Deployments of larger server applications are often risky and error-prone. They cost development teams, system administrators and customers a lot of nerves and gray hair. The path from the development environment into production is often much more difficult than planned. Continuous Delivery - against all intuition - propagates as the solution for this problem to make more deployments.
In this talk, we want to have a look at this paradox and show how ideas from Continuous Delivery can help to optimize the software delivery process. We talk about our experiences in customer projects and what tools we use to automate and optimize our software delivery process, to minimize effort and risk and increase the quality of deployments.
DevOps, the fusing of software development (Dev) with IT operations (Ops) is growing in popularity. A maturing of the agile software development methodology, DevOps unites developers and IT operations to release high quality code into solidly performing environments more rapidly than is possible with traditional developer-to-ops handoffs. It solves a basic problem that arises with agile methodology, namely that quickly producing new code is of little use if it cannot be deployed on reliable infrastructure.
We nvestigate the ways that DevOps can generate a return on investment (ROI) for an organization that makes DevOps part of its IT strategy. DevOps certainly has great potential for business impact, with beneficial effects reaching far beyond the IT department. The ability to release high quality code efficiently confers benefits on both the income and expense sides of a business, measurable in hard dollars as well as intangible advantages such as increased brand equity.
Getting DevOps to pay off is far from a push-button process, however. CloudMunch offers a number of suggested practices based on its experience in DevOps with large enterprises. Business success with DevOps involves choreographing between people, organizational culture and the DevOps platform and tools. The paper explores practices related to setting up DevOps so that everyone on both Dev and Ops teams can get early, instant feedback on project work. In addition, it looks at practices to ensure that DevOps tools and processes can access the entire application lifecycle, which is critical to DevOps work.
A collection of exercises to build a simple deployment pipeline. This comes from the course I have taught in DevOps and is targeted at instructors or individuals who want to learn the basics of a pipeline.
Our team just released Keptn (https://keptn.sh/), an open source framework for event-based, automated continuous operations in cloud-native environments. In this session, we will talk about WHY we built Keptn, HOW we implemented it (Architecture) and where we want the community to take it.
To successfully implement continuous delivery in an enterprise, there are specific needs and obstacles which must be addressed. In this webinar, we’ll address the pain points that most enterprises face, and how they can be overcome.
Today, organizations of all shapes and sizes depend on feature-packed application releases to keep end users productive and happy. In their new book, The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations, Gene Kim and his co-authors shared ways that high-performing organizations use DevOps principles to enable reliable deployments - and boring releases!
Gene Kim, CTO, DevOps researcher and co-author of the DevOps Handbook and The Phoenix Project, and Anders Wallgren, CTO of Electric Cloud shared their tips for overcoming the challenges of DevOps and Continuous Delivery at scale. During the webinar, they discussed:
- The business value of DevOps
- How to eliminate “deployment anxiety” and increase business agility
- Lessons learned from large scale DevOps transformations
- The advantages and disadvantages of practicing DevOps in large organizations
DevOps, the fusing of software development (Dev) with IT operations (Ops) is growing in popularity. A maturing of the agile software development methodology, DevOps unites developers and IT operations to release high quality code into solidly performing environments more rapidly than is possible with traditional developer-to-ops handoffs. It solves a basic problem that arises with agile methodology, namely that quickly producing new code is of little use if it cannot be deployed on reliable infrastructure.
We nvestigate the ways that DevOps can generate a return on investment (ROI) for an organization that makes DevOps part of its IT strategy. DevOps certainly has great potential for business impact, with beneficial effects reaching far beyond the IT department. The ability to release high quality code efficiently confers benefits on both the income and expense sides of a business, measurable in hard dollars as well as intangible advantages such as increased brand equity.
Getting DevOps to pay off is far from a push-button process, however. CloudMunch offers a number of suggested practices based on its experience in DevOps with large enterprises. Business success with DevOps involves choreographing between people, organizational culture and the DevOps platform and tools. The paper explores practices related to setting up DevOps so that everyone on both Dev and Ops teams can get early, instant feedback on project work. In addition, it looks at practices to ensure that DevOps tools and processes can access the entire application lifecycle, which is critical to DevOps work.
A collection of exercises to build a simple deployment pipeline. This comes from the course I have taught in DevOps and is targeted at instructors or individuals who want to learn the basics of a pipeline.
Our team just released Keptn (https://keptn.sh/), an open source framework for event-based, automated continuous operations in cloud-native environments. In this session, we will talk about WHY we built Keptn, HOW we implemented it (Architecture) and where we want the community to take it.
To successfully implement continuous delivery in an enterprise, there are specific needs and obstacles which must be addressed. In this webinar, we’ll address the pain points that most enterprises face, and how they can be overcome.
Today, organizations of all shapes and sizes depend on feature-packed application releases to keep end users productive and happy. In their new book, The DevOps Handbook: How to Create World-Class Agility, Reliability, and Security in Technology Organizations, Gene Kim and his co-authors shared ways that high-performing organizations use DevOps principles to enable reliable deployments - and boring releases!
Gene Kim, CTO, DevOps researcher and co-author of the DevOps Handbook and The Phoenix Project, and Anders Wallgren, CTO of Electric Cloud shared their tips for overcoming the challenges of DevOps and Continuous Delivery at scale. During the webinar, they discussed:
- The business value of DevOps
- How to eliminate “deployment anxiety” and increase business agility
- Lessons learned from large scale DevOps transformations
- The advantages and disadvantages of practicing DevOps in large organizations
DevOps Workshop - Addressing Quality Challenges of Highly Complex and Integra...Andrew Williams
Is your delivery and testing approach able to keep pace with today’s business demands? Poor or low levels of collaboration between application owners, developers and testers using a variety of tools & practices and long cycles of provisioning of dev/test environments can impede quality, increase waste and cost. Join this workshop discussion and share your opinion. Collaborate with peers on best practices to eliminate testing bottlenecks through virtualized dependent services and how to stand up realistic, production-like test labs that can be easily deployed, shared, and updated as systems change. The workshop will conclude with Q&A among the participants.
The Continuous delivery Value @ codemotion 2014David Funaro
System Crash, failure data migration, partial update: issues that no one would ever want to meet during the deploy and ... hoping for the best is not enough.
The deployment activity is important as those that precede it. The Continuous Delivery will give you low risk, cheap, fast, predictable delivery and ... soundly.
Release software is no less important than activities that precede it.
The Continuous Delivery is a set of practices and methodologies that build an ecosystem for the software development lifecycle.
We will see how to build this ecosystem around the applications developed, for which this release activities becomes a low-risk, inexpensive, fast and predictable.
Cloud continuous integration- A distributed approach using distinct servicesAndré Agostinho
In cloud computing services the ability to share and deliver services, scale computing resources and distribute data storage and files requires a deployment process aligned with agility and scalability. The continuous integration can automate process reducing operational effort, improving code quality and reducing time to market. This presentation shows a proposal for distributed continuous integration to use differents cloud computing services, from planning to execution of scenarios.
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next ProjectAbeer R
A fun little presentation on why you should consider using Google App Engine for your next project (instead of serverless or managing your own microservices)!
This was presented during a talk with Google Cloud in December 2018.
DevOps isn’t just for the “unicorn” companies out there like Google and Apple. DevOps practices are rapidly hitting the mainstream as more organizations realize the need to behave like software companies and improve how they work in order to deliver better value to customers.
If you’re sold on the value of DevOps but having trouble getting buy-in from your peers and managers, or if you’re not sure where to get started, this webinar is for you. Based on findings from the 2016 State of DevOps Report, our friends at Puppet share a roadmap for driving DevOps adoption within your organization.
We cover:
- How to build the business case for DevOps
- The cultural changes required
- Ways to align incentives and teams to improve collaboration
- Key technical practices of high-performing teams
- Where to start
More and more companies worldwide are excited about DevOps and the many potential benefits of embarking on a DevOps transformation. The challenge many of them are having, however, is figuring out where to begin and how to scale DevOps practices over time. These challenges can be especially daunting in large enterprises. In this webinar we will discuss a maturity model for framing your transformation, then focus on analyzing your deployment pipeline and identify existing inefficiencies in software development and deployment.
Adopting DevOps @ Scale: Lessons learned at Hertz, Kaiser Permanente and lBMJules Pierre-Louis
DevOps has become a major enabler of business innovation that can drive digital transformation at an enterprise level if done well. Challenges remain, however. Crossing the chasm from successful DevOps pilots with "two-pizza" teams to full enterprise adoption, including cultural transformation, best practices and tools remains a challenge.
Join Alan Shimel as he hosts a panel discussion with Hertz' John LaFreniere, Kaiser Permanente's Raghunath Raman and IBM's Sanjeev Sharma on how traditional enterprises are accelerating innovation by adopting DevOps practices at scale across their organizations.
Find out how:
- Hertz is accelerating transformation of their platforms, business process and operating models with Cloud, DevOps and Agile.
- Kaiser Permanente is managing the cultural, process and integration challenges of multi-speed IT.
- IBM has embarked on a DevOps transformation that has engaged over 10,000 developers already -- including becoming one of the world's largest users of GitHub Enterprise.
Watch to learn how to assess your organization’s readiness for scaling DevOps, and to identify next steps.
I recently presented this 2 hours session about the automation model developed in Videobet, the tools used in the R&D, QA and operations:
Issue mgmt.: JIRA/Greenhopper
Build system and repository: Maven & Nexus
Build server: QuickBuild
Code quality: Sonar
Continuous Integration: Selenium Grid
Crash dump analysis: Socorro
Database versioning: Flyway DB
<p>From <a href="https://en.wikipedia.org/wiki/Site_reliability_engineering" target="_blank">Wikipedia</a>: Site reliability engineering (SRE) is a discipline that incorporates aspects of software engineering and applies that to operations whose goals are to create ultra-scalable and highly reliable software systems.<p>
<p>Over the past year Acquia has built their own SRE team to help their products and services scale with the demand of our growing number of customers. We wish to share our experience so that others are enabled to do the same and reap the rewards.</p>
<p>This presentation will discuss how the SRE team came about at Acquia, what achievements we have made so far, and the lessons we have learned along the way. We will then show the steps on how to introduce SRE to your workplace so you can deliver more reliable and scalable services to your customers! We will specifically cover:</p>
<ul>
<li>SRE's basic concepts and history from Google</li>
<li>The management support you will need to get started</li>
<li>Introducing the idea of service level objectives and error budgets</li>
<li>Operational Responsibility Assessments as a tool to measure risk</li>
<li>Creating a Launch Readiness Checklist to standardize and improve product launches</li>
<li>Finding ideal candidates for your SRE team</li></ul>
<p>The intended audience are software engineers, system administrators, and managers that have a desire to improve how they do their work and how their products/services perform.</p>
DevOps is a methodology capturing the practices adopted from the very start by the web giants who had a unique opportunity as well as a strong requirement to invent new ways of working due to the very nature of their business: the need to evolve their systems at an unprecedented pace as well as extend them and their business sometimes on a daily basis.
While DevOps makes obviously a critical sense for startups, I believe that the big corporations with large and old-fashioned IT departments are actually the ones that can benefit the most from adopting these principles and practices.
DevOps Workshop - Addressing Quality Challenges of Highly Complex and Integra...Andrew Williams
Is your delivery and testing approach able to keep pace with today’s business demands? Poor or low levels of collaboration between application owners, developers and testers using a variety of tools & practices and long cycles of provisioning of dev/test environments can impede quality, increase waste and cost. Join this workshop discussion and share your opinion. Collaborate with peers on best practices to eliminate testing bottlenecks through virtualized dependent services and how to stand up realistic, production-like test labs that can be easily deployed, shared, and updated as systems change. The workshop will conclude with Q&A among the participants.
The Continuous delivery Value @ codemotion 2014David Funaro
System Crash, failure data migration, partial update: issues that no one would ever want to meet during the deploy and ... hoping for the best is not enough.
The deployment activity is important as those that precede it. The Continuous Delivery will give you low risk, cheap, fast, predictable delivery and ... soundly.
Release software is no less important than activities that precede it.
The Continuous Delivery is a set of practices and methodologies that build an ecosystem for the software development lifecycle.
We will see how to build this ecosystem around the applications developed, for which this release activities becomes a low-risk, inexpensive, fast and predictable.
Cloud continuous integration- A distributed approach using distinct servicesAndré Agostinho
In cloud computing services the ability to share and deliver services, scale computing resources and distribute data storage and files requires a deployment process aligned with agility and scalability. The continuous integration can automate process reducing operational effort, improving code quality and reducing time to market. This presentation shows a proposal for distributed continuous integration to use differents cloud computing services, from planning to execution of scenarios.
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next ProjectAbeer R
A fun little presentation on why you should consider using Google App Engine for your next project (instead of serverless or managing your own microservices)!
This was presented during a talk with Google Cloud in December 2018.
DevOps isn’t just for the “unicorn” companies out there like Google and Apple. DevOps practices are rapidly hitting the mainstream as more organizations realize the need to behave like software companies and improve how they work in order to deliver better value to customers.
If you’re sold on the value of DevOps but having trouble getting buy-in from your peers and managers, or if you’re not sure where to get started, this webinar is for you. Based on findings from the 2016 State of DevOps Report, our friends at Puppet share a roadmap for driving DevOps adoption within your organization.
We cover:
- How to build the business case for DevOps
- The cultural changes required
- Ways to align incentives and teams to improve collaboration
- Key technical practices of high-performing teams
- Where to start
More and more companies worldwide are excited about DevOps and the many potential benefits of embarking on a DevOps transformation. The challenge many of them are having, however, is figuring out where to begin and how to scale DevOps practices over time. These challenges can be especially daunting in large enterprises. In this webinar we will discuss a maturity model for framing your transformation, then focus on analyzing your deployment pipeline and identify existing inefficiencies in software development and deployment.
Adopting DevOps @ Scale: Lessons learned at Hertz, Kaiser Permanente and lBMJules Pierre-Louis
DevOps has become a major enabler of business innovation that can drive digital transformation at an enterprise level if done well. Challenges remain, however. Crossing the chasm from successful DevOps pilots with "two-pizza" teams to full enterprise adoption, including cultural transformation, best practices and tools remains a challenge.
Join Alan Shimel as he hosts a panel discussion with Hertz' John LaFreniere, Kaiser Permanente's Raghunath Raman and IBM's Sanjeev Sharma on how traditional enterprises are accelerating innovation by adopting DevOps practices at scale across their organizations.
Find out how:
- Hertz is accelerating transformation of their platforms, business process and operating models with Cloud, DevOps and Agile.
- Kaiser Permanente is managing the cultural, process and integration challenges of multi-speed IT.
- IBM has embarked on a DevOps transformation that has engaged over 10,000 developers already -- including becoming one of the world's largest users of GitHub Enterprise.
Watch to learn how to assess your organization’s readiness for scaling DevOps, and to identify next steps.
I recently presented this 2 hours session about the automation model developed in Videobet, the tools used in the R&D, QA and operations:
Issue mgmt.: JIRA/Greenhopper
Build system and repository: Maven & Nexus
Build server: QuickBuild
Code quality: Sonar
Continuous Integration: Selenium Grid
Crash dump analysis: Socorro
Database versioning: Flyway DB
<p>From <a href="https://en.wikipedia.org/wiki/Site_reliability_engineering" target="_blank">Wikipedia</a>: Site reliability engineering (SRE) is a discipline that incorporates aspects of software engineering and applies that to operations whose goals are to create ultra-scalable and highly reliable software systems.<p>
<p>Over the past year Acquia has built their own SRE team to help their products and services scale with the demand of our growing number of customers. We wish to share our experience so that others are enabled to do the same and reap the rewards.</p>
<p>This presentation will discuss how the SRE team came about at Acquia, what achievements we have made so far, and the lessons we have learned along the way. We will then show the steps on how to introduce SRE to your workplace so you can deliver more reliable and scalable services to your customers! We will specifically cover:</p>
<ul>
<li>SRE's basic concepts and history from Google</li>
<li>The management support you will need to get started</li>
<li>Introducing the idea of service level objectives and error budgets</li>
<li>Operational Responsibility Assessments as a tool to measure risk</li>
<li>Creating a Launch Readiness Checklist to standardize and improve product launches</li>
<li>Finding ideal candidates for your SRE team</li></ul>
<p>The intended audience are software engineers, system administrators, and managers that have a desire to improve how they do their work and how their products/services perform.</p>
DevOps is a methodology capturing the practices adopted from the very start by the web giants who had a unique opportunity as well as a strong requirement to invent new ways of working due to the very nature of their business: the need to evolve their systems at an unprecedented pace as well as extend them and their business sometimes on a daily basis.
While DevOps makes obviously a critical sense for startups, I believe that the big corporations with large and old-fashioned IT departments are actually the ones that can benefit the most from adopting these principles and practices.
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
Waterfall is based on the concept of sequential software development—from conception to ongoing maintenance—where each of the many steps flowed logically into the next.
Join this webinar presentation to learn:
- Why DevOps cannot effectively work in waterfall
- How to use DevOps tools to optimize processes in either development or operations through automation
We will also discuss what is needed to support full DevOps
In Data Engineer’s Lunch #68, Will Angel, Technical Product Manager at Caribou Financial, will provide an introduction to DevOps practices and tooling including testing, deployment automation, logging, monitoring, and DevOps principles. Additionally, we will discuss some of the ways that DevOps for data engineering is different from conventional application development.
Accompanying Blog: Coming Soon!
Accompanying YouTube: https://youtu.be/eBtrOv_qLHQ
Sign Up For Our Newsletter: http://eepurl.com/grdMkn
Join Data Engineer’s Lunch Weekly at 12 PM EST Every Monday:
https://www.meetup.com/Data-Wranglers-DC/events/
Cassandra.Link:
https://cassandra.link/
Follow Us and Reach Us At:
Anant:
https://www.anant.us/
Awesome Cassandra:
https://github.com/Anant/awesome-cassandra
Email:
solutions@anant.us
LinkedIn:
https://www.linkedin.com/company/anant/
Twitter:
https://twitter.com/anantcorp
Eventbrite:
https://www.eventbrite.com/o/anant-1072927283
Facebook:
https://www.facebook.com/AnantCorp/
Join The Anant Team:
https://www.careers.anant.us
Efficient platform engineering with Microk8s & gopaddle.pdfVinothini Raju
DevOps has evolved over these years and has presented us with a new set of challenges. We have more tools and complexity. This presentation will walk you thought -
* How we tackle the explosion of tools and complexity and add more value to business
* How platforms can help
* What challenge we face when we build a platform from scratch
* How a joint solution from Canonical MicroK8s and gopaddle can help.
Presentazione dello speech tenuto da Carmine Spagnuolo (Postdoctoral Research Fellow - Università degli Studi di Salerno/ ACT OR) dal titolo "Technology insights: Decision Science Platform", durante il Decision Science Forum 2019, il più importante evento italiano sulla Scienza delle Decisioni.
API Gitlab, risparmia tempo nella configurazione dei progetti.
Emerasoft presenta il primo meetup in italiano su Gitlab - 30 minuti - in cui ci focalizzeremo sull'utilizzo delle API per la configurazione dei progetti Gitlab.
Sabrina presenterà l'applicazione Web Gitlab raccontando la nostra esperienza nella configurazione di nuovi progetti utilizzando l'API Gitlab.
Agenda:
- Gitlab Intro
- Funzionalità dell'ultima versione
- Caso d'uso su API Gitlab (Utenti, Gruppi, Progetti)
Vuoi saperne di più?
Unisciti al Gitlab Meetup Milano: https://www.meetup.com/it-IT/Gitlab-Meetup-Milano/ o scrivici all'indirizzo gitlab@emerasoft.com
Confoo-Montreal-2016: Controlling Your Environments using Infrastructure as CodeSteve Mercier
Slides from my talk at ConFoo Montreal, February 2016. A presentation on how to apply configuration management (CM) principles for your various environments, to control changes made to them. You apply CM on your code, why not on your environments content? This presentation will present the infrastructure as code principles using Chef and/or Ansible. Topics discussed include Continuous Integration, Continuous Delivery/Deployment principles, Infrastructure As Code and DevOps.
Continuous Deployment To The Cloud With Spring Cloud Pipelines @WarsawCloudNa...Marcin Grzejszczak
“I have stopped counting how many times I’ve done this from scratch” - was one of the responses to the tweet about starting the project called Spring Cloud Pipelines. Every company sets up a pipeline to take code from your source control, through unit testing and integration testing, to production from scratch. Every company creates some sort of automation to deploy its applications to servers. Enough is enough - time to automate that and focus on delivering business value.
In this presentation, we’ll go through the contents of the Spring Cloud Pipelines project. We’ll start a new project for which we’ll have a deployment pipeline set up in no time. We’ll deploy to Cloud Foundry and check if our application is backward compatible so that we can roll it back on production.
IBM Bluemix OpenWhisk: Interconnect 2016, Las Vegas: CCD-1088: The Future of ...OpenWhisk
Learn more about the IBM Bluemix OpenWhisk, a serverless event-driven compute platform, which quickly executes application logic in response to events or direct invocations from web/mobile apps or other endpoints.
Checklist AR is an application which improves the maintenance processes by augmenting the physical world with digital content. This application guides the workers through a list of real-world checkpoints, providing relevant information at the right physical place. During this session, you will be able to learn more about the solution, the technologies that we used, the challenges we had to overcome and some best practices when developing AR applications for Magic Leap. Additionally, you will be able to experience the Magic Leap One device and learn more about its possibilities.
Aleksandra Hristova's presentation at JavaSkop 2019.
Topics touched:
- Using pattern libraries to improve the communication between designers and developers and the importance of including the whole team and the client into the planning phase.
- How to plan and build components that can be used in different contexts and within other components with examples from real projects.
- How we have used UX design principles to ease our front-end implementations with code examples using the latest CSS features and Angular.
At the UXCamp.ch barcamp on May 11, 2019 in Zurich, Marcel Kessler talked about what he thinks is the future of prototyping: Using coded react components in tools like UXPin (Merge), FramerX (Bridge), Alva and Modulz.
Merchant tokenization and EMV® Secure Remote CommerceNetcetera
Talk by our expert Kurt Schmid about merchant tokenization and EMV® Secure Remote Commerce, held at MPE on 19 February 2019. Merchant Payments Ecosystems is a leading payment conference for merchants and PSPs.
Talk by our expert Suzana Kordumova Nikolova about a seamless 3-D Secure e-commerce experience, held at MPE on 19 February 2019. Merchant Payments Ecosystems is a leading payment conference for merchants and PSPs.
Inselspital is one of the first augmented reality products that we have developed in Netcetera. It allows the doctors to visualize scan results in 3D and to plan neurosurgeries using state of the art technology. During this session, you will be able to learn more about the solution, the technologies that we used, the challenges we had to overcome and some best practices when developing AR applications for HoloLens. Additionally, you will be able to experience the HoloLens device and learn more about its possibilities.
Driving transactional growth with 3-D SecureNetcetera
3-D Secure SDK allows PSD2 compliant strong customer authentication to increase transactions for merchants, banks and issuers.
Presentation by Peter Frick, Managing Director Payment Security at Netcetera at the Swiss Payment Forum, November 2018.
Presentation by Kurt Schmid, Managing Director Digital Payment at Netcetera, at the Swiss Payment Forum, November 2018.
- Where we are coming from?
- Wallets, OEM Pays versus Issuer Pays?
- Proximity and eCommerce payment trends
- The business case and strategic value for issuers?
Schafft die Kreditkartenindustrie mit SRC doch
noch die Wallet-Kurve?
Präsentation von Dr. Thomas Fromherz, Chief Strategy Officer, Payments bei Netcetera, am Swiss Payment Forum in Zürich, November 2018.
Context: The missing ingredient in multilingual software translationNetcetera
Take a look at how automated end-to-end tests can be involved to support and speed up the software translation process. Mirjana’s quest at Selenium Conf 2018 in Chicago is to show you with examples how to feel the content and, in the same time, also feel the context of that content.
An important phase in multilingual software systems is text translation. Since same text may be used in different contexts, it is difficult to determine whether the translation is proper in the context of the environment in which the text is used. Sharing only text keys and values with translators usually is not enough. Simple screenshots showing only the text content, also didn't help in situations where text keys were re-used on multiple places, or when there are highly generic templates. This presentation contains an efficient automated way of delivering the necessary artifacts to translation experts. These artefacts contain text keys, text values and also the context where they are used.
https://www.seleniumconf.us/talks#mirjana-andovska
Digital Payments - Netcetera Innovation Summit 2018Netcetera
Kurt Schmid, our Managing Director Digital Payment, asked: “Merchant Tokenization and SRC – the next BUZZ words – how do these change eCommerce Payments?”.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
3. Netcetera | 3
Some numbers…
On the left
Traditional application from something like a bank, an insurance company, a
government agency, a transport authority … you name it.
On the right
One of those new fancy social network, Web 2.0-ish application.
Think Facebook, Google Mail, Flickr, Twitter, …
Both are serious applications with serious business value and mission-critical IT
systems.
4. Netcetera | 4
Some numbers…
Both applications need a high up-time.
Deployments to the production environment are risky.
Complex deployments with a lot of dependencies.
Both companies try to reduce the risk of deployments.
Deployments are painful and stressful.
5. Netcetera | 5
Two completely different approaches
"Banks" try to reduce the risk and effort for deployments by reducing the number of
deployments.
The "Web 2.0" side tries to reduce the risk of deployments by making much, much
smaller deployments … but a lot of them.
7. Netcetera | 7
Our goals
Improve Quality
Fewer errors, less (unexpected) down-time.
Standardization
Different applications should deploy in a similar way.
Make it easier for the operations and the development teams.
Faster Deployments
Less downtime, smaller need for off-hour deployments.
More Deployments
Faster time-to-market for features and bug fixes.
Less Stress
9. Netcetera | 9
Software Delivery Pipeline
The Software Delivery Pipeline is the combined set of processes, procedures and
tools that you use to bring code from the development environment into
production.
Of course you would make the pipeline even wider by including requirements
engineering etc. but for the context of this talk, we will start with code.
10. Netcetera | 10
Software Delivery Pipeline
Builds Propagate through the Pipeline
Successful completion of a step triggers the next steps.
Errors interrupt the Pipeline
In case of an error, the pipeline processing is interrupted.
Expensive steps are only done if the previous steps worked
For example (manual) User Testing is only done on builds that passed the
automated tests.
Some Pipeline steps might require manual triggering
Deployment to uat or prod is probably still triggered manually
11. Netcetera | 11
Software Delivery Pipeline
A few things that you should notice right here:
Everybody has a Software Delivery Pipeline.
You might not have thought about it yet, it might be automated or manual, very
simple or complex, but you have a pipeline.
Whether you want it or not, whether you manage it or not.
Your pipeline might look differently.
Depends on the project, the customer, the business domain, the degree of
maturity, …
12. Netcetera | 12
Continuous Delivery
Deliver software changes continuously and in a fully-automated way from the
developer to the production environment.
Very small increments
Automation
Fully automated QA
Continuously
Disruption-free deployments
15. Netcetera | 15
Source Code Management (SCM)
We are currently moving from Subversion to Git
Git has interesting properties related to Continuous Delivery
Potentially different software delivery pipelines per branch
Feature branches
build, run unit tests, deploy to test, run integration tests, …
but no deployment to QA and prod
Master branch
full software delivery pipeline
21. Netcetera | 21
Build Server
We use Jenkins (with some plugins)
Continuous Delivery requires a lot of build server power
We currently have more than 400 build jobs on our main Jenkins server
1 main server and 6 slaves
Feature builds are yet to come
We (normally) build at most once per hour
Expensive build jobs (UI tests, performance tests) normally run only once per day
26. Netcetera | 26
Metrics
Continuous collection of metrics about the code, deployments, performance
numbers,…
We use SonarQube for code analysis
SonarQube rocks!
Summary data from Sonar as well as other metrics are imported into Infostore
Infostore is our company database
Includes information on dependencies
Hopefully soon as continuously measure performance metrics
30. Netcetera | 30
Testing
Fully automated and continuous testing is crucial
Testing on very different levels and in different places in the software delivery pipeline
Unit testing, integration testing, smoke tests, performance tests, load tests, UI tests, …
32. Netcetera | 32
Deployment
Installation of a software release on a target environment
Replacement of existing software releases
Data migration
System reconfiguration
33. Netcetera | 33
Automation of the Deployment Process
$ deploy <application> <version> <environment>
Deployment was successful
$ deploy <application> <version> <environment>
Deployment failed, rolled back to old version
35. Netcetera | 35
Deployment Tools (1/2)
We use Puppet for the deployment of infrastructure components
Application servers, web servers, …
Not suited for the application deployments that we do
Security (push vs. pull)
Lack of control over the deployment time
For application deployment, we currently use scripts and Rundeck as well as Flyway
for database migrations
KISS
We have looked at other tools.
36. Netcetera | 36
Deployment Tools (2/2)
The kind of deployment tool that you need, depends a bit on your needs.
Scripts/Rundeck: very low level, but simple and effective
LiveRebel: great for disruption-free deployments, but expensive if you do not need this
feature
glu (and similar tools): great if you need to deploy an application on a farm of servers
(and monitor them)
Puppet/Chef: great if you do not (have to) care about deployment times
37. Netcetera | 37
Error Handling and Rollbacks
Ability to roll back at any time
Back up the preexisting state of the system
Try to make the deployment non-destructive
Detecting errors
Deployment process has to be able to detect errors
Automated Rollbacks
Very desirable
But also very complex
Has to be tested (continuously)
38. Netcetera | 38
Manual Rollback
It's just a workaround, but often a viable option
Probability of failing deployments is relatively small
We are testing the deployment continuously after all
Automated deployment process provides operations people with the necessary tools
and artifacts to roll back easily
Backups
Non-destructive deployments
40. Netcetera | 40
Disruption-Free Deployments
If you make very frequent deployments, a downtime is not acceptable anymore.
Different tools, technologies and architectures for doing disruption-free deployments.
43. Netcetera | 43
LiveRebel
Product from ZeroTurnaround
Based on the JRebel technology
Replace running code without the need for restarting
Very cool technology
Commercial product, but worth every penny (if you ask me)
Far too expensive, if you do not really need disruption-free deployments
45. Netcetera | 45http://tomcat.apache.org/tomcat-7.0-doc/config/context.html#Parallel_deployment
Tomcat Parallel Deployments
Tomcat 7 Parallel Deployments
Different version of a web application can be deployed in parallel
Tomcat routes requests to the different versions:
If no session information is present in the request, use the latest version.
If session information is present in the request, check the session manager of each
version for a matching session and if one is found, use that version.
If session information is present in the request but no matching session can be
found, use the latest version.
46. Netcetera | 46
Data Migration
Data migration is a tricky thing
Slow
Complex
Error-prone
Stop-the-World
Automation and continuous testing helps
More frequent and therefore smaller deployments help
47. Netcetera | 47
Data Migration Patterns
On-the-fly migration
Application can deal with multiple versions of the database
Data migration is done on-the-fly (batch job or touch-and-go)
Read-Only availability
Database is read-only as long as the migration is on-going
Storage Layer abstraction
Encapsulation of the storage layer
NoSQL storage layer
Less stringent requirements on schema compliance
49. Netcetera | 49
Deployment Testing
Deployments are tested continuously
Continuous Testing environment
Continuously, triggered automatically
Pre-Production environment
Regularly, triggered manually
"Same" configuration as the production environment
"Same" state as the production environment
50. Netcetera | 50
Health-Check Pages
Simple page/resource in the application
Reports the current health status of an application
Basically:
I'm fine, thanks. Got everything that I need.
Not doing very well, missing some dependencies. Trying my best.
I'm giving up. Some crucial dependencies missing. Please help.
<no answer at all>
Can be used for monitoring purposes, but also for deployment smoke tests.
53. Netcetera | 53
How far do you want to go?
How far can you go?
Is the effort worth it?
Is the customer ready?
Is the operations team ready?
Mobile and client applications
Technical limitations
Build and test infrastructure
Production infrastructure
54. Netcetera | 54
A way towards Continuous Delivery
It's a maturity process
It takes time to get there
Address what is hurting most
Automate further and further
Run continuously
55. Netcetera | 55
Our Experiences
Increase of quality
Lowering of costs
Developers
Operations
Customers
Reduction of stress
You can do a lot without asking for permission
56. Netcetera | 56
Continuous Delivery
Software Delivery Pipeline Automation
Continuation of Continuous Integration
Continuous…
… Builds, Integration, Testing
… Deployment, Migration
Deployment Testing
Smaller and faster deployments
Reduction of Deployment Risks
Quality Improvement
Faster Deployments
Down-Time minimalization
Shorter time-to-production
Less stressful deployments
Potential for more frequent deployments
57. Netcetera | 57
> deploy "Continuous Delivery" audience
deployment of Continuous Delivery
was started by user corsin
Continuous Delivery was successfully deployed
to environment audience
log file has been stored to:
http://www.slideshare.net/netceteragroup/
>
59. Netcetera | 59
Further Reading
Continuous Delivery
Jez Humble, David Farley
Literally the book on "Continuous Delivery".
60. Netcetera | 60
Further "Reading"
Continuous Delivery (Talk by Jez Humble, DevOps Day 2012)
http://www.infoq.com/presentations/Continuous-Delivery
Interview with Martin Fowler and Jez Humble on Continuous Delivery
http://www.infoq.com/interviews/jez-humble-martin-fowler-cd
Continuous Delivery (Blog by Jez Humble)
http://continuousdelivery.com/