DevOps cannot be achieved without considering many different aspects of software quality, including security. The term DevSecOps was developed to highlight that security was being focused on as part of the pipeline, not a second-class citizen.
Fortunately, DevOps and continuous delivery practices give us opportunities to add different types of security testing to our pipeline so that security can be part of our definition of done. Continuous integration can invoke static analysis tools to test for simple security errors and check if components with known vulnerabilities are being used. Automated deployments and virtualization make dynamic environments available for testing in a production-like setting. Regression test suites can be used to drive traffic through proxies for security analysis. From the code to the systems where the software is being deployed, the process can make sure that security best practices are followed and insecure software is not being produced.
Gene will talk about how to construct a definition of done that focuses on security along with other types of quality in a DevOps pipeline. He will discuss how to define security practices and criteria that are appropriate for our teams and our projects to be confident that we are doing DevSecOps, and how those practices and criteria might mature over time.
ATAGTR2017 Machine Learning telepathy for Shift Right approach of testingAgile Testing Alliance
The presentation on Machine Learning telepathy for Shift Right approach of testing was done during #ATAGTR2017, one of the largest global testing conference. All copyright belongs to the author.
Author and presenter : Santhosh GS
Why Do We Break APIs? First Answers from DevelopersLaerte Xavier
Breaking contracts have a major impact on API clients. Despite this fact, recent studies show that libraries are often backward incompatible and that the rate of breaking changes increase over time. However, the specific reasons that motivate library developers to break contracts with their clients are still unclear. In this paper, we describe a qualitative study with library developers and real instance of API breaking changes. Our goal is to (i) elicit the reasons why developers introduce breaking changes; and (ii) check if they are aware about the risks of such changes. Our survey with the top contributors of popular Java libraries contributes to reveal a list of five reasons why developers break API contracts. Moreover, it also shows that most of developers are aware of these risks and, in some cases, adopt strategies to mitigate them. We conclude by prospecting a future study to strengthen our current findings. With this study, we expect to contribute on delineating tools to better assess the risks and impacts of API breaking changes.
Get to Green: How to Safely Refactor Legacy CodeGene Gotimer
For many of us, legacy code is a fact of life. Code without tests -- no safe way to make changes, no safety net, no hope of untangling the web of accumulated ugliness, an incomplete understanding (or less) of how it really behaves. And your next set of changes is just going to add to the garbage pile and make it worse. You need tests so you can safely make changes, but you can't add tests without changing the code. It is a chicken-and-egg problem.
So how do you turn legacy code into code you can change confidently? Slowly, one step at a time. Join Gene as he shares his experiences working with a monolithic codebase that was so bad it made national news. He'll go over the steps he and his team used to refactor the code safely by using mocking frameworks, mutation testing, and patience to build an understanding of how the code worked so that they could change it confidently.
This talk is for anyone that has inherited legacy code that they aren't confident in and wants to make it something they can work on and improve. You'll leave with some tools and techniques that will help you change your legacy code into something maintainable.
A better faster pipeline for software delivery, even in the governmentGene Gotimer
The software delivery pipeline is the process of taking features from developers and getting them delivered to customers. The earliest tests should be the quickest and easiest to run, giving developers the fastest feedback. Successive rounds of testing should increase confidence that the code is a viable candidate for production and that more expensive tests—be it time, effort, cost—are justified. Manual testing should be performed toward the end of the pipeline, leaving computers to do as much work as possible before people get involved. Although it is tempting to arrange the delivery pipeline in phases (e.g., functional tests, then acceptance tests, then load and performance tests, then security tests), this can lead to problems progressing down the pipeline.
In this interactive workshop, Gene Gotimer and Ryan Kenney will discuss how to arrange your pipeline, automated or not, and so each round of tests provides just enough testing to give you confidence that the next set of tests is worth the investment. We'll explore how to get the right types of testing into your pipeline at the right points so that you can determine which builds are viable candidates for production. And we’ll explain some of the experiences we’ve had with clients, especially in the federal government, trying to build out delivery pipelines.
Attendees should be at least roughly familiar with their current delivery process, automated or not, or they should at least have a process in mind. No prior knowledge of DevOps, continuous delivery, or automation is assumed.
Scale your Experimentation with Full Stack Best PracticesOptimizely
Are you struggling to go from 1 to 10 or from 100 to 1000 experiments? Optimizely Full Stack is a powerful tool, but knowing best practices for implementation is key to 10x-ing your experimentation program. In this workshop, we'll describe best practices like installing and wrapping the SDK, strategies for code footprint, and fitting a product experimentation culture into your team's process. Come learn how to best leverage Full Stack to scale your product experimentation program.
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsSmartBear
Cigniti discusses how continuous testing can help your organization be successful in Agile and DevOps. Their original presentation was given as a part of our first annual user conference, SmartBear Connect
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Spatially enabling Web APIs through OGC Standards
Gobe Hobona, Director of Product Management, Standards at Open Geospatial Consortium
ATAGTR2017 Machine Learning telepathy for Shift Right approach of testingAgile Testing Alliance
The presentation on Machine Learning telepathy for Shift Right approach of testing was done during #ATAGTR2017, one of the largest global testing conference. All copyright belongs to the author.
Author and presenter : Santhosh GS
Why Do We Break APIs? First Answers from DevelopersLaerte Xavier
Breaking contracts have a major impact on API clients. Despite this fact, recent studies show that libraries are often backward incompatible and that the rate of breaking changes increase over time. However, the specific reasons that motivate library developers to break contracts with their clients are still unclear. In this paper, we describe a qualitative study with library developers and real instance of API breaking changes. Our goal is to (i) elicit the reasons why developers introduce breaking changes; and (ii) check if they are aware about the risks of such changes. Our survey with the top contributors of popular Java libraries contributes to reveal a list of five reasons why developers break API contracts. Moreover, it also shows that most of developers are aware of these risks and, in some cases, adopt strategies to mitigate them. We conclude by prospecting a future study to strengthen our current findings. With this study, we expect to contribute on delineating tools to better assess the risks and impacts of API breaking changes.
Get to Green: How to Safely Refactor Legacy CodeGene Gotimer
For many of us, legacy code is a fact of life. Code without tests -- no safe way to make changes, no safety net, no hope of untangling the web of accumulated ugliness, an incomplete understanding (or less) of how it really behaves. And your next set of changes is just going to add to the garbage pile and make it worse. You need tests so you can safely make changes, but you can't add tests without changing the code. It is a chicken-and-egg problem.
So how do you turn legacy code into code you can change confidently? Slowly, one step at a time. Join Gene as he shares his experiences working with a monolithic codebase that was so bad it made national news. He'll go over the steps he and his team used to refactor the code safely by using mocking frameworks, mutation testing, and patience to build an understanding of how the code worked so that they could change it confidently.
This talk is for anyone that has inherited legacy code that they aren't confident in and wants to make it something they can work on and improve. You'll leave with some tools and techniques that will help you change your legacy code into something maintainable.
A better faster pipeline for software delivery, even in the governmentGene Gotimer
The software delivery pipeline is the process of taking features from developers and getting them delivered to customers. The earliest tests should be the quickest and easiest to run, giving developers the fastest feedback. Successive rounds of testing should increase confidence that the code is a viable candidate for production and that more expensive tests—be it time, effort, cost—are justified. Manual testing should be performed toward the end of the pipeline, leaving computers to do as much work as possible before people get involved. Although it is tempting to arrange the delivery pipeline in phases (e.g., functional tests, then acceptance tests, then load and performance tests, then security tests), this can lead to problems progressing down the pipeline.
In this interactive workshop, Gene Gotimer and Ryan Kenney will discuss how to arrange your pipeline, automated or not, and so each round of tests provides just enough testing to give you confidence that the next set of tests is worth the investment. We'll explore how to get the right types of testing into your pipeline at the right points so that you can determine which builds are viable candidates for production. And we’ll explain some of the experiences we’ve had with clients, especially in the federal government, trying to build out delivery pipelines.
Attendees should be at least roughly familiar with their current delivery process, automated or not, or they should at least have a process in mind. No prior knowledge of DevOps, continuous delivery, or automation is assumed.
Scale your Experimentation with Full Stack Best PracticesOptimizely
Are you struggling to go from 1 to 10 or from 100 to 1000 experiments? Optimizely Full Stack is a powerful tool, but knowing best practices for implementation is key to 10x-ing your experimentation program. In this workshop, we'll describe best practices like installing and wrapping the SDK, strategies for code footprint, and fitting a product experimentation culture into your team's process. Come learn how to best leverage Full Stack to scale your product experimentation program.
Continuous Testing- A Key Ingredient for Success in Agile & DevOpsSmartBear
Cigniti discusses how continuous testing can help your organization be successful in Agile and DevOps. Their original presentation was given as a part of our first annual user conference, SmartBear Connect
INTERFACE, by apidays - Spatially enabling Web APIs through OGC Standards b...apidays
INTERFACE, by apidays 2021 - It’s APIs all the way down
June 30, July 1 & 2, 2021
Spatially enabling Web APIs through OGC Standards
Gobe Hobona, Director of Product Management, Standards at Open Geospatial Consortium
O futuro das empresas passa pelas constantes transformações digitais e, para isso, é fundamental manter aplicações que atendam às exigências dos clientes e, sobretudo, seguras.
Nesse cenário, nasceu o conceito de DevSecOps, descrevendo um conjunto de práticas para integração entre as equipes de desenvolvimento de software.
Nesta palestra, entenderemos mais sobre conceitos e como aplicar DevSecOps na prática.
Provocaremos discussões “saudáveis” sobre o modelo tradicional de desenvolvimento e este modelo ágil que está trazendo uma grande mudança de paradigma na construção de aplicações.
Testing in an Agile World: The Current State and Future PossibilitiesTechWell
Delivering high quality applications in an agile world is becoming more complex and challenging because of the changes the web and mobile are undergoing. Web testing continues to get much more difficult due to: increasing use of open technologies (HTML, JavaScript, and CSS) and web components in apps; lengthening the approval processes for plugins; and Chrome, Mozilla, and Edge browsers blocking specific APIs. On the mobile front, Apple, Google, and Microsoft are making it easier for developers to build cross-platform apps, resulting in more to test in less time. With releases such as Windows 10, the lines between desktop and mobile continue to blur. Nikhil Kaul presents an overview of recent technological trends and discusses why they necessitate an alteration in existing agile testing practices. He shares how the transition to technologies like React and React Native is causing the worlds of mobile and web testing to collide. Nikhil shows how, by employing reusability practices and following a modular test design, testers can better prepare for these developments.
Extending GitHub to Meet your Open Source PolicyFINOS
Jamie Jones, GitHub: Extending GitHub to Meet your Open Source Policy.
GitHub is often described as the home of the Open Source, but that doesn’t mean it comes easy. This talk will go over how you can use the features within GitHub (and that you can extend yourself) to meet many of your policy, security, and workflow needs. It includes looking at features such as Protected Branches, Code Approvals, and building your own integrations with PRobot. This presentation will give attendees the confidence to align Github with their own organizational needs and compliance requirements.
apidays LIVE Paris 2021 - Addressing OWASP API Security Top 10 by Isabelle Ma...apidays
pidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Addressing OWASP API Security Top 10 starts at design time
Isabelle Mauny, Field CTO & Co-Founder at 42Crunch
O futuro das empresas passa pelas constantes transformações digitais e, para isso, é fundamental manter aplicações que atendam às exigências dos clientes e, sobretudo, seguras. Nesse cenário, nasceu o conceito de DevSecOps, descrevendo um conjunto de práticas para integração entre as equipes de desenvolvimento de software.
Nesta palestra, entenderemos mais sobre conceitos e como aplicar DevSecOps na prática. Provocaremos discussões “saudáveis” sobre o modelo tradicional de desenvolvimento e este modelo ágil que está trazendo uma grande mudança de paradigma na construção de aplicações.
Definition Driven API Development: How OAS & Swagger Help Teams Streamline Th...SmartBear
The OpenAPI Specification (formerly known as the Swagger Specification) has emerged as the world’s standard for defining RESTful interfaces at a time when the API economy is ripe for disruption. In this webinar, we discussed exactly why and how to use the OpenAPI Specification to accelerate your API development in various phases of the API lifecycle including API design, development, documentation, testing and virtualization.
We cover trends in the API landscape that have led to the adoption of API definitions, like OpenAPI, and look at real-world examples of how API teams are using definitions to address challenges at each of the different phases of the lifecycle of their APIs. And finally, we walk through a live demo showing tools like Swagger Inspector for generating API definitions, SwaggerHub for designing, documenting, and developing your APIs, and SoapUI and ServiceV for testing and virtualizing your API.
apidays LIVE Paris 2021 - EDI & API on One Integration Platform by Mir Mustha...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
EDI & API on One Integration Platform – Intcomex Success Story
Mir Musthafa Ali Pashar, Head - Middleware Practice at Royal Cyber Inc. & Grisel Infante Costa, IT Operations Coordinator at Intcomex
Scale DevSecOps with your Continuous Integration Pipeline DevOps.com
Hear from AppSec and Development leaders on how they apply the principles of DevOps to deliver secure products and services to customers. Learn how you can scale your DevSecOps initiatives to reduce time-to-deployment and lower costs as you deliver secure software. During this webinar, you will learn about the latest tools and techniques that will enable your development teams to embed security scanning into your IDE as you are coding, returning most scans in seconds – all while integrating into your CI pipeline. Our speaker will provide:
An overview of Veracode Greenlight and its integrations with developer tools;
A summary of recent Greenlight use cases and successes;
Examples of how Greenlight integrates into your CI pipeline
Serverless Security: A pragmatic primer for builders and defendersJames Wickett
Talk given at O'Reilly's 2017 Velocity Conference in San Jose.
Serverless is the design pattern for writing applications at scale without the necessity of managing infrastructure. This is done across the continuum of the cloud—from storage as a service to database as a service—but the center of serverless is functions as a service (FaaS). (Current FaaS offerings include AWS Lambda, Azure Functions, and Google Cloud Functions.) Now processes run for milliseconds before being destroyed and then get instantiated for subsequent requests.
Serverless adds simplicity and a new economic model to cloud computing, but it creates some unique security challenges. In serverless architectures, technologies like antivirus and intrusion detection become meaningless. James Wickett explores practical security approaches for serverless in four key areas—the software supply chain, the delivery pipeline, data flow, and attack detection—and examines how traditional approaches need to be adapted to serverless.
Even if you don’t have any experience with serverless, don’t worry; this session starts with the basics. You’ll learn what serverless is (hint: it’s still being defined) and practical patterns for serverless adoption.
How LISI Automotive Accelerated Application Delivery with SwaggerHubSmartBear
In this SmartBear webinar, Sebastien Gadot presents on how his team at LISI Automotive got started with the open source Swagger tools and moved to SwaggerHub to speed up their application delivery.
Moving to Open-Source Tools - How to Increase Performance Test Coverage Throu...CA Technologies
Have you been wondering about the rise of open-source alternatives to LoadRunner and other legacy performance tools? Why is there such a strong shift to open source performance testing?
Here are key concepts that will allow you to make the transition from centralized testing with legacy tools to widely distributed testing with Apache JMeter and other open source tools. You’ll see how a small Center of Excellence (CoE) team can drive a 10x or 100x increase in testing by handing out logins to self-service tools instead of being a finite resource for test preparation and execution.
Start Testing for Free. Create your free CA BlazeMeter account today. https://www.blazemeter.com/#signup
Jenkins User Conference - Continuous Delivery on MobileLuca Milanesio
SmartPhones have revolutionised the way we think and write software: how can you take an additional step and actually have your SmartPhone drive development? With Jenkins, you can drive and integrate every step of your development with your SmartPhone, end-to-end: CI and delivery - Application install - Test execution - Issue tracking. See how to implement mobile plugins for Jenkins on mobile
Don’t Ignore GitHub Security Alerts, Automate Them Into Your Workflow.Ashley Wolf
Presentation from Open Source Leadership Summit 2019. This talk will highlight some best practices that your Open Source Program Office (OSPO) can use to manage security vulnerabilities for open source projects using GitHub’s security alerts at scale. We’ll discuss the mechanics and governance around the process we’ve set up at Verizon Media to notify internal employees about CVEs on their projects.
The Kitura Server-side Swift framework has built support for Swagger and OpenAPI directly into its framework so that it auto-generates its own OpenAPI specification. This presentation show's how that enables Kitura to be used in the much wider OpenAPI ecosystem.
Innovation at Perforce never stops. Since the last MERGE conference, there have been continual updates across the board in response to user requests. In this session, we're going to look at what's new and take a peek at what's in the works so that you can start planning to exploit them when they're available.
DevOps needs to consider many different aspects of software quality, including security. The term DevSecOps was developed to highlight that security is a focus of the pipeline, not a second-class citizen.
Fortunately, we can define done for our pipeline so that it includes security. Continuous integration can invoke static analysis tools to test for security errors and check if we are using components with known vulnerabilities. Automated deployments and virtualization make dynamic environments available for testing in a production-like setting. Regression tests can drive traffic through proxies for security analysis. From the code to the systems where we deploy the software, the process can be designed to make sure that we follow security best practices, and not produce insecure software.
Participants will learn how to construct a definition of done that focuses on security in a DevOps pipeline. They will see how to define security practices that build confidence that they are doing DevSecOps, and how those practices and criteria might mature over time.
Deck used at Keep Austin Agile 2018 with charts from audience pollings.
Enterprises want to deliver more value with higher quality at a faster pace. Many development teams have adopted agile frameworks to improve their ability to deliver software. This has led to a local optimization for the development teams and they have become good at delivering potentially shippable increments of their products, but from there, they typically see organizational constraints in moving it to the customer. The development organization is quickly adding features to the queue waiting to be released, but the operations teams are struggling to support fires in production, maintain stability, and provide the environments and infrastructure needed so development teams can move their new functionality forward. The operation team’s focus on stability usually minimizes the number of changes in production thus creating infrequent, large batches being deployed at a planned date. Can Agile and DevOps bring the development and operations teams together to remove the organizational constraints in moving the software to the customer?
In this session, we’ll talk about the relationship of Agile and DevOps, not as an intersection, but as a progression of capability with development and operation teams working together to remove those constraints. We’ll discuss how using Agile and DevOps practices together, teams can release value faster, with higher quality, and in more stable environments making it safer to deploy.
O futuro das empresas passa pelas constantes transformações digitais e, para isso, é fundamental manter aplicações que atendam às exigências dos clientes e, sobretudo, seguras.
Nesse cenário, nasceu o conceito de DevSecOps, descrevendo um conjunto de práticas para integração entre as equipes de desenvolvimento de software.
Nesta palestra, entenderemos mais sobre conceitos e como aplicar DevSecOps na prática.
Provocaremos discussões “saudáveis” sobre o modelo tradicional de desenvolvimento e este modelo ágil que está trazendo uma grande mudança de paradigma na construção de aplicações.
Testing in an Agile World: The Current State and Future PossibilitiesTechWell
Delivering high quality applications in an agile world is becoming more complex and challenging because of the changes the web and mobile are undergoing. Web testing continues to get much more difficult due to: increasing use of open technologies (HTML, JavaScript, and CSS) and web components in apps; lengthening the approval processes for plugins; and Chrome, Mozilla, and Edge browsers blocking specific APIs. On the mobile front, Apple, Google, and Microsoft are making it easier for developers to build cross-platform apps, resulting in more to test in less time. With releases such as Windows 10, the lines between desktop and mobile continue to blur. Nikhil Kaul presents an overview of recent technological trends and discusses why they necessitate an alteration in existing agile testing practices. He shares how the transition to technologies like React and React Native is causing the worlds of mobile and web testing to collide. Nikhil shows how, by employing reusability practices and following a modular test design, testers can better prepare for these developments.
Extending GitHub to Meet your Open Source PolicyFINOS
Jamie Jones, GitHub: Extending GitHub to Meet your Open Source Policy.
GitHub is often described as the home of the Open Source, but that doesn’t mean it comes easy. This talk will go over how you can use the features within GitHub (and that you can extend yourself) to meet many of your policy, security, and workflow needs. It includes looking at features such as Protected Branches, Code Approvals, and building your own integrations with PRobot. This presentation will give attendees the confidence to align Github with their own organizational needs and compliance requirements.
apidays LIVE Paris 2021 - Addressing OWASP API Security Top 10 by Isabelle Ma...apidays
pidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Addressing OWASP API Security Top 10 starts at design time
Isabelle Mauny, Field CTO & Co-Founder at 42Crunch
O futuro das empresas passa pelas constantes transformações digitais e, para isso, é fundamental manter aplicações que atendam às exigências dos clientes e, sobretudo, seguras. Nesse cenário, nasceu o conceito de DevSecOps, descrevendo um conjunto de práticas para integração entre as equipes de desenvolvimento de software.
Nesta palestra, entenderemos mais sobre conceitos e como aplicar DevSecOps na prática. Provocaremos discussões “saudáveis” sobre o modelo tradicional de desenvolvimento e este modelo ágil que está trazendo uma grande mudança de paradigma na construção de aplicações.
Definition Driven API Development: How OAS & Swagger Help Teams Streamline Th...SmartBear
The OpenAPI Specification (formerly known as the Swagger Specification) has emerged as the world’s standard for defining RESTful interfaces at a time when the API economy is ripe for disruption. In this webinar, we discussed exactly why and how to use the OpenAPI Specification to accelerate your API development in various phases of the API lifecycle including API design, development, documentation, testing and virtualization.
We cover trends in the API landscape that have led to the adoption of API definitions, like OpenAPI, and look at real-world examples of how API teams are using definitions to address challenges at each of the different phases of the lifecycle of their APIs. And finally, we walk through a live demo showing tools like Swagger Inspector for generating API definitions, SwaggerHub for designing, documenting, and developing your APIs, and SoapUI and ServiceV for testing and virtualizing your API.
apidays LIVE Paris 2021 - EDI & API on One Integration Platform by Mir Mustha...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
EDI & API on One Integration Platform – Intcomex Success Story
Mir Musthafa Ali Pashar, Head - Middleware Practice at Royal Cyber Inc. & Grisel Infante Costa, IT Operations Coordinator at Intcomex
Scale DevSecOps with your Continuous Integration Pipeline DevOps.com
Hear from AppSec and Development leaders on how they apply the principles of DevOps to deliver secure products and services to customers. Learn how you can scale your DevSecOps initiatives to reduce time-to-deployment and lower costs as you deliver secure software. During this webinar, you will learn about the latest tools and techniques that will enable your development teams to embed security scanning into your IDE as you are coding, returning most scans in seconds – all while integrating into your CI pipeline. Our speaker will provide:
An overview of Veracode Greenlight and its integrations with developer tools;
A summary of recent Greenlight use cases and successes;
Examples of how Greenlight integrates into your CI pipeline
Serverless Security: A pragmatic primer for builders and defendersJames Wickett
Talk given at O'Reilly's 2017 Velocity Conference in San Jose.
Serverless is the design pattern for writing applications at scale without the necessity of managing infrastructure. This is done across the continuum of the cloud—from storage as a service to database as a service—but the center of serverless is functions as a service (FaaS). (Current FaaS offerings include AWS Lambda, Azure Functions, and Google Cloud Functions.) Now processes run for milliseconds before being destroyed and then get instantiated for subsequent requests.
Serverless adds simplicity and a new economic model to cloud computing, but it creates some unique security challenges. In serverless architectures, technologies like antivirus and intrusion detection become meaningless. James Wickett explores practical security approaches for serverless in four key areas—the software supply chain, the delivery pipeline, data flow, and attack detection—and examines how traditional approaches need to be adapted to serverless.
Even if you don’t have any experience with serverless, don’t worry; this session starts with the basics. You’ll learn what serverless is (hint: it’s still being defined) and practical patterns for serverless adoption.
How LISI Automotive Accelerated Application Delivery with SwaggerHubSmartBear
In this SmartBear webinar, Sebastien Gadot presents on how his team at LISI Automotive got started with the open source Swagger tools and moved to SwaggerHub to speed up their application delivery.
Moving to Open-Source Tools - How to Increase Performance Test Coverage Throu...CA Technologies
Have you been wondering about the rise of open-source alternatives to LoadRunner and other legacy performance tools? Why is there such a strong shift to open source performance testing?
Here are key concepts that will allow you to make the transition from centralized testing with legacy tools to widely distributed testing with Apache JMeter and other open source tools. You’ll see how a small Center of Excellence (CoE) team can drive a 10x or 100x increase in testing by handing out logins to self-service tools instead of being a finite resource for test preparation and execution.
Start Testing for Free. Create your free CA BlazeMeter account today. https://www.blazemeter.com/#signup
Jenkins User Conference - Continuous Delivery on MobileLuca Milanesio
SmartPhones have revolutionised the way we think and write software: how can you take an additional step and actually have your SmartPhone drive development? With Jenkins, you can drive and integrate every step of your development with your SmartPhone, end-to-end: CI and delivery - Application install - Test execution - Issue tracking. See how to implement mobile plugins for Jenkins on mobile
Don’t Ignore GitHub Security Alerts, Automate Them Into Your Workflow.Ashley Wolf
Presentation from Open Source Leadership Summit 2019. This talk will highlight some best practices that your Open Source Program Office (OSPO) can use to manage security vulnerabilities for open source projects using GitHub’s security alerts at scale. We’ll discuss the mechanics and governance around the process we’ve set up at Verizon Media to notify internal employees about CVEs on their projects.
The Kitura Server-side Swift framework has built support for Swagger and OpenAPI directly into its framework so that it auto-generates its own OpenAPI specification. This presentation show's how that enables Kitura to be used in the much wider OpenAPI ecosystem.
Innovation at Perforce never stops. Since the last MERGE conference, there have been continual updates across the board in response to user requests. In this session, we're going to look at what's new and take a peek at what's in the works so that you can start planning to exploit them when they're available.
DevOps needs to consider many different aspects of software quality, including security. The term DevSecOps was developed to highlight that security is a focus of the pipeline, not a second-class citizen.
Fortunately, we can define done for our pipeline so that it includes security. Continuous integration can invoke static analysis tools to test for security errors and check if we are using components with known vulnerabilities. Automated deployments and virtualization make dynamic environments available for testing in a production-like setting. Regression tests can drive traffic through proxies for security analysis. From the code to the systems where we deploy the software, the process can be designed to make sure that we follow security best practices, and not produce insecure software.
Participants will learn how to construct a definition of done that focuses on security in a DevOps pipeline. They will see how to define security practices that build confidence that they are doing DevSecOps, and how those practices and criteria might mature over time.
Deck used at Keep Austin Agile 2018 with charts from audience pollings.
Enterprises want to deliver more value with higher quality at a faster pace. Many development teams have adopted agile frameworks to improve their ability to deliver software. This has led to a local optimization for the development teams and they have become good at delivering potentially shippable increments of their products, but from there, they typically see organizational constraints in moving it to the customer. The development organization is quickly adding features to the queue waiting to be released, but the operations teams are struggling to support fires in production, maintain stability, and provide the environments and infrastructure needed so development teams can move their new functionality forward. The operation team’s focus on stability usually minimizes the number of changes in production thus creating infrequent, large batches being deployed at a planned date. Can Agile and DevOps bring the development and operations teams together to remove the organizational constraints in moving the software to the customer?
In this session, we’ll talk about the relationship of Agile and DevOps, not as an intersection, but as a progression of capability with development and operation teams working together to remove those constraints. We’ll discuss how using Agile and DevOps practices together, teams can release value faster, with higher quality, and in more stable environments making it safer to deploy.
We all know that the DevOps approach brings developers and operators into closer collaboration. On the other hand, we learned that the requirements of each team member are different to achieve software product development.
For example:
Product Owner must deliver the high quality product by a deadline and wants to know what is happening in the project because it is necessary to take an action before a minor issue becomes critical.
Developers want to focus on implementation by automating code validation and unit tests to keeping code quality.
QA team requires to cover wide range of test cases with security check in a timely manner.
Operating team is comfortable as long as the system is stable.
In order to tie these various requirements together, we propose the entire agile development process as "DevOps+" by visualizing throughout project - issue management, software design, code implementation, quality testing, systems deployment, security check, release management and its operation in-the-Cloud.
This session will propose Drupal-as-a-Service for "DevOps+" with the integration of back-end systems including JIRA, Git, Chef, Jenkins, Veracode (for Code Security Validation), Public/Private Clouds, Nagios, Splunk and collectd.
Learn about how Amazon enables its developers to rapidly release and iterate software while maintaining industry-leading standards on security, reliability, and performance. In this talk, we will discuss the culture of two pizza teams and how to maintain a culture of DevOps in a large enterprise.
DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes.
In this presentation we will:
- Deepen AWS DevOps services
- Understand how to release a serverless apllication
- Understand the benefits of technology with AWS Coud9
DevOps Patterns to Enable Success in MicroservicesRich Mills
Migrating to a microservices architecture isn't the easy utopia we hoped for. Success requires a combination of technical architecture, automation, and development methodology that all relate closely to Agile and DevOps. This presentation discusses patterns for team structure, CI/CD pipelines, and test automation that will help you successfully deliver solutions using microservices.
Presented at Agile 2019 (DC), Aug 2019
Today, applications are developed amongst various vendors for use supporting Naval Forces on shore and at sea, with different requirements all having to be managed by infrastructure. The Collaborative Software Factory (CSF) is a US Navy Research and Development project designed to bring modern application development to the Navy.
In this session you will learn how the CSF is designed as an opinionated way to develop software destined for the fleet. It is designed to help application teams leverage DevOps methodologies using a polyglot platform in Red Hat OpenShift, modern application frameworks, and integrating security into software pipelines. Of the hundreds of security controls necessary for an application accreditation, the approach taken aims to provide many of them via inheritance. AWS and the underlying Red Hat OpenShift container platform provide control matrixes and mappings to help assurance teams with automating accreditation of software. This, plus security features such as code scanning and OpenSCAP scans built into the pipeline, help to rapidly deliver software to the fleet while still meeting compliance and security requirements.
By leveraging containers and a managed container platform to provide a stable, consistent platform for applications to be developed, the Navy was able to standardize deployments at sea, such as the upcoming Compile to Combat 24 effort.
This effort takes advantage of the AWS GovCloud (US) services accredited at DoD SRG Impact Level 5, such as Amazon EC2, Amazon Simple Storage Service (S3), AWS Key Management Service (KMS) and others to provide elastic scalability to application consumers to leveraging continuous integration and on-demand testing environments.
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Sol...CA Technologies
Securing Your Enterprise Continuous Delivery Pipelines with CA Automation Solutions (Formerly Automic) and CA Privileged Access Manager
For more information on DevSecOps, please visit: http://ow.ly/u2pN50g63tN
Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...Amazon Web Services
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and Availability Zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.
by Trevor Sullivan, Solutions Architect, AWS
Software release cycles are now measured in days instead of months. Cutting edge companies are continuously delivering high-quality software at a fast pace. In this session, we will cover how you can begin your DevOps journey by sharing best practices and tools used by the engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous Integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, AWS Cloud9, and AWS X-Ray the services inspired by Amazon's internal developer tools and DevOps practice.
How do you become a high performing technology team? It all comes down to execution. Over the past five years, the State of DevOps Report has shown how the highest-performing technology teams decisively outperform their lower-performing peers. Dr. Nicole Forsgren shares insights into the key technical, architectural, and product capabilities that drive these outcomes, including new findings from cloud, outsourcing, and open source. She offers highlights and surprises uncovered over the last five years from over 30,000 responses.
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and availability zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.
As Public Sector development teams transition to cloud-based architectures and adopt more agile processes, the tools they need to support their development cycles will change. In this session, we'll take you through the transition that Amazon made to a service-oriented architecture over a decade ago. We will share the lessons we learned, the processes we adopted, and the tools we built to increase both our agility and reliability. We will also introduce you to the AWS Code family services which were born out of Amazon's internal DevOps experience and are utilised by many Public Sector customers globally.
Mario Vlachakis, Solutions Architect, AWS
Amazon CI/CD Practices for Software Development Teams - SRV320 - Chicago AWS ...Amazon Web Services
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and Availability Zone redundancy. We use the AWS developer tools whose designs were based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.
Amazon CI/CD Practices for Software Development Teams - SRV320 - Atlanta AWS ...Amazon Web Services
At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk through best practices for both the CI and the CD of software delivery. For CI, we showcase how to incorporate pull requests to increase team collaboration, and demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and Availability Zone redundancy. We use AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy.
Moving to DevOps the Amazon Way (DEV210-R1) - AWS re:Invent 2018Amazon Web Services
DevOps is currently one of the most sought after engineering models. One reason is that it helps enterprise transformations. The Amazon transformation to DevOps was born out of the desire to be even more customer obsessed, more agile, and more innovative. Come and learn from our journey as we share the playbook that helped us successfully implement and adopt DevOps as well as the lessons we learned the hard way.
AWS Code* services provide an easy way to build and operate a CI/CD pipeline for your project apps. In this session, we will cover the different AWS code services (CodeCommit, CodeBuild, CodeDeploy, CodePipeline and CodeStar) and the integration of these tools into your project.
Similar to DevOpsDays Baltimore 2018: A Definition of Done for DevSecOps - Gene Gotimer (20)
DevOpsDays Baltimore 2018: Black Mirror Season 5: DevOps - Brendan O'LearyDevOpsDays Baltimore
Black Mirror presents a haunting view of how modern technology places society a “minute away” from a dystopian future. DevOps and those of us that practice it find ourselves in a similar situation - partially mature technologies whose implications we don’t yet fully understand. Heartbleed, Equifax and now Meltdown & Spectre can make us feel like there is no escaping this dark future. But just as Black Mirror examines the extremes of these concepts as a canary in the mine shaft for society, we too can carefully employ practices that will prevent season 5 from featuring Site reliability engineer, DevOps engineer, or CISO characters.
In this talk, we'll learn how to use the powerful concepts and tools behind DevOps for good...with great power comes great responsibility....but also great opportunity to do good for our businesses, each other and our world. By working together with product, business, and external teams; embedding security into how we operate; and measuring everything we do we can empower our teams to thrive.
DevOpsDays Baltimore 2018:: Avoiding pitfalls of non technical managers - Vic...DevOpsDays Baltimore
This talk is intended to help folks who are managing technical projects avoid common pitfalls, and help technical teams better prepare managers for overall project success.
Every day we make decisions. Those decisions can be around improving your product, process, company; sometimes even bettering yourself. But many of our decisions are not made consciously. We all have biases. And even though most of our biases are unconscious, those biases still can get in a way of making the best possible decision. This is not a talk about gender and racial bias in tech hiring (altho I will also touch on hiring procedures and biases). This is a talk about different biases that skew our technical decision process that we deal with in out day-to-day operations.
DevOpsDays Baltimore 2018: The Difference Between DevOps and Everything Else ...DevOpsDays Baltimore
DevOps seems to have broken an age old rule that said IT investment don’t affect the bottom line and can’t create a strategic advantage. In this talk I’ll explore how the ‘people’ part of people, process and tools is the key difference between devops and every other silver bullet to come before it.
DevOpsDays Baltimore 2018: Comparative studies in highways, organizations, au...DevOpsDays Baltimore
I want you to imagine your organization as a freeway/highway and vehicles on it as the teams within the organization. Now, imagine if you could strip every major attribute you know about driving safely on a highway. What would it reveal about you, your team and your organization? In this talk, we will do this quick exercise and hopefully have some catharsis-based-revelations along the way.
DevOps trends are clear on measuring systems Mean Time To Recovery rather than Mean Time Between Failures. I argue that worrying about time between failures actually causes more harm than worrying about recovery. But do we think of our human systems the same way as our digital? I’ll apply lessons learned in SysOps to HumanOps. I’ll talk about how our complex social systems act like complex computer systems and how focusing on MTTR rather than MTBF is a good thing between people, not just machines. I'll cover the environmental requirements for focusing on MTTR and discuss potential conflict resolution steps for a jumping off point in your organization or community.
Product owners are under pressure from Marketing and Leadership to focus on features, while operability (availability, performance, monitoring, etc) are an afterthought to be bolted on later. Deployments fail, customers complain, and work isn't fun. How can DevOps reach out to Product?
People from a "Product background" often have zero technical experience, but find themselves needing to dictate the deliverables. Product owners are under great pressure from Marketing and Leadership to focus on "features" from a customer perspective; the so-called "non-functional requirements" often fall by the wayside. Operability - monitorabilty, recoverability, availability, performance, among other aspects - is difficult to bake into an application that was developed without such consideration.
This talk will present practical approaches to bridge-building between Ops and Product. Focusing especially on cross-functional Agile teams with leadership with little or no Ops background, we will explore whether "planning the work will result in the planned work being the work that is done." When working with a mixed team, doing development, deployment, incident response, and everything in support of that, such plans go off the rails. Methods of championing Ops needs while avoiding "the sky is falling" perceptions will be presented. What kinds of unplanned work exist? Are there steps we can take to convert unplanned work into planned work? How does work flow through the team? How does unplanned work disrupt the flow?
In high security environments, we are often behind proxies, firewalls or obnoxious corporate policies that disallow access to Github or RubyGems. What gives?! In this session, I will talk about what problems we need to solve to build and manage environments in an offline world and how infrastructure as code is at the heart of making it happen.
Artificial intelligence, bots and agents, conversational interfaces, IoT, and cyborgs. Until recently, such things were more hype than substance, but now, the awaited brave new world may actually be dawning. “Pokémon GO anyone?” says Alexa. This talk will explore what these advances means for DevOps conceptually and practically. How do we help our organizations and communities deliver “applications” across multiple senses, devices, media, and realities with the same level of speed, agility, precision, and security we have achieved in much simpler realms?
Best Practices for IT management: Investment‐based BudgetingDevOpsDays Baltimore
Or How to actually win the budget argument for the people you need.
Have you heard, "I'm going to need you to reduce your IT budget by 10% this year over last year" from an executive who didn't know the business impact of this request? Did your budget help you or hinder you in fighting him off?
A3 Thinking is a proven technique for developing a learning organization enabled to drive rapid cycles of continual improvement, but the original method needs some tweaks to work best in a DevOps context. This Ignite talk will provide a quick overview of A3 Thinking and its roots. Then I’ll discuss how DevOps practitioners are modifying A3 Thinking to better fit DevOps. I’ll close with some suggestions on other ways in which the A3 could be modified to meet the needs of DevOps teams. Links to sources for those interested in learning more about A3 Thinking and DevOps will be provided.
Getting Away from it All - Living an Unplugged Life as an IT ProDevOpsDays Baltimore
Plan a digital cleanse! Schedule a technology detox days! Unplug to Reconnect!
The internet is littered with articles promoting the benefits of getting away from our devices. They aren't wrong, but most frame such an activity as a rare event, one that falls somewhere between darning your socks and filing your taxes in terms of frequency.
Believe it or not, there is sizable group within the IT professional community who do exactly that every week. For 25 hours, they turn off more than just their cell phones. Anything with an on switch is off-limits, from cell phones and computers to televisions and toaster ovens. As extreme as some may see that lifestyle, there are lessons which can be learned even for the occasional email hiatus.
This talk offers insight into:
current research (along with his own experience) on the benefits of unplugging
what disconnecting from all tech on a weekly basis "looks like" - how it really works
The challenges and risks of disconnecting specifically for an IT pro.
Options for negotiating those challenges and mitigating the risk
This talk is for anyone who has ever considered taking a break from tech, whether for an hour, a day, or longer; or anyone who heard about people who disconnect and called them freaky crazy luddites, whether to their face or behind their back.
We’ve all heard culture is vital to creating and sustaining a healthy organization. It was even Merriam-Webster’s Word of the Year in 2014. We also know culture is notoriously hard to describe in a meaningful way. Even harder than describing culture is demonstrating its contribution to organizational performance.
Culture’s importance is reinforced in the DevOps movement as the “C” in “CALMS” – one of the key aspects of DevOps. Culture also shapes how an organization shares information – “sharing” being the “S” in “CALMS” and another key aspect of DevOps.
But for all its importance, we’ve had few tools and limited research to describe or quantify culture.
Or so we thought. Work from Dr. W. Edwards Deming, Sydney Dekker, Dr. Ron Westrum, and the State of DevOps Reports is all contributing to our understanding of culture and how it impacts the performance of an organization and its people.
This talk will discuss how culture connects to organizational performance, vocabulary for how to describe culture, research about the effects of culture, an d tactics you can use to change your culture for the better.
There are a lot of great things about the cloud, but the "destroy and rebuild" philosophy which is really good for building a continuous delivery pipeline, really sucks when applied to troubleshooting production problems. When your application goes haywire, the most valuable engineering skill is not the the ability to bring up a copy of your system or even the knowledge of your technology stack (although it doesn't hurt). It is the skill of understanding and solving problems.
Finding the root cause of the issue and mitigating it with minimal disruption in production is a must-have skill for engineers responsible for managing and maintaining production systems, which nowadays includes ops, dbas and devs alike. In this talk I will discuss the skills required to troubleshoot complex systems, traits that prevent engineers from being successful at troubleshooting and discuss some techniques and tips and trick for troubleshooting complex systems in production.
This is the bittersweet story of Continuous Integration. CI is practice that we fell in love with, embraced and then never fully committed to. I’ll share with you the current state of CI, what we think we are doing when we say CI and what we are really doing in terms of CI. Then I’ll remind us all why we fell in love with CI in the first place and make some suggestions on how to get back to the good stuff.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar