Agile methodologies across ALL of IT, and not just in development. And you’ve been given the responsibility to implement it in Security Operations, and without a clear plan or measurable objectives other than “make the team more efficient”. While one can complain that someone in the C-Suite heard of the book “Scrum: The Art of Doing Twice the Work in Half the Time”, you still have a job to do. So the basics of Project Management, Agile, Scrum & Kanban are covered and how one can shoehorn these concepts into working in an operations context. Oh, and there will also be some finagling of where DevOps stands regarding Agile and Operations.
When Management Asks You: “Do You Accept Agile as Your Lord and Savior?” - Ci...admford
Updated version of my original Cyphercon talk. With more useful information regarding how to enact change and better visual representation of certain concepts. This talk was given at CircleCityCon 10 in 2023
Vidas Vasiliauskas. Scrumban - mixing agile and lean for product manufacture ...Agile Lietuva
Session will target small to medium sized teams, project managers and start-up guys who are doing lean/agile based product development or support. A refreshing idea about “On demand” thinking in a world based on “Squeezing or pushing”. We will talk about principles which bring mixed practices from both Scrum and Kanban to supply a responsive, lean and still constrained process.
Vidas will cover main guidelines and insights of practical applications on Scrumban including:
-On demand planning
-Feature freezing
-Process triggers
-Importance of Kaizen
-The most important thing to be done next
Agile vision in IT and Software devlopmentJitander Kapil
This is Agile vision sharing presentation prepared by me some time ago, To share my viwes in terms of entry-level people having thoughts, agile misconceptions, and transformation challenges.
Any suggestions feedback well appreciated.
Thanks
jitander kapil
Product Agility: 3 fundamentals from the trenchesPedro Teixeira
There is no silver bullet for Product and Business Agility.
On this talk you will know which are the fundamentals and some of the initiatives in place in the OutSystems Engineering Journey to better responding rapidly and flexibly to ours customers demands.
What is Agile Scrum? How can it be used for project management? How can it improve communication and effectiveness? This is a presentation used in a medium sized London start-up eCommerce business.
Post-agile approaches - agile for the real world and how to avoid agile failureYuval Yeret
A session for an ILTAM forum in Israel - Agile is really great. Can it fail? Are failures due to mismatch of practices? principles? Only implementation details?
We will look at the strengths weaknesses opportunities threats related to the major agile frameworks as well as common failure modes and what to do about them
(the actual session includes case studies from audience and agilesparks experience)
Accelerate the project delivery with AgileRobertGresser
Agile applied to the chemical industry to accelerate and de-risk the innovation in an uncertain business environment. Main outcome: 1) Quicker decision in a "fail fast mode" leading to better use of R&D resources, 2) team empowerment increasing the innovation productivity. A key challenge is for the management to move from a control attitude to the creation of the conditions allowing the team to succeed
ACS Presentation : How to teach your team Agile in 3 monthsMia Horrigan
presentation given to ACS Agile Special interest group. Outlines my experiences as an Agile coach introducing Scrum to the team.
By using psychology based approach to implementing Scrum we were able to guide them through the learning process over a three month period
Threat hunting is the best, proactive approach. But, excelling at threat hunting, discovering adversaries takes time, patience, planning, and some serious skills. Mature beyond the basics of hunting and evolve your program!
Security Analytics: The Promise of Artificial Intelligence, Machine Learning,...Cybereason
Security analytics, what is real and examined the promise, the hype and the real state of artificial intelligence, machine learning and data science in solving fundamental security problems.
This slideshow outlines 10 reasons why hackers use PowerShell to turn an operating system against itself and compromise entire networks without needing to install a single piece of software.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
2. ““Agile is not just a
methodology, but a set
of principles and
philosophy.”
- Pearl Zhu
3. Agile…Huh?
ü Set of principles for software development under which
requirements and solutions evolve through the collaborative effort
of self-organizing cross-functional teams
ü Advocates adaptive planning, evolutionary development, early
delivery, and continuous improvement, and it encourages rapid
and flexible response to change
4. In the Beginning…
ü 1950’s – IBM started using iterative & incremental software
development methods
ü 1970’s - Evolutionary project management & adaptive software
development
ü 1990’s - Rapid application development, extreme programming,
scrum
ü 2001 - The Manifesto for Agile Software Development
5. The Skinny
Responding to change Following a plan
Rapid iterations Big-Bang campaigns
Testing & data VS Opinions & conventions
Many small experiments A few large bets
Individuals & interactions One size fits all
Collaboration Silos & hierarchies
7. Scrum!
ü Iterative & incremental process for structuring work
ü Leverages commitment as change agent
ü Face-to-face communication / close online collaboration
ü Gamification of work
8. Scrum-ptious
ü Small team spending a short time building small things
ü Time boxed & cross-functional teams
ü Prioritized product backlog
ü Three roles - product owner, scrummaster, & team
ü Team velocity based
ü No new items mid-sprint
ü Scrum board reset every iteration
ü Work only on those items that fit into the iteration
ü Daily stand-ups
9. Roles & Ceremonies
ü Roles
Product Owner
ScrumMaster
Team
ü Ceremonies
Sprint Planning
Daily Stand-up
Sprint Review
Sprint Retrospective
10. The Quick & Dirty On Scrum
ü Product owner creates a prioritized list
ü team selects top item(s) from backlog
ü Sprint (2-4 weeks) — team meets each day to assess progress
ü Scrummaster keeps the team focused
ü Hand work to customer / show to a stakeholder
ü Sprint review & retrospective
ü Rinse & repeat
12. Kanban!
ü Based on 3 basic principles
Visualize what you do today (workflow)
Limit the amount of work in progress (WIP)
Enhance flow
ü Plan – Do – Study – Adapt (PDSA) approach
13. You Can Kanban
ü Work split into pieces
ü Limited in progress items for a specific workflow
ü Not timed boxed
ü No prescribed roles
ü New items can be added anytime within the pre-decided limit
ü Board not reset & can be changed by anyone on team
ü Story points & velocity not used
ü No prescribed product backlog
ü Daily stand-ups common
16. Change…Why?
ü Better organization of process improvements
ü Prioritization of high impact items
ü Increased work throughput & (some) predictability
ü Easier to track planned & handle unplanned work
ü Better resilience to changes
ü Minimized planning & coordination
ü Greater ability to gauge growth over time
17. You like Sticky Notes…Right?
ü Sprint zero 100% sticky notes
ü No speed record attempts….yet
ü Brain training
ü Gamification of work
ü Work to establish realistic team velocity
ü Reinforce team mentality
18. Evolution
ü Sticky Notes to Jira
ü More realistic in sprint velocity
ü Honest & direct team communication / feedback
ü Full recognition of importance of ceremonies
ü Less “I” & a whole lot more “team”
ü Ask for help
23. Challenges & Setbacks
ü Moving to Scrum calls for a culture shift
ü Establishing a groove – training is necessary
ü Makes it difficult not to be a team player
ü Breaking down classic silos
ü Accountability
ü Distraction from BAU – Discipline!
24. Resources / Tools
ü Tools
Jira
Trello
ServiceNow – Visual Tasks Boards
VersionOne
ü http://www2.cprime.com/Agile-Impeditments-Webinar
ü https://www.cprime.com/resources/what-is-agile-what-is-scrum
ü https://www.atlassian.com/agile/how-to-do-scrum-with-jira-software