I wrote a blog post to accompany this talk at Red Hat Summit 2019. https://developers.redhat.com/blog/2019/05/13/building-and-understanding-reactive-microservices-using-eclipse-vert-x-and-distributed-tracing/
Geth is the command line access for Ethereum environment. Here we first deploy a contract using Remix. Then we obtain the contract address and use geth to access this deployed contract. A screen capture video is at the end of the deck.
In this deck we deploy contract using geth. We obtain ABI and Bytecode through compilation (which is done on Remix). After deploying the contract we can execute functions. A screen capture video is at the end of this deck.
During past years, the requirements for modern applications have increased from gigabytes of data to terabytes, from thousands of requests per second to millions, from seconds of response time to milliseconds, and this list can be continued. Until now, most of these problems have been solved using the Microservices architecture, but what's next? What next approach should we apply where Microservices fail? In this presentation, we will overview modern approaches to application development with Reactive and Distributed architecture and see how Vert.x help to implement such solutions.
Futures and Rx Observables: powerful abstractions for consuming web services ...Chris Richardson
A modular, polyglot architecture has many advantages but it also adds complexity since each incoming request typically fans out to multiple distributed services. For example, in an online store application the information on a product details page - description, price, recommendations, etc - comes from numerous services. To minimize response time and improve scalability, these services must be invoked concurrently. However, traditional concurrency mechanisms are low-level, painful to use and error-prone.
In this talk you will learn about some powerful yet easy to use abstractions for consuming web services asynchronously. We will compare the various implementations of futures that are available on the JVM. You will learn how to access web services using reactive observables (RxJava), which are asynchronous data streams. We will describe how these mechanisms let you write asynchronous code in a very straightforward, declarative fashion.
Geth is the command line access for Ethereum environment. Here we first deploy a contract using Remix. Then we obtain the contract address and use geth to access this deployed contract. A screen capture video is at the end of the deck.
In this deck we deploy contract using geth. We obtain ABI and Bytecode through compilation (which is done on Remix). After deploying the contract we can execute functions. A screen capture video is at the end of this deck.
During past years, the requirements for modern applications have increased from gigabytes of data to terabytes, from thousands of requests per second to millions, from seconds of response time to milliseconds, and this list can be continued. Until now, most of these problems have been solved using the Microservices architecture, but what's next? What next approach should we apply where Microservices fail? In this presentation, we will overview modern approaches to application development with Reactive and Distributed architecture and see how Vert.x help to implement such solutions.
Futures and Rx Observables: powerful abstractions for consuming web services ...Chris Richardson
A modular, polyglot architecture has many advantages but it also adds complexity since each incoming request typically fans out to multiple distributed services. For example, in an online store application the information on a product details page - description, price, recommendations, etc - comes from numerous services. To minimize response time and improve scalability, these services must be invoked concurrently. However, traditional concurrency mechanisms are low-level, painful to use and error-prone.
In this talk you will learn about some powerful yet easy to use abstractions for consuming web services asynchronously. We will compare the various implementations of futures that are available on the JVM. You will learn how to access web services using reactive observables (RxJava), which are asynchronous data streams. We will describe how these mechanisms let you write asynchronous code in a very straightforward, declarative fashion.
Programming Sideways: Asynchronous Techniques for AndroidEmanuele Di Saverio
Android apps need to respond fast, support highly parallel execution and multi component architecture.
Learn some tricks of the trade for these problems!
as presented at www.mobileconference.it (2013 edition)
GDG Devfest 2019 - Build go kit microservices at kubernetes with easeKAI CHU CHUNG
Gokit is microservice tookit and use Service/Endpoint/Transport to strict separation of concerns design. This talk to use go-kit develop microservice application integrate with consul, zipkin, prometheus, etc service and deploy on Kubernetes.
Reactive programming has been touted as one of the most important new programming paradigms in recent history. The idea of designing software as asynchronous streams of data is compelling, as evidenced by the growing popularity of reactive programming and the frameworks based on it. In this session we’ll explore what it is, where it came from, and look at its implementation in the Reactive Extensions API.
Through this presentation you will gain a good understanding of how the clean architecture pattern is implemented at Taxibeat. What issues the Android Taxibeat team has faced so far and what solutions we came up with. Of course, the benefits of clean architecture will also be discussed along with the way we managed to build two fast paced iterative apps that share functionality.
Le temps est révolu où Java EE ne serait qu’à développer des applications de mise à jour de données, avec JSF / EJB / JPA. Aujourd’hui Java EE s’est assoupli et s’est ouvert sur le monde, avec CDI comme clé de voûte et a repoussé nos limites grâce à des capacités d’extension puissantes et faciles d’utilisation comme JCA.
Dans un premier temps, nous reviendrons rapidement sur la place de CDI dans JavaEE 7 et sur ses mécanismes d’extension. Dans un deuxième temps, nous verrons les techniques de connecteurs JCA et comment ils peuvent aussi constituer une possibilité d’ouverture simple à mettre en œuvre. JCA fournit des techniques pour gérer des connexions sortantes ou entrantes, sur des formats ou protocoles variés.
Poche chiacchiere e tanto codice per cercare rendere la nostra vita di
sviluppatori più divertente.
Parleremo di JAX-RS, le annotazioni, l'MVC che mette a disposizione e
l'integrazione di Jersey con Guice.
Useremo AOP per gestire log, transazioni e con l'aiuto di Infinispan
limiteremo le chamate concorrenti sul nostro cluster.
Cloud native applications are popular these days – applications that run in the cloud reliably und scale almost arbitrarily. They follow three key principles: They are built and composed as microservices, they are packaged and distributed in containers and the containers are executed dynamically in the cloud. In this hands-on session we will show how to build, package and deploy cloud native Java EE applications on top of DC/OS - fully automated with Gradle using cloud native infrastructure like Consul, Fabio, Hystrix and Prometheus. And for the fun of it we will be using an off-the-shelf DJ pad, programmed with nothing else than the Java Sound API, to demonstrate the core concepts and to visualize and remote control DC/OS.
MesosCon Europe 2016, Amsterdam: Talk by Josef Adersberger (@adersberger, CTO at QAware).
Abstract: Cloud native applications are popular these days – applications that run in the cloud reliably und scale almost arbitrarily. They follow three key principles: They are built and composed as microservices, they are packaged and distributed in containers and the containers are executed dynamically in the cloud. In this hands-on session we will show how to build, package and deploy cloud native Java EE applications on top of DC/OS - fully automated with Gradle. And for the fun of it we will be using an off-the-shelf DJ pad, programmed with nothing else than the Java Sound API, to demonstrate the core concepts and to visualize and remote control DC/OS.
Vilius Lukošius - Decomposing distributed monolith with Node.js (WIX.com)Agile Lietuva
About the topic:
Wix transitioned from monolith to microservices around 8 years ago. Or did it? We have hundreds of microservices in production with teams working on separate independent services or groups of services with decoupled deployments and SLAs. Sounds like a microservice architecture, but there is a dark truth to it – single platform (jvm), shared libraries (framework), fat clients (binary dependencies). In industry it is called a distributed monolith. There is no easy way or incentive to get rid of it. But there is a way!
Let me tell you a story on how much fun it was, what path we took and where we are now with getting to a proper polyglot microservice architecture.
John About Vilius:
Guild Master @ Wix with experience in different roles and companies (enterprise, start-up, you name it). No matter how much life/circumstances are pushing me to lead/management roles, I always find ways to come back and keep on hacking.
Twitter: https://twitter.com/viliusl
GitHub: https://github.com/viliusl
Programming Sideways: Asynchronous Techniques for AndroidEmanuele Di Saverio
Android apps need to respond fast, support highly parallel execution and multi component architecture.
Learn some tricks of the trade for these problems!
as presented at www.mobileconference.it (2013 edition)
GDG Devfest 2019 - Build go kit microservices at kubernetes with easeKAI CHU CHUNG
Gokit is microservice tookit and use Service/Endpoint/Transport to strict separation of concerns design. This talk to use go-kit develop microservice application integrate with consul, zipkin, prometheus, etc service and deploy on Kubernetes.
Reactive programming has been touted as one of the most important new programming paradigms in recent history. The idea of designing software as asynchronous streams of data is compelling, as evidenced by the growing popularity of reactive programming and the frameworks based on it. In this session we’ll explore what it is, where it came from, and look at its implementation in the Reactive Extensions API.
Through this presentation you will gain a good understanding of how the clean architecture pattern is implemented at Taxibeat. What issues the Android Taxibeat team has faced so far and what solutions we came up with. Of course, the benefits of clean architecture will also be discussed along with the way we managed to build two fast paced iterative apps that share functionality.
Le temps est révolu où Java EE ne serait qu’à développer des applications de mise à jour de données, avec JSF / EJB / JPA. Aujourd’hui Java EE s’est assoupli et s’est ouvert sur le monde, avec CDI comme clé de voûte et a repoussé nos limites grâce à des capacités d’extension puissantes et faciles d’utilisation comme JCA.
Dans un premier temps, nous reviendrons rapidement sur la place de CDI dans JavaEE 7 et sur ses mécanismes d’extension. Dans un deuxième temps, nous verrons les techniques de connecteurs JCA et comment ils peuvent aussi constituer une possibilité d’ouverture simple à mettre en œuvre. JCA fournit des techniques pour gérer des connexions sortantes ou entrantes, sur des formats ou protocoles variés.
Poche chiacchiere e tanto codice per cercare rendere la nostra vita di
sviluppatori più divertente.
Parleremo di JAX-RS, le annotazioni, l'MVC che mette a disposizione e
l'integrazione di Jersey con Guice.
Useremo AOP per gestire log, transazioni e con l'aiuto di Infinispan
limiteremo le chamate concorrenti sul nostro cluster.
Cloud native applications are popular these days – applications that run in the cloud reliably und scale almost arbitrarily. They follow three key principles: They are built and composed as microservices, they are packaged and distributed in containers and the containers are executed dynamically in the cloud. In this hands-on session we will show how to build, package and deploy cloud native Java EE applications on top of DC/OS - fully automated with Gradle using cloud native infrastructure like Consul, Fabio, Hystrix and Prometheus. And for the fun of it we will be using an off-the-shelf DJ pad, programmed with nothing else than the Java Sound API, to demonstrate the core concepts and to visualize and remote control DC/OS.
MesosCon Europe 2016, Amsterdam: Talk by Josef Adersberger (@adersberger, CTO at QAware).
Abstract: Cloud native applications are popular these days – applications that run in the cloud reliably und scale almost arbitrarily. They follow three key principles: They are built and composed as microservices, they are packaged and distributed in containers and the containers are executed dynamically in the cloud. In this hands-on session we will show how to build, package and deploy cloud native Java EE applications on top of DC/OS - fully automated with Gradle. And for the fun of it we will be using an off-the-shelf DJ pad, programmed with nothing else than the Java Sound API, to demonstrate the core concepts and to visualize and remote control DC/OS.
Vilius Lukošius - Decomposing distributed monolith with Node.js (WIX.com)Agile Lietuva
About the topic:
Wix transitioned from monolith to microservices around 8 years ago. Or did it? We have hundreds of microservices in production with teams working on separate independent services or groups of services with decoupled deployments and SLAs. Sounds like a microservice architecture, but there is a dark truth to it – single platform (jvm), shared libraries (framework), fat clients (binary dependencies). In industry it is called a distributed monolith. There is no easy way or incentive to get rid of it. But there is a way!
Let me tell you a story on how much fun it was, what path we took and where we are now with getting to a proper polyglot microservice architecture.
John About Vilius:
Guild Master @ Wix with experience in different roles and companies (enterprise, start-up, you name it). No matter how much life/circumstances are pushing me to lead/management roles, I always find ways to come back and keep on hacking.
Twitter: https://twitter.com/viliusl
GitHub: https://github.com/viliusl
CdCon + GitOpsCon 2023 in Vancouver Canada. Slidedeck for the talk on Scaling Software Delivery: A framework for developer enablement through devRel and outreach.
Linux Foundation Live Webinar: Applying Governance to CI/CDTiffany Jachja
In the SolarWinds hack of 2020, FireEye, a cybersecurity vendor, announced an intrusion that resulted in the theft of over 300 proprietary security tools offered by the vendor. SolarWinds, an IT monitoring vendor, had pushed malicious code to over 18,000 customers, including Fortune 500 companies and large federal agencies, including the U.S. Department of Homeland Security (DHS), Microsoft, and NASA. Following this announcement, security experts launched an investigation into the hack, putting the Software Development Life Cycle (SDLC) and all its processes under review. Join this webinar session as we discuss:
The role of CI/CD and its potential impacts on events like the SolarWinds hack
How to apply IT Governance principles and practices to CI/CD pipelines
And how to use these CI/CD capabilities to the reduce and mitigate software risks
https://harness.io/blog/devops/agile-foundations/
Agile Foundations for Developers
Agile methodologies have quickly become the defacto approach to software development. Its short and iterative approach gives organizations the ability to ship code features that meet quickly changing business needs regularly. For many teams delivering digital value, agile methodologies are the key to shortening feedback loops and breaking down silos. Join this webinar to learn:
Key agile components
How to facilitate agile team ceremonies
And popular agile frameworks such as SAFe
Talk: How to Get CI/CD Right in 2021: A Guide to CI and CD
Software delivery is a top priority for organizations that own software, yet it remains one of the most challenging problems enterprises face today. Continuous integration (CI) and continuous delivery (CD) are software practices that allow organizations and teams to deliver code to customers quickly, safely, and repeatedly. Whether it's to improve development, operations, or security, CI/CD pipelines give engineers and teams more time to work on things that matter and less time struggling with the risk, standards, and velocity of deployments. Join this session to learn about the components of CI/CD and how to build and scale pipelines for the future.
https://www.youtube.com/watch?v=zSJcuWSyysM
Succeeding With Microservices | Harness WebinarTiffany Jachja
Succeeding With Microservices
The adoption of microservice architectures has steadily increased since 2014, enabling a form of distributed computing within the cloud. This architecture is particularly useful for organizations that need to scale or manage large and complex applications. Yet there is a learning curve to get the most out of microservices architectures, and it does impose constraints on your applications.
Microservices enforce services that are smaller and faster to test such that each team can develop, test, deploy, and scale their services independently of all other teams. Harness is here to help you manage the simplest and most complex deployments. Join this session to learn key principles needed to start with Microservices:
Domain-driven design
Bounded Contexts
And Conway’s Law and the impact on the organization
{unscripted} 2020 : A Conference for Simplifying and Scaling Software DeliveryTiffany Jachja
{unscripted} is a virtual conference for software engineers, DevOps practitioners, and technology leaders to learn and share stories of simplified software delivery at scale.
Session Title: The Challenges and Goals of Continuous Delivery
Abstract: Software delivery is a top priority for organizations that own software, yet it remains one of the most challenging problems enterprises face today. Continuous delivery(CD) enables software changes of all types to reach production environments in a safe, quick, and sustainable way. Join this session to learn about the state of CD today and how organizations are making deployments predictable and routine such that developers can better spend their time on services in the cloud.
Bio: Tiffany Jachja is a technical evangelist at Harness. She is an advocate for better software delivery, sharing applicable practices, stories, and content around modern technologies. Before joining Harness, Tiffany was a consultant with Red Hat's Consulting practice. There she used her experience to help customers build their software applications living in the cloud.
Cloud costs solutions provide a common platform to reduce spend without adding risks to business operations. We know that costs for public cloud services can quickly get out of hand, so without these solutions, the invoice would be a black box. Yet to many users, desperately seeking to reduce their cloud costs, the root cause of the costs is hidden within subtleties of cloud resources. This makes it difficult for teams to plan work, test their services, and manage costs. But no worries Harness is here to help!
Join this session to learn how to scale your development in the cloud with Continuous Efficiency. Attendees will learn how development resources such as idle environments or services with overallocated resources contribute to cloud costs.
Skilup Day Value Stream Management: Fundamentals in Lean ThinkingTiffany Jachja
Managing the Process: Fundamentals in Lean Thinking
Organizations and teams gain insights into their business value flow through value stream management. These value stream techniques bring together people, processes, and technology, which is also a common pursuit in DevOps. Many leaders are looking for effective techniques for their DevOps journeys, unifying people, processes, and technology. Lean thinking is a business methodology that aims to optimize the software development and delivery lifecycle. However, applying a lean mindset often brings challenges, as people are less likely to change how they work. Join this session as we discuss lean thinking pitfalls in DevOps teams and share how lean principles apply to value stream management.
https://devopsinstitute.com/devops-institute-may-highlights/
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...Tiffany Jachja
Title: Navigating Your Kubernetes Journey through Continuous Delivery
Abstract:
Let's say you were told to use Kubernetes, and you had no idea where to start. You know that Kubernetes enables container architectures that scale to meet enterprise-scale demands. And you also know that you need to deliver your software reliably to your end-users. Join us in this session to learn how to navigate your Kubernetes journey through continuous delivery (CD). CD enables software changes of all types to reach production environments in a safe, quick, and sustainable way. Attendees will learn cloud-native concepts and how to accelerate their container-native application development through people, process, and technology.
Bio:
Tiffany Jachja is a technical evangelist at Harness. She is an advocate for better software delivery, sharing applicable practices, stories, and content around modern technologies. Before joining Harness, Tiffany was a consultant with Red Hat's Consulting practice. There she used her experience to help customers build their software applications living in the cloud.
A DevOps Practitioner’s Guide to AI and MLTiffany Jachja
A DevOps Practitioner’s Guide to AI and ML - Slide Deck
Recording Link:
https://nadog.com/devopsblog/ai-and-ml-for-devops-devops-webcast/
Presented by Tiffany Jachja
Abstract
Adoption of automation practices and tooling has quickly risen throughout organizations that own software services today. The effects give organizations a continuous cycle for delivering business value and software changes. However, the ecosystem for how we deliver continues to change every day. Artificial intelligence (AI) and machine learning (ML) today give teams the data, automation, and scale needed to deliver software value faster with confidence and sustainability. But many software delivery stakeholders are at a loss to applicable use cases for AI and ML. Join this NADOG session to learn the foundations of AI and ML and along with the available opportunities to leverage AI and ML for better software delivery.
Title: A Snapshot of DevOps
Abstract:
DevOps is like a camera. We focus on what's important, we capture the good times, we develop from the negatives, and if things don't work out, we take another shot. Many teams establishing working best practices for their tools improve their time to deliver and ability to scale. However, the real challenges exist outside of tools and technology and many teams today still have questions about DevOps. So, join this session to learn the fundamentals of shaping a DevOps culture. We'll discuss key attributes around people, process, and technology, likening you and DevOps to pro photographers and cameras.
Presented by Tiffany Jachja.
Tiffany Jachja is a technical evangelist at Harness. She is an advocate for better software delivery, sharing applicable practices, stories, and content around modern technologies. Before joining Harness, Tiffany was a consultant with Red Hat's Consulting practice. There she used her experience to help customers build their software applications living in the cloud.
https://www.meetup.com/Data-on-Kubernetes-community/events/276332406/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.