Devops is a reorganization of development and operations teams to promote collaboration. It breaks down barriers between teams by having developers and operations engineers work together in cross-functional teams throughout the development lifecycle. Traditional organizations separate development and operations into silos with opposing goals, while devops advocates for shared goals and responsibilities between teams through practices like automation, continuous integration, and measurement. Adopting a devops approach requires changing organizational culture and mindset rather than just implementing new tools or processes.
Adopting Devops , Stories from the trenchesKris Buytaert
As presented at Baltic Devops in Talllinn ,
Starting with devops is either the most trivial, or the hardest thing to do.
This talk will teach you a number of tricks on how to make life easier for your team. How to work together with your management and how to convince them devops is a relevant thing
Adopting Devops , Stories from the trenchesKris Buytaert
As presented at Baltic Devops in Talllinn ,
Starting with devops is either the most trivial, or the hardest thing to do.
This talk will teach you a number of tricks on how to make life easier for your team. How to work together with your management and how to convince them devops is a relevant thing
Técnicas de gestión del tiempo para Administradores de SistemasCAPSiDE
¿Por qué los sistemas de gestión de tiempo no funcionan del todo con los SysAdmins?
En CAPSiDE, la gestión del tiempo de nuestro equipo de ingenieros especialistas y administradores de sistemas es clave para el buen funcionamiento de nuestra actividad diária.
Presentación de Alba Ferrer, SysAdmin en CAPSiDE
http://capside.com
Publicada el: 05/12/2011
Técnicas de gestión del tiempo para Administradores de SistemasCAPSiDE
¿Por qué los sistemas de gestión de tiempo no funcionan del todo con los SysAdmins?
En CAPSiDE, la gestión del tiempo de nuestro equipo de ingenieros especialistas y administradores de sistemas es clave para el buen funcionamiento de nuestra actividad diária.
Presentación de Alba Ferrer, SysAdmin en CAPSiDE
http://capside.com
Publicada el: 05/12/2011
All Things Open : Crash Course in Open Source Cloud Computing Mark Hinkle
Very few trends in IT have generated as much buzz as cloud computing. This session will cut through the hype and quickly clarify the ontology for cloud computing. The bulk of the conversation will focus on the open source software that can be used to build compute clouds (infrastructure-as-a-service) and the complimentary open source management tools that can be combined to automate the management of cloud computing environments.
The session will appeal to anyone who has a good grasp of traditional data center infrastructure but is struggling with the benefits and migration path to a cloud computing environment. Systems administrators and IT generalists will leave the discussion with a general overview of the options at their disposal to effectively build and manage their own cloud computing environments using free and open source software.
Shirt Ops: How to make awesome t-shirts for your conferenceJames Wickett
Make great t-shirts for your tech conference. In this deck I share the process we use for DevOps Days Austin to make awesome t-shirts. Using this process you will be on your way to making great shirts.
Link for shirt design in deck:
- http://bit.ly/shirtops
Get your #shirtops on!
Pragmatic Security and Rugged DevOps - SXSW 2015James Wickett
From SXSW Interactive 2015
Writing code that works is hard. Writing rugged code that can stand the test of time is even harder. This difficulty is often compounded by crunched timelines and fast cycles that prioritize new features. Add in evolving business needs and new technology and it becomes confusing to know what to do and how to integrate security into your application.
This workshop brings in some of the top developers and application security practitioners to help you ruggedize your end-to-end development lifecycle from code commit to running system.
Three Takeaways:
1. You will learn pragmatic approaches and tooling that will affect your development processes and delivery pipelines.
2. Armed with tools and ideas for monitoring your operational and runtime security.
3. You will walk away with code examples and tools that you can put into practice right away for security and rugged testing.
http://schedule.sxsw.com/2015/events/event_IAP35935
Application Security Epistemology in a Continuous Delivery WorldJames Wickett
CD Summit - Austin, from DevOps Connect
Desc:
Over the years, application security (appsec) has made progress, but it has also made some considerable mis-steps. Appsec focuses almost solely on developer awareness and secure development training as remediation. This isn’t sustainable and arguably does little good. There is a better way, but we have to separate ourselves from the core assumptions we have made that got us here.
http://www.devopsconnect.com/events/cd-summit-austin/
Esta presentación muestra el contenido de la charla online, cuyo objetivo es poner sobre la mesa la diversidad de desafíos que tienen los Testers/Probadores de Software, y dar una breve reseña de los cambios que hay tanto en los procesos como en los aspectos de la tecnología de Testing y que invitan a que nos adaptemos rápidamente.
Información del Evento
Título del Evento: Los nuevos desafíos del Testing
Expositora: María José Pérez Zavala (LinkedIn)
Tipo de Evento: No Arancelado
Plataforma: Hangout en Directo
Fecha del Evento: 12/12/15
Inicio: 10:00 am (GMT -03:00)
Fin: 12:00 am (GMT -03:00)
Comentarios:
Se transmitirá en directo por YouTube.
Minutos antes del Inicio del evento estaremos publicando la url para que puedas acceder, seguir la charla y hasta incluso participar con tus comentarios y/o preguntas.
RSA Conference 2016: Who Are You? From Meat to Electrons and Back AgainMike Schwartz
Authentication technologies are intersecting science fiction and comedy. A flyby of recently discovered and invented mechanisms to digitally identify a person makes it clear that it’s not for lack of options. If the usability and security of strong authentication have been solved, how can we improve deployability, which is the main reason we are still using passwords?
This presentation was delivered by Mike Schwartz at RSA Conference 2016.
Introduction to the fundamentals of eXtreme programming (XP). XP is a software development approach which stresses on improving software quality and respond according to changing business requirements.
Most people will claim that this never happens, others hope it never happens, but it happened on March 10, 2021, and it was not just the 1 datacenter that got impacted, but the whole campus of the provider that got powered down. This talk will explain how our customers survived this outage, how our culture, opensource tooling and automation saved the da(y,ta). A talk about disaster recovery, business continuity plans and building cloud agnostic stacks that survive disasters.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
2. Kris BuytaertKris Buytaert
● I used to be a Dev,I used to be a Dev,
● Then Became an OpThen Became an Op
● CTO and Open Source Consultant @CTO and Open Source Consultant @inuits.euinuits.eu
● Everything is a freaking DNS ProblemEverything is a freaking DNS Problem
● Evangelizing devopsEvangelizing devops
● Organiser of #devopsdays, #cfgmgmtcamp,Organiser of #devopsdays, #cfgmgmtcamp,
#loadays, ….#loadays, ….
7. Opposing GoalsOpposing Goals
DevelopmentDevelopment
● New releasesNew releases
● New FeaturesNew Features
● New platformsNew platforms
● New architecturesNew architectures
● Functional ReqFunctional Req
OperationsOperations
● Stable PlatformStable Platform
● No DowntimeNo Downtime
● Scalable PlatformScalable Platform
● Non Functional ReqNon Functional Req
8. Traditional OrganisationTraditional Organisation
● BureacracyBureacracy
● RulesRules
● TraditionsTraditions
● Lack of FreedomLack of Freedom
● Lots of ManagersLots of Managers
● Exodus of EngineersExodus of Engineers
9. Careers in TechCareers in Tech
•
People trying to make themselves relevantPeople trying to make themselves relevant
•
Peter principlePeter principle
Promoted beyond their competencePromoted beyond their competence
•
Tech folks are forced into management, notTech folks are forced into management, not
supported to grow technicalysupported to grow technicaly
•
““Architects”Architects”
12. Change Management &Change Management &
ResistanceResistance
● 20 – 60 – 2020 – 60 – 20
● 20% Early adopters , find your peers20% Early adopters , find your peers
● 60% Will wait , but adopt slowly60% Will wait , but adopt slowly
● 20%20%
13. Wild project plans !Wild project plans !
Can you make your change journey a traditionalCan you make your change journey a traditional
project with milestones andproject with milestones and
•
We are a new org on may 1st.We are a new org on may 1st. (2013)(2013)
•
Bold move, or Just luck ?Bold move, or Just luck ?
•
Old Management Style to install a new CultureOld Management Style to install a new Culture
14. Do not call it aDo not call it a
#devopsteam#devopsteam
● It's not the team running toolingIt's not the team running tooling
● It's not the team in charge of deliveryIt's not the team in charge of delivery
● It's not yet another silo between devs and opsIt's not yet another silo between devs and ops
15. Do not call themDo not call them
#devops engineers#devops engineers
● It's not a job title.It's not a job title.
● Is it a developer ?Is it a developer ?
● Is it an ops engineer ?Is it an ops engineer ?
● Is it a system engineer writing code ?Is it a system engineer writing code ?
● Is it a developer running operations ?Is it a developer running operations ?
16. Crossfunctional TeamCrossfunctional Team
● Build a project team with skills from all overBuild a project team with skills from all over
•
DevelopmentDevelopment
•
Continuous IntegrationContinuous Integration
•
TestingTesting
•
Infrastructure (HA/ Scale/ Performance)Infrastructure (HA/ Scale/ Performance)
•
DeploymentDeployment
•
MeasurementMeasurement
● Seat them together !Seat them together !
18. Sprint 0Sprint 0
● Daily Ops does KanBan
● Development does Scrum
● Ops 1 is helping Team 1
● Ops 2 is helping team 2
● Ops 3 is helping team 3
● Ops 4-7 are running
daily operations
19. Sprint 1Sprint 1
•Ops 1 has finished working
with team 1, moves to ops work
•Ops 4 moves from ops work to
helping out team 4
20. Sprint 2Sprint 2
● Ops 5 swaps places with
Ops 2 as Team 2 needs
some other skills (e.g dba
vs high availability skills)
21. Sprint 3Sprint 3
● Ops 1 moves back to
team 1 , after 2 sprints he
has a backlog of
improvements for that
team
● Ops 4 brings newly build
functionality to the ops
team
22. Is your organisation agile,Is your organisation agile,
or just your silo ?or just your silo ?
23. The BusinesThe Busines
● Doesn't care how weDoesn't care how we
run ITrun IT
● Can't adapt theirCan't adapt their
processesprocesses
● Isn't involved inIsn't involved in
building softwarebuilding software
● Doesnt survive if weDoesnt survive if we
don't deliverdon't deliver
● Is waiting for theirIs waiting for their
featuresfeatures
● Is based on softwareIs based on software
24. Pitfalls Merging TeamsPitfalls Merging Teams
● Don't keep their managersDon't keep their managers
•
Failed scrumFailed scrum
•
6 months later 1 less manager6 months later 1 less manager
● Management needs to go Agile tooManagement needs to go Agile too
•
Side Management of Senior managementSide Management of Senior management
● Don't try this on EOL teamsDon't try this on EOL teams
25. Does your Finance Department Know ?Does your Finance Department Know ?
26. The people in charge of software acquisition isThe people in charge of software acquisition is
notnot your purchasing or legal team, it's youryour purchasing or legal team, it's your
engineers.engineers.
And they probably don't need a budget, or aAnd they probably don't need a budget, or a
different onedifferent one
27. You Outsourced what ?You Outsourced what ?
● SLASLA
● How can they take responsible ?How can they take responsible ?
● Who is going to point at who ?Who is going to point at who ?
28. ““Side Projects”Side Projects”
● Such asSuch as
•
Datacenter Migration , Network Upgrade,Datacenter Migration , Network Upgrade,
Distribution UpgradeDistribution Upgrade
● Shared BacklogShared Backlog
29. ITIL : correct ideas,ITIL : correct ideas,
wrong placewrong place
● The last mileThe last mile
● The men who say noThe men who say no
● Guardians of ProductionGuardians of Production
● Friday at 10 amFriday at 10 am
30. Who has Security as partWho has Security as part
of their Job ?of their Job ?
31. Earlier in the processEarlier in the process
● Start as a teamStart as a team
•
Security Build inSecurity Build in
•
No upfront architectsNo upfront architects
•
No change managers afterwardsNo change managers afterwards
● Get Involved people from day0Get Involved people from day0
32. Fire your ArchitectsFire your Architects
● If they haven't writtenIf they haven't written
a line of code in thea line of code in the
past 3 monthspast 3 months
33. Enterprise DevopsEnterprise Devops
● ““You can only change small organisations”You can only change small organisations”
● ““You can't change a large organisation”You can't change a large organisation”
● It dependsIt depends
● There is much more to changeThere is much more to change
● It takes longerIt takes longer
● Change does happen !Change does happen !