This document discusses principles and practices for continuous delivery including automating the build, deployment, testing and release process. It emphasizes reducing risk through techniques like feature toggles, blue-green deployments, canary releasing and implementing a production immune system. It also stresses the importance of collaboration between developers, testers and operations personnel.
Overview of Cloud Computing, Infrastructure as a Service, Platform as a Service, Software as a Service.
Cloud computing means transferring ICT resources (servers, hosts, applications, databases, platforms etc.) to a cloud service provider (CSP) with the goal of reducing capital expenditures (CapEx).
Cloud computing differs from legacy hosting services in that CSPs offer standardized services on a massive scale which results in economy-of-scale effects thus further reducing operating expenses (OpEx).
Different cloud models such as public, private and hybrid clouds address different customer needs.
The 3 categories for the functional level of cloud services are IaaS (Infrastructure as a Service),
PaaS (Platform as a Service) and SaaS (Software as a Service). Countless models emerge almost daily such as MaaS (Management as a Service), BaaS (Backend as a Service) and NaaS (Network as a Service).
To accommodate increases in processing power, cloud services offer the possibility to scale-up or scale-out.
With the release and availability of the latest CPUs and GPUs, servers are generating more heat than ever before. While the work per watt is increasing, the heat generated by the newest generation of CPUs and GPUs must be removed from the server. There are several different methods of liquid cooling for servers, all of them consuming much less power and water than traditional free air cooling.
Join this webinar to hear about how Supermicro is working within The Green Grid to simplify the decision-making process, resulting in a lower power usage, lower water usage and a lower carbon footprint. All of these lead to more attractive PUE, WUE and CUE measurements which positively impact ESG ratings and scores.
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
We are rapidly approaching the next era of security where we need to be focused on the ability to recover from irrecoverable attacks. This can also be defined as resiliency. The traditional view of resiliency attempts to quickly restore assets that support services that we care about. This new approach/paradigm looks at resilience in ways that promote design patterns (distributed, immutable, ephemeral) where we do not care about a given asset at all while still keeping the overall service functioning. This new approach allows us to avoid having to deal with security at all.
Datadog: From a single product to a growing platform by Alexis Lê-Quôc, CTOTheFamily
By Alexis (https://twitter.com/alq), CTO at Datadog (https://www.datadoghq.com)
Alexis built Datadog's whole infrastructure and team from scratch as a co-founder. From a very small & dedicated team with no experience, he learned step by step to build a complete product ️
He shared with us his experience as a co-founder and CTO building a cloud giant in New York. How do you keep learning, how do you interact with customers & your market to drive your product development, and how do you monitor it all to make you company evolve will be the main topics of his talk.
Learn what makes SCADAguardian (the Nozomi Networks flagship technology) so unique and powerful. From enterprise IT, to OT, we enable scalable security strategies for ICS.
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
In 2017, a sophisticated threat actor deployed the TRITON attack framework engineered to manipulate industrial safety systems at a critical infrastructure facility. This talk offers new insights into TRITON attack framework which became an unprecedented milestone in the history of cyber-warfare as it is the first publicly observed malware that specifically targets protection functions meant to safeguard human lives. While the attack was discovered before its ultimate goal was achieved, that is, disruption of the physical process, TRITON is a wakeup call regarding the need to urgently improve ICS cybersecurity.
Migrating to Microservices Patterns and Technologies (edition 2023)Ahmed Misbah
This session is targeted towards teams and organizations considering to migrate their applications from Monolithic to Microservice architecture. Migrating application architectures to Microservices is considered a key area of transformation in the IT world. Modernizing legacy applications to Kubernetes-based Microservices can prove to be very challenging if not planned correctly, taking into consideration the right technologies and enablers.
The session proposes Istio as an enabler for migrating to Microservices. Istio is an implementation of service mesh, a technology useful for migrating to Microservices iteratively and safely. We explain how Istio can be used as a bridge and enabler for modernizing legacy Monolithic applications to Microservices.
Overview of Cloud Computing, Infrastructure as a Service, Platform as a Service, Software as a Service.
Cloud computing means transferring ICT resources (servers, hosts, applications, databases, platforms etc.) to a cloud service provider (CSP) with the goal of reducing capital expenditures (CapEx).
Cloud computing differs from legacy hosting services in that CSPs offer standardized services on a massive scale which results in economy-of-scale effects thus further reducing operating expenses (OpEx).
Different cloud models such as public, private and hybrid clouds address different customer needs.
The 3 categories for the functional level of cloud services are IaaS (Infrastructure as a Service),
PaaS (Platform as a Service) and SaaS (Software as a Service). Countless models emerge almost daily such as MaaS (Management as a Service), BaaS (Backend as a Service) and NaaS (Network as a Service).
To accommodate increases in processing power, cloud services offer the possibility to scale-up or scale-out.
With the release and availability of the latest CPUs and GPUs, servers are generating more heat than ever before. While the work per watt is increasing, the heat generated by the newest generation of CPUs and GPUs must be removed from the server. There are several different methods of liquid cooling for servers, all of them consuming much less power and water than traditional free air cooling.
Join this webinar to hear about how Supermicro is working within The Green Grid to simplify the decision-making process, resulting in a lower power usage, lower water usage and a lower carbon footprint. All of these lead to more attractive PUE, WUE and CUE measurements which positively impact ESG ratings and scores.
Distributed Immutable Ephemeral - New Paradigms for the Next Era of SecuritySounil Yu
We are rapidly approaching the next era of security where we need to be focused on the ability to recover from irrecoverable attacks. This can also be defined as resiliency. The traditional view of resiliency attempts to quickly restore assets that support services that we care about. This new approach/paradigm looks at resilience in ways that promote design patterns (distributed, immutable, ephemeral) where we do not care about a given asset at all while still keeping the overall service functioning. This new approach allows us to avoid having to deal with security at all.
Datadog: From a single product to a growing platform by Alexis Lê-Quôc, CTOTheFamily
By Alexis (https://twitter.com/alq), CTO at Datadog (https://www.datadoghq.com)
Alexis built Datadog's whole infrastructure and team from scratch as a co-founder. From a very small & dedicated team with no experience, he learned step by step to build a complete product ️
He shared with us his experience as a co-founder and CTO building a cloud giant in New York. How do you keep learning, how do you interact with customers & your market to drive your product development, and how do you monitor it all to make you company evolve will be the main topics of his talk.
Learn what makes SCADAguardian (the Nozomi Networks flagship technology) so unique and powerful. From enterprise IT, to OT, we enable scalable security strategies for ICS.
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
In 2017, a sophisticated threat actor deployed the TRITON attack framework engineered to manipulate industrial safety systems at a critical infrastructure facility. This talk offers new insights into TRITON attack framework which became an unprecedented milestone in the history of cyber-warfare as it is the first publicly observed malware that specifically targets protection functions meant to safeguard human lives. While the attack was discovered before its ultimate goal was achieved, that is, disruption of the physical process, TRITON is a wakeup call regarding the need to urgently improve ICS cybersecurity.
Migrating to Microservices Patterns and Technologies (edition 2023)Ahmed Misbah
This session is targeted towards teams and organizations considering to migrate their applications from Monolithic to Microservice architecture. Migrating application architectures to Microservices is considered a key area of transformation in the IT world. Modernizing legacy applications to Kubernetes-based Microservices can prove to be very challenging if not planned correctly, taking into consideration the right technologies and enablers.
The session proposes Istio as an enabler for migrating to Microservices. Istio is an implementation of service mesh, a technology useful for migrating to Microservices iteratively and safely. We explain how Istio can be used as a bridge and enabler for modernizing legacy Monolithic applications to Microservices.
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
As we get to know what life in the digital domain is like, one of the revelations we've had is that many large and plenty of smaller organisations are targets of espionage, of the nefarious APT.
During the last decade, it has become gospel to wait, watch, analyse and learn if you detect such an attacker in your infrastructure. Why? Because you get one chance to do the eviction of the attacker right. And if you fail, all your efforts will eventually have been for nothing.
But for how long should you wait and watch? When have you watched long enough? When have you learned enough? And how do you make that decision?
That is the challenge I hope the Cyber Threat Intelligence Matrix can help you face in a more structured manner.
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
Based on investigations of real-world attacks, Microsoft Office 365 cybersecurity experts provide a prescriptive approach to identifying and implementing the most critical security controls to protect your Office 365 tenant. You will learn threats and defenses change from on-premises attacks and what Microsoft recommends for quickly protecting against the most likely and impactful risks.
(Source: RSA Conference USA 2018)
Click here to listen to the webcast - http://bit.ly/MdAzXd
DITA Tasks are often the most valuable content we create – especially when we present them in Support portals. But if end-users can’t find them they have no value – avoiding that requires classifying them with metadata and labels from a standard taxonomy.
Taxonomy and metadata can seem like scary or complex turf to the uninitiated – but they don’t have to be. In this 40-minute webinar, Paul Wlodarczyk will walk you through a simple process to begin to assemble a basic taxonomy of controlled vocabularies for tagging your DITA Tasks.
You will learn:
The most critical metadata for classifying tasks – regardless of your industry
How to use tools that you already own to build your taxonomy
Simple rules for keeping your terms consistent
Using existing lists of terms so you don’t have to build a taxonomy from scratch
[Webinar Presentation] Best Practices for IT/OT ConvergenceSchneider Electric
All over the world, utilities are facing up to the task of integrating information technology (IT) operations with those of operational technology (OT). What's driving it? How can utilities prepare? What should they expect?
The webinar recording is also available on-demand. To view it, please click here: http://goo.gl/b3kxm5
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...MITRE ATT&CK
From ATT&CKcon 3.0
By Aunshul Rege, Katorah Williams, and Rachel Bleiman, Temple University
Social engineering (SE) is a technique used by cybercriminals to psychologically manipulate individuals into disclosing sensitive information and providing unauthorized access. Penetration testers are tasked with simulating targeted attacks on a company's system to determine any weaknesses in their environment.
The 2021 Summer SE Pen Test Competition allowed students to experience SE pen testing in a safe and ethical way. Student teams were "hired" to conduct a SE pen test on the CARE Lab (run by the authors) and their employees (the authors themselves)! Teams had to use OSINT, phishing, and vishing in real-time to target the lab, develop attack playbooks, and map the techniques to the ATT&CK framework.
This talk shares the application of ATT&CK in cybersecurity education. Specifically, it (i) focuses on how students map their SE attack playbooks to the ATT&CK framework, (ii) compares/contrasts SE techniques across various student groups: 6 graduate teams, 9 undergraduate teams, and 1 high school team, and (iii) how ATT&CK can be used for SE.
Mind Map of Big Data Technologies and ConceptsAmir Hadad
My first try to capture #bigdata related concepts and technologies in a #mindmap!
#NoSQL vs #SQL https://db-engines.com/
#Streaming vs #Batchprocessing https://lnkd.in/gNEdsrC
#BigDataSecurity https://lnkd.in/gA8e7RC
#OLAP https://lnkd.in/gh3z6r9
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Cloud offers organizations the opportunity to run their workloads on physical machines at a reduced cost, with better overall performance and enhanced security. Yet engaging in a partial or total migration to cloud requires a solid, holistic strategy that focuses on technical and management challenges that will likely arise, and an organizational mindset that will help ensure the migration’s success. This introductory, vendor agnostic talk will highlight the technical, management and cultural considerations that every cloud migration strategy should consider, how to address some common challenges, and best practices to help guide the process.
Embark on a thrilling exploration of cloud security assessment methods! Discover the latest strategies to safeguard your cloud infrastructure against evolving threats. Join us for actionable insights and practical tips to fortify your defenses. Don't miss out—secure your digital assets with confidence!
Faster, simpler, more secure remote access to apps in awsZscaler
Although 60% of enterprises now run apps on AWS, the user experience for remote users is typically slow as most traffic is still tunneled through their data center breaking the cloud experience.
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio AnalysisCAST
CAST Highlight is the SaaS platform to track software health, cloud readiness, complexity and cost of your software portfolio using predictive pattern analysis.
It will analyze the frequency of bad code pattern in application.By combining code quality metrics and indicators with information gathered from your development experts, CAST HIGHLIGHT identifies the critical systems that have high probability of failure or maintenance risk. This rapid discovery and classification of your systems and potential vulnerabilities allows you to divert resources for further investigation, root cause analysis, or reallocation to prevent failures.
A bird's eye view of cloud computing vendor landscape. For the interactive version, do checkout http://techarda.com/software/categories/cloud-computing/landscape
Behavior Driven Development—A Guide to Agile PracticesTechWell
It seems as if the agile methods have lots of DD’s going on. BDD – Behavior Driven Development, ATDD – Acceptance Test Driven Development and several others. Adopting BDD allows for testing to be done as early as possible in the software development life cycle, promoting accurate testing, ensuring proper test coverage, and supporting the introduction of automation testing. One challenge is understanding the characteristics and benefits of “driven” approaches. Join Josh Eastman to discover ways that BDD can be employed to describe and test system behavior, user stories, and user acceptance. Josh will discuss Gherkin - the language to capture behavior descriptions and automation with cucumber and explore the four major values of BDD to ensure product quality, while driving time and cost savings. Leave this session with a ideas to reduce the ambiguity and miscommunications that occurs during development and testing.
Security Operations Center (SOC) Essentials for the SMEAlienVault
Closing the gaps in security controls, systems, people and processes is not an easy feat, particularly for IT practitioners in smaller organizations with limited budgets and few (if any) dedicated security staff. So, what are the essential security capabilities needed to establish a security operations center and start closing those gaps?
Join Javvad Malik of 451 Research and Patrick Bedwell, VP of Product Marketing at AlienVault for this session covering:
*Developments in the threat landscape driving a shift from preventative to detective controls
*Essential security controls needed to defend against modern threats
*Fundamentals for evaluating a security approach that will work for you, not against you
*How a unified approach to security visibility can help you get from install to insight more quickly
As we get to know what life in the digital domain is like, one of the revelations we've had is that many large and plenty of smaller organisations are targets of espionage, of the nefarious APT.
During the last decade, it has become gospel to wait, watch, analyse and learn if you detect such an attacker in your infrastructure. Why? Because you get one chance to do the eviction of the attacker right. And if you fail, all your efforts will eventually have been for nothing.
But for how long should you wait and watch? When have you watched long enough? When have you learned enough? And how do you make that decision?
That is the challenge I hope the Cyber Threat Intelligence Matrix can help you face in a more structured manner.
Office 365 Security: Top Priorities for 30 Days, 90 Days and BeyondPriyanka Aash
Based on investigations of real-world attacks, Microsoft Office 365 cybersecurity experts provide a prescriptive approach to identifying and implementing the most critical security controls to protect your Office 365 tenant. You will learn threats and defenses change from on-premises attacks and what Microsoft recommends for quickly protecting against the most likely and impactful risks.
(Source: RSA Conference USA 2018)
Click here to listen to the webcast - http://bit.ly/MdAzXd
DITA Tasks are often the most valuable content we create – especially when we present them in Support portals. But if end-users can’t find them they have no value – avoiding that requires classifying them with metadata and labels from a standard taxonomy.
Taxonomy and metadata can seem like scary or complex turf to the uninitiated – but they don’t have to be. In this 40-minute webinar, Paul Wlodarczyk will walk you through a simple process to begin to assemble a basic taxonomy of controlled vocabularies for tagging your DITA Tasks.
You will learn:
The most critical metadata for classifying tasks – regardless of your industry
How to use tools that you already own to build your taxonomy
Simple rules for keeping your terms consistent
Using existing lists of terms so you don’t have to build a taxonomy from scratch
[Webinar Presentation] Best Practices for IT/OT ConvergenceSchneider Electric
All over the world, utilities are facing up to the task of integrating information technology (IT) operations with those of operational technology (OT). What's driving it? How can utilities prepare? What should they expect?
The webinar recording is also available on-demand. To view it, please click here: http://goo.gl/b3kxm5
Exploring how Students Map Social Engineering Techniques to the ATT&CK Framew...MITRE ATT&CK
From ATT&CKcon 3.0
By Aunshul Rege, Katorah Williams, and Rachel Bleiman, Temple University
Social engineering (SE) is a technique used by cybercriminals to psychologically manipulate individuals into disclosing sensitive information and providing unauthorized access. Penetration testers are tasked with simulating targeted attacks on a company's system to determine any weaknesses in their environment.
The 2021 Summer SE Pen Test Competition allowed students to experience SE pen testing in a safe and ethical way. Student teams were "hired" to conduct a SE pen test on the CARE Lab (run by the authors) and their employees (the authors themselves)! Teams had to use OSINT, phishing, and vishing in real-time to target the lab, develop attack playbooks, and map the techniques to the ATT&CK framework.
This talk shares the application of ATT&CK in cybersecurity education. Specifically, it (i) focuses on how students map their SE attack playbooks to the ATT&CK framework, (ii) compares/contrasts SE techniques across various student groups: 6 graduate teams, 9 undergraduate teams, and 1 high school team, and (iii) how ATT&CK can be used for SE.
Mind Map of Big Data Technologies and ConceptsAmir Hadad
My first try to capture #bigdata related concepts and technologies in a #mindmap!
#NoSQL vs #SQL https://db-engines.com/
#Streaming vs #Batchprocessing https://lnkd.in/gNEdsrC
#BigDataSecurity https://lnkd.in/gA8e7RC
#OLAP https://lnkd.in/gh3z6r9
Everyone is talking about or asking for red teaming. Most of them are getting it wrong. I talk about the history and definitions of red teaming, what you should be doing before you bother with red teaming and critical issues to watch out for when you do leverage it.
Cloud offers organizations the opportunity to run their workloads on physical machines at a reduced cost, with better overall performance and enhanced security. Yet engaging in a partial or total migration to cloud requires a solid, holistic strategy that focuses on technical and management challenges that will likely arise, and an organizational mindset that will help ensure the migration’s success. This introductory, vendor agnostic talk will highlight the technical, management and cultural considerations that every cloud migration strategy should consider, how to address some common challenges, and best practices to help guide the process.
Embark on a thrilling exploration of cloud security assessment methods! Discover the latest strategies to safeguard your cloud infrastructure against evolving threats. Join us for actionable insights and practical tips to fortify your defenses. Don't miss out—secure your digital assets with confidence!
Faster, simpler, more secure remote access to apps in awsZscaler
Although 60% of enterprises now run apps on AWS, the user experience for remote users is typically slow as most traffic is still tunneled through their data center breaking the cloud experience.
Introduction to CAST HIGHLIGHT - Rapid Application Portfolio AnalysisCAST
CAST Highlight is the SaaS platform to track software health, cloud readiness, complexity and cost of your software portfolio using predictive pattern analysis.
It will analyze the frequency of bad code pattern in application.By combining code quality metrics and indicators with information gathered from your development experts, CAST HIGHLIGHT identifies the critical systems that have high probability of failure or maintenance risk. This rapid discovery and classification of your systems and potential vulnerabilities allows you to divert resources for further investigation, root cause analysis, or reallocation to prevent failures.
A bird's eye view of cloud computing vendor landscape. For the interactive version, do checkout http://techarda.com/software/categories/cloud-computing/landscape
Behavior Driven Development—A Guide to Agile PracticesTechWell
It seems as if the agile methods have lots of DD’s going on. BDD – Behavior Driven Development, ATDD – Acceptance Test Driven Development and several others. Adopting BDD allows for testing to be done as early as possible in the software development life cycle, promoting accurate testing, ensuring proper test coverage, and supporting the introduction of automation testing. One challenge is understanding the characteristics and benefits of “driven” approaches. Join Josh Eastman to discover ways that BDD can be employed to describe and test system behavior, user stories, and user acceptance. Josh will discuss Gherkin - the language to capture behavior descriptions and automation with cucumber and explore the four major values of BDD to ensure product quality, while driving time and cost savings. Leave this session with a ideas to reduce the ambiguity and miscommunications that occurs during development and testing.
Presentation given at Heanet 2015 conference, giving a brief outline of what responsive design is and why libraries should take it into consideration when planning the delivery of web services.
Webinar - Design Thinking for Platform EngineeringOpenCredo
Design Thinking is revolutionising the delivery of next-level digital services with best-of-breed product design and user interface principles ensuring close alignment with users and making services a joy to use.
While much of this success has been in the delivery of customer-facing services, there is untapped potential when it comes to delivering frictionless experiences for the internal users of your infrastructure services – promising business value through increased productivity and reduced frustration in your development and operations teams.
Check out the slides from our webinar on approaching platform engineering with a design thinking mindset.
Testing and DevOps: Organizations and Their Culture Must ChangeTechWell
The DevOps movement is here. Now, companies with mature systems are breaking down siloed IT departments and federating them into product development teams and departments. Testing and its practices are at the heart of these changes. Traditionally, development organizations have been filled with mostly manual testers and a limited number of automation and performance engineers. Adam Auerbach says this has to change. To keep pace with development in the new “you build it, you own it” environment, testing teams and individuals must develop new technical skills and even embrace coding to stay relevant and add more value to the business. Based on his experiences at Capital One, Adam explores what the DevOps movement is all about, its core values, and proven patterns for how testing must evolve. In organizations implementing DevOps, testers and test teams—with the right skills and mindset—can help lead the transformation and not be left behind. You and your team can be the agents that help your organization and its culture change to reap the benefits of the DevOps revolution.
Based on hands-on Agile experience acquired over multiple delivery projects and Agile coaching/consulting assignments, Vatsala and Aman share common Agile Testing dilemmas, and possible solutions, tying them to the principle of "moving testing upstream".
Presented at Next Generation Testing conference in Bangalore, India (July 2014).
Comprehensive overview of using Test Driven Development (TDD), Behavior Driven Development (BDD), Continuous Integration (CI), Continuous Delivery (CD), Development Operations (DevOps), and Development Operations Security (DevOpsSec). Describes the current global environment, basic lean and agile principles, and the evolution of Microservices. From there, a detailed deep-dive of TDD, BDD, CI, CD, DevOps, and DevOpsSec principles and practices ensues. Closes by identifying key DevOps tool automation ecosystems/pipelines, metrics, case studies, return on investment (ROI)/business cases, implementation roadmaps, adoption statistics, leadership insights, and a summary. Contains a lot of helpful data for constructing DevOps strategic business cases as well as tactical implementation strategies (while not ignoring essential elements such as microservices, containerization, and application security).
Today, Atlassian runs experiments and personalization campaigns across all their products, campaigns, and commerce. But it wasn’t always like this. Atlassian started small and at their own pace, grew across the enterprise.
Join Tom Tsao, the head of eCommerce at Atlassian, to learn how they evolved, from the origins of their program, to their process and team structure.
-Learn how to build a program around digital experience optimization using Optimizely.
-Get advanced use cases that deliver business impact.
-Learn what metrics are important in measuring the growth of your program.
Focus on Your Analysis, Not Your SQL CodeDATAVERSITY
Analysts in the line of business deal with a myriad of time-consuming data preparation and analytic challenges that often require IT or DBA intervention to deliver a requested dataset. Others have taught themselves “enough SQL to be dangerous”, learning the necessary code to extract the data needed to answer their business question. Self-service data analytics empowers these business analysts to take control of the entire analytics process, delivering the necessary results for better business decisions.
Join us to learn how self-service data analytics allows analysts to:
- Utilize a drag-and-drop workflow for data and analytic processes without writing code
- Minimize data movement and ensure data integrity through in-database capabilities
- Easily work across relational and non-relational databases to deliver faster business results
Self-service data analytics delivers a repeatable process that is transparent to not only business analysts, but also SQL coders and decision makers across the organization.
Using agile testing to drive product innovationStephen Graves
Traditionally, testing is often thought of as the "Quality" function of the software development process. One that happens after the "creative work" of the product and development team are finished. Over the past decade, Agile testing methods like Test Driven Development and technology advancements in test automation have improved team responsiveness and release cycle time. Yet while Agile Testing methods have made software development more efficient there is still a great need to make it more effective - with a tighter alignment to features and capabilities that actually matter to the users and cycle times that enable faster learning.
Lean startup is a methodology for developing businesses and products, which aims to shorten product development cycles by adopting a combination of business-hypothesis-driven experimentation, iterative product releases, and validated learning. Stephen speaks on how to add the most relevant concepts of Lean Startup to your Agile Testing regime in order to guide backlog prioritization and discover new features and capabilities. The natural feedback loops of testing, especially during UAT, provide a continual opportunity to see from the users perspective. By using Lean Startup methods and making testing an integral part of the innovation process your team can make products not only that work but that matter.
Speaker Profile
Stephen Graves is currently the CEO of eTruVal, a startup providing property data and analytics to commercial real estate investors. Previously, he was Director of Global Business Operations at CA Technologies, where he ran multiple programs initiatives including New Product Incubation across all the business units. Prior to that, Stephen has held positions as a management consultant, a senior Business Analyst for a NYC government agency managing multi-million dollar projects and has founded two tech startups. Additionally, Stephen has earned an MBA from Edinburgh Business School and certifications as a Project Management Professional, Professional Scrum Master, ITSL and SAFeAgilist.
http://www.1point21gws.com/testingsummit/2017/Agile_Testing_and_Test_Automation_Devops_QA_Newyork/
RightScale Webinar: November 11, 2010 – This webinar will empower you with the tools, data and approaches – from pilot projects to ROI analysis – that you can use to help win over colleagues and accelerate cloud deployments in your company.
JDD 2016 - Joseph W. Yoder - Deliver Fast "With Confidence"PROIDEA
When developing and delivering large, complex systems it can be all too easy to only focus on features and overlook software qualities specific those related to software architecture. Being agile, with its focus on extensive testing and frequent integration, has shown that it can make it easier to deal with issues related to evolving the architectures, specifically when trying keeping the system working while making significant improvements when adding functionality. However, time has shown that various Agile practices are not sufficient to prevent or eliminate Technical Debt which can ultimately affect reliability. It is important to recognize what is core to the architecture and the problem at hand when evolving an architecture. If there is not enough attention on the architecture and code base, ultimately technical debt will creep in to the point where it can become hard to delivery quickly and with confidence.
Two important principle that can help teams deliver more quickly and with confidence is to focus on code quality and delivery size. Small frequently delivery with constant attention to a good code base is crucial to being able to sustain faster delivery with confidence. Often teams evolve to continuous delivery with some limited success, however issues arise when there is not good validation through tests and constant attention to the code quality. Practices that can help keep the code clean or from getting muddier include: Testing, Divide & Conquer, Gentrification, Quarantine, Refactoring, and Craftsmanship. This talk will examine techniques such as Continuous Integration, Continuous Inspection, Continuous Delivery as well as other techniques to pay good attention to code quality allowing teams to delivery more quickly and with confidence.
Design System as a Product - Maria Elena Duenias, Esther Butcher
Design systems are a great example where web development and design meet. You can find innumerable resources on the internet, books and conferences on how to build them, and how they are exactly what your organization needs. But, building one requires a lot more than following a recipe. In this talk we are going to discuss how to build a design system as an internal product, and how it evolves to become what the users need.
Designers, Developers and Dogs: Finding the magic balance between product and tech - Charlotte Vorbeck, ShareNow and Sahil Bajaj
How can an agile delivery team become a successful product team? When does collaboration between product and tech succeed and when not? Why do people in some teams inspire each other while others in the same environment don't speak the same language? In this talk we want to share our learnings and experiences from rebuilding an internal tool for customer support at ShareNow. What could have been just another boring rewrite surprisingly became one of our best experiences in collaboration. We will look at how a joint discovery phase helped us to come up with a shared vision, how a better team setup enabled us to do the necessary work, how focusing on the customer kept us aligned during our journey, and also how we built upon existing collaborative techniques to achieve this new level of cooperation and trust.
During this presentation, Ward Coessens, ThoughtWorks' Consultant will share best practice insights from the Daimler partnership, helping the automotive group on their cloud innovation journey.
How to create more business impact with flexible teams - Jan Hegewald, Zalando & Rebekka Beels, Zalando
Usually, Software Engineering teams are organized around a fixed set of components which they develop further and maintain. Such component teams gain a high level of expert knowledge about their services. However, with agile product development, it often is difficult to implement the most important initiatives with such teams. This leads to a situation where the teams do not work on the most relevant business topics but on those for the respective team. At Zalando, we introduced a new model where we shape teams flexibly around business goals to create the highest impact. How we organize these teams and which challenges especially for the software quality need to be addressed, will be explored in this talk.
Amazon’s Culture of Innovation & The Working Backwards session
Working Backwards; leading organisations achieve growth by marrying customer-obsession with a modern technology strategy. Where do you begin? By focusing on the customer.
During this webinar, Amazon will discuss key innovation principles which have been instrumental in their continued success and their Working Backwards approach.
Dual-Track Agile for Discovery & Development - Adriana Katrandzhieva
The talk will focus on one of the ways teams can ensure continuous delivery and design in their projects. The so-called ‘Dual-track’ model shows the parallel tracks of discovery and development throughout the product design and delivery process. These continually feedback into each other informing new hypothesis that can be tested in order to be proven/disproven. This model is not always easy to implement out of the box and so I will share my own experiences in applying it in practice - what worked, what didn't and how the model can be adjusted to fit different teams and organisational environments.
Designing the Developer Experience - Tanja Bach, Jacob Bo Tiedemann
Working with software that some other people have built, is not only daily business for private and business users but also for developers. Just like any other product, a product for developers needs to solve their problems and focus on the right jobs-to-be-done in order to be successfully adopted by the developer community. In this talk, we will explain why the developer experience matters not only to developers but also to the business. We will share our learnings and real-world examples of how we created a developer experience for a cloud infrastructure product and an IoT platform that the developers love.
When we design together - Sabrina Mach, Ammara Gafoor and James Emmott
From three distinct perspectives, this talk will contend that design is an activity undertaken by everyone in a software development team. It occurs throughout the process of delivery — not only at the beginning or the end — and it is a powerful instrument for learning about and adapting to the problems our work seeks to solve, which is a shared responsibility. Making the best use of our multidisciplinary expertise in the activity of design requires forms of collaboration that are too often disrupted by the role-based silos that keep us separated and weaken the valuable contribution our diverse approaches could make to our collective efforts. If you care about accelerating time to market, improving customer experience, or building happy and productive teams, you will want to know why and how it matters that we believe ‘design is in everything that we do’.
Hardware is hard(er): designing for distributed user experiences in IoT - Claire Rowland, www.clairerowland.com
Designing connected devices and hardware-enabled services is significantly more complex than pure software. There are more devices on which code can run, connectivity and data sharing patterns to consider, and often multiple and varied touchpoints for users to interact with. Pulling this all together into a coherent experience involves strong collaboration between design and engineering, and a systems thinking approach to UX. In this talk, we’ll introduce what designers need to know about the tech, what engineers need to know about UX for IoT, and how to facilitate the whole-collaboration needed to create great products.
www.clairerowland.com
Customer-centric innovation enabled by cloudThoughtworks
Working Backwards - Leading organisations achieve growth by marrying customer-obsession with a modern technology strategy. In this upcoming webinar, we’ve partnered with AWS to bring you exclusive insights from one of the world’s most innovative companies, Amazon.
Working Backwards - Leading organisations achieve growth by marrying customer-obsession with a modern technology strategy. In this upcoming webinar, we’ve partnered with AWS to bring you exclusive insights from one of the world’s most innovative companies, Amazon.
Find out how to validate hypotheses quickly using feedback that comes from a (large enough) number of actual users interacting with your product. In this talk, we will show you the technical foundations, research techniques and organisational setup that we have used successfully on large-scale products. These will save you development time, enable you to go live with confidence, make decisions based on real behaviour instead of best guesses, and solve the actual problems your users are facing.
As a tech leader at ThoughtWorks, a large part of my job involves recommending practices to our clients so they can build and deliver good quality software faster. In doing so repeatedly for many clients I have created a toolkit that contains practical advice from being on the ground. This is what we do, we know it works. When Julius Caesar entered Rome with his army by crossing the river Rubicon, he did something that couldn’t be undone ever again. In your journey as a leader, avoid mistakes that are difficult to correct later. Here are a set of practices that you want to adopt as soon as possible.
Handling error conditions is a core part of the software we write. However, we often treat it as a second class citizen, obscuring our intent through abuse of null values and exceptions that make our code hard to understand and maintain. In the functional programming community, it is common to use datatypes such as Option, Either or Validated to make our intentions explicit when dealing with errors. We can leverage the compiler to verify that we are handling them instead of hoping for the best at runtime. This results in code that is clearer, without hidden path flows. We’ll show how we have been doing this in Kotlin, with the help of the Arrow library.
Mutation testing in software development surfaced in academia during the 70's and has recently seen a resurgence in popularity as a legitimate tool in your testing arsenal. In this session we review the conventional testing pyramid, modern approaches to testing software and look at how mutation testing can help fill in those blind spots.
The continued adoption of containers for deployments has introduced a new path for security issues. In this talk, we will cover the most common areas of vulnerabilities, the challenges in securing your containers, some good practices to help overcome these issues and how to run container security scanning as part of your deployment pipeline.
Mainframes handle 30 billion business transactions each day and 87% of all credit card transactions*, they are not traditionally associated with flexible, fail-fast development approaches. Can we bring the practices of agile, CI/CD and fully automated deployments to applications running on a mainframe? During our talk, we'll tell you a story about test automation; redefining the smallest testable unit of a program. And we'll discuss our learnings from introducing continuous integration and agile practices to the world of insurance and mainframes.
*9 Mainframe statistics that may surprise you
ThoughtWorks' Lucy Kurian, James Lewis & Kief Morris discuss tech trends in our latest Technology Radar, covering techniques, platforms, tools, languages and frameworks.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
4. releasing frequently
1. build the right thing
Customer
development
Agile product
development
Eric Ries, “The Lean Startup” http://bit.ly/8ZoX5F
Tuesday, October 9, 12
5. innovate
You can't just ask
customers what
they want and then
try to give that to
them.
By the time you get
it built, they'll want
something new.
Steve Jobs
Tuesday, October 9, 12
6. scientific method
Ideas
create hypothesis
deliver minimum
viable product
get feedback
(repeat)
Tuesday, October 9, 12
Learn
Build
Code
Data
Measure
Eric Ries, “The Lean Startup” http://bit.ly/8ZoX5F
7. ask this question
“How long would it take your
organization to deploy a change that
involved just one single line of code? Do
you do this on a repeatable, reliable
basis?”
Mary and Tom Poppendieck, Implementing Lean Software Development, p59.
Tuesday, October 9, 12
8. releasing frequently
1. build the right thing
2. reduce risk of release
John Allspaw: “Ops Metametrics” http://slidesha.re/dsSZIr
Tuesday, October 9, 12
10. optimize for mtrs
MTBF
MTRS
John Allspaw: “Building Resilience in Web Development and Operations”
http://www.usievents.com/en/conferences/8-paris-usi-2011/sessions/968-john-allspaw
Tuesday, October 9, 12
11. releasing frequently
1. build the right thing
2. reduce risk of release
3. real project progress
Tuesday, October 9, 12
12. agile manifesto
Our highest priority is to satisfy
the customer through early and
continuous delivery of
valuable software
Tuesday, October 9, 12
13. production-ready software
Fast, automated feedback on
the production readiness of
your applications every time
there is a change - to code,
infrastructure, or configuration
Tuesday, October 9, 12
19. build quality in
“Cease dependence on
mass inspection to
achieve quality.
Improve the process
and build quality into
the product in the first
place”
W. Edwards Deming
Tuesday, October 9, 12
20. different kinds of testing
Business facing
Functional acceptance
tests
Showcases
Usability testing
Exploratory testing
Unit tests
Integration tests
System tests
Non-functional
acceptance tests
(performance, scaling, ...)
AUTOMATED
Support programming
MANUAL
MANUAL / AUTOMATED
Critique project
AUTOMATED
Technology facing
Diagram invented by Brian Marick
Tuesday, October 9, 12
21. deployment pipeline
an automated implementation of your
system’s build, deploy, test, release process
visibility
feedback
control
Tuesday, October 9, 12
22. deployment pipeline
Delivery team
Version control
Check in
Build & unit
tests
Automated
acceptance tests
User acceptance
tests
Trigger
Feedback
Check in
Trigger
Trigger
Feedback
Feedback
Check in
Trigger
Feedback
Trigger
Feedback
Approval
Feedback
Tuesday, October 9, 12
Approval
Release
39. immune system
what if someone replaced your
“buy” button with spacer.gif?
T cells http://www.flickr.com/photos/gehealthcare/3326186490/
Tuesday, October 9, 12
46. people are the key
Get everyone together at the beginning
Keep meeting
Make it easy for everyone to see what’s
happening
Continuous improvement (kaizen)
Tuesday, October 9, 12