Resident, an online retailer, scaled their DevOps processes using AWS and CloudShell Colony to provide self-service environments. This allowed development teams to get secure environments in under 5 minutes, removed bottlenecks from static environments, and increased development speed. It also provided accurate cloud cost tracking and role-based access control. Resident aims to further adopt containers and Kubernetes on AWS to continue innovating at scale.
DevOps for Highly Regulated EnvironmentsDevOps.com
Financial institutions, medical groups, governmental organizations, automotive companies… these types of entities all have unique and sometimes difficult-to-meet regulations. You may be required to have fine-grained auditability of your SDLC or maintain specific third-party integrations. Security models may be heightened, or certain types of compliance processes maintained. So how are we supposed to “do the DevOps” when we have so many things to worry about? In this webinar, we’ll explore some ways that you can adopt DevOps best practices and even (gasp!) thrive when building your DevOps and DevSecOps pipelines in highly-regulated industries.
Securing Container-Based Applications at the Speed of DevOpsWhiteSource
Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security and compliance aspect of your container images. With tools such as WhiteSource, developers are able to manage the security of their containers and container images with no impact on agility and speed.
Join Shiri Ivtsan, Product Manager at WhiteSource and Carmen Puccio, Solutions Architect at AWS, as they discuss the following:
Effectively managing and deploying your container images
Gaining full visibility into your container images
Building and automating security into each layer of the container environment to ensure a continuous process throughout the SDLC
Demonstrating a live example using a vulnerable container image
It's clear that Docker speeds up development and makes testing and deployment more efficient. As Docker moves into production new use cases and patterns are emerging that address availability and security concerns. With microservices, safety is part of the architecture that developers need to understand and build for. It's no longer good enough to wrap a firewall around an entire app when it goes to production, and have a cold standby in case it breaks.
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
In this session, you will learn how BNY Mellon is tackling the challenges of DevSecOps at scale by unifying static/dynamic source code scanning, audit and risk analysis tools into a unified workflow by using Jira Software.
BNY Mellon’s ability to generate reports from multiple sources had become a time consuming manual process. Jira Software demonstrated the ability to deliver efficiency at reporting and became the solution for tracking security aspects of the SDLC process.
DevOps for Highly Regulated EnvironmentsDevOps.com
Financial institutions, medical groups, governmental organizations, automotive companies… these types of entities all have unique and sometimes difficult-to-meet regulations. You may be required to have fine-grained auditability of your SDLC or maintain specific third-party integrations. Security models may be heightened, or certain types of compliance processes maintained. So how are we supposed to “do the DevOps” when we have so many things to worry about? In this webinar, we’ll explore some ways that you can adopt DevOps best practices and even (gasp!) thrive when building your DevOps and DevSecOps pipelines in highly-regulated industries.
Securing Container-Based Applications at the Speed of DevOpsWhiteSource
Thanks to containerization and automation, applications are being developed and delivered faster than ever. With tools such as AWS ECR, developers are able to store, manage and deploy Docker container images without having to worry about operating their own container repositories or scaling the underlying infrastructure. With this, however, arise challenges around managing the security and compliance aspect of your container images. With tools such as WhiteSource, developers are able to manage the security of their containers and container images with no impact on agility and speed.
Join Shiri Ivtsan, Product Manager at WhiteSource and Carmen Puccio, Solutions Architect at AWS, as they discuss the following:
Effectively managing and deploying your container images
Gaining full visibility into your container images
Building and automating security into each layer of the container environment to ensure a continuous process throughout the SDLC
Demonstrating a live example using a vulnerable container image
It's clear that Docker speeds up development and makes testing and deployment more efficient. As Docker moves into production new use cases and patterns are emerging that address availability and security concerns. With microservices, safety is part of the architecture that developers need to understand and build for. It's no longer good enough to wrap a firewall around an entire app when it goes to production, and have a cold standby in case it breaks.
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
In this session, you will learn how BNY Mellon is tackling the challenges of DevSecOps at scale by unifying static/dynamic source code scanning, audit and risk analysis tools into a unified workflow by using Jira Software.
BNY Mellon’s ability to generate reports from multiple sources had become a time consuming manual process. Jira Software demonstrated the ability to deliver efficiency at reporting and became the solution for tracking security aspects of the SDLC process.
Software application development and delivery often involves multiple development, infrastructure and operations teams, each with their own preferred “tools of the trade” for building, testing and deploying code changes
For years, virtualization and cloud technologies have provided agile, on-demand infrastructure. The advent of Microservices promises even more agility– but what is required to take advantage of Microservices?
Join Electric Cloud CTO Anders Wallgren and Trace3 Principal Consultant - DevOps Marc Hornbeek as they discuss what is required to:
- Overcome culture and architecture challenges created when decomposing monolithic applications into Microservices-based applications.
- Coordinate integration, testing, monitoring, packaging, release approval and deployment of Microservices-based applications over elastic infrastructures
- Create a controlled and auditable delivery pipeline to support
Microservices-based application.
- Prepare for “future” applications, pipelines and patterns.
There are options beyond a straight forward lift and shift into Infrastructure as a Service. This session is about learning about how Azure helps modernize applications faster utilising modern technologies like PaaS, containers and serverless
An introduction to the devsecops webinar will be presented by me at 10.30am EST on 29th July,2018. It's a session focussed on high level overview of devsecops which will be followed by intermediate and advanced level sessions in future.
Agenda:
-DevSecOps Introduction
-Key Challenges, Recommendations
-DevSecOps Analysis
-DevSecOps Core Practices
-DevSecOps pipeline for Application & Infrastructure Security
-DevSecOps Security Tools Selection Tips
-DevSecOps Implementation Strategy
-DevSecOps Final Checklist
Operationalize the network to affect positive cultural change across IT silos to accelerate time to market because the second place is the first loser in an application world.
In medicine - an MRI can quickly reveal a hidden ailment and actionable insight to get better. For IT and business leaders whose key concern with the mainframe is the platform costs and lean operations - the CA Mainframe Resource Intelligene reveals multiple sources of hidden mainframe costs and operational inefficiencies along with actionable recommendations. This is the only offering in the market that combines economic consulting services with proprietary utilities and automation technologies. View this SlideShare to understand the solution – how services, best practices and mainframe expertise of 40+ years from CA comes together to solve the CIO and CFO’s biggest challenge.
Call your account director or mainframe specialist.: https://www.ca.com/us/contact/mainframe-economic-consultant.html
The adoption of DevOps practices and tools for mainframe-native and cross-platform apps is gaining traction.
This session will present findings from a recent IDC study on the current state with a close examination of where leaders are finding the most value. Learn about the exciting trends with IDC Research Vice President Mary Johnston Turner and Sujay Solomon, Broadcom’s Chief Z DevOps Advocate. This session is a must for both Mainframe leaders and DevOps champions.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Micro Focus Software Delivery and Testing Jan De Coster Presentation on the Journey to DevOps in the recent Micro Focus #DevDay Copenhagen.
Micro Focus enables enterprise software organizations to build innovative software and accelerate application delivery to meet the needs of the business. Whatever the challenges and infrastructures, our core principle—of reusing what already works to minimize business risk while supporting modern software practices—has positioned our customers to be better prepared to support the digital transformation of the business.
Build, test and deliver innovative software faster with less risk.
April 2017.
Microservices architectures are changing the way that organizations build their applications and infrastructure. Companies can now achieve new levels of scale and efficiency by disaggregating their large, monolithic applications into small, independent “micro services”, each of which perform different functions. In this session, we’ll introduce the concept of microservices, help you evaluate whether your organization is ready for microservices, and discuss methods for implementing these architectures. We’ll also cover topics such as using API gateways, enabling self-service infrastructure provisioning, and ways to manage your microservices.
Businesses are speeding up development and automating operations to remain competitive and to get large organizations to scale. Project based monolithic application updates are replaced by product teams owning containerized microservices. This puts developers on call, responsible for pushing code to production, fixing it when it breaks, and managing the cost and security aspects of running their microservices. In this world operations skill-sets are either embedded in the microservices development teams, or building and operating API driven platforms. The platform automates stress testing, canary based deployment, penetration testing and enforces availability and security requirements. There are no meetings or tickets to file in the delivery process for updating a containerized microservice, which can happen many times a day, and takes seconds to complete. The role of site reliability engineering moves from firefighting and fixing outages to buiding tools for finding problems and routing those problems to the right developers. SREs manage the incident lifecycle for customer visible problems, and measure and publish availability metrics. This may sound futuristic but Werner Vogels described this as “You build it, you run it” in 2006.
The state of containers for your DevOps journeyAgile Montréal
Containers, Containers, Containers! We are hearing about Containers everywhere, what are their key concepts? Why could they simplify your DevOps journey? What are the tools to help you with Containers and orchestratethem? What’s the road ahead with Containers? Let’s talk about that! Through this presentation you will see also how the Cloud and the Open Source tools and communities are driving this Containers adoption. This presentation will be illustrated by demonstrations.
Mathieu Benoit
Software application development and delivery often involves multiple development, infrastructure and operations teams, each with their own preferred “tools of the trade” for building, testing and deploying code changes
For years, virtualization and cloud technologies have provided agile, on-demand infrastructure. The advent of Microservices promises even more agility– but what is required to take advantage of Microservices?
Join Electric Cloud CTO Anders Wallgren and Trace3 Principal Consultant - DevOps Marc Hornbeek as they discuss what is required to:
- Overcome culture and architecture challenges created when decomposing monolithic applications into Microservices-based applications.
- Coordinate integration, testing, monitoring, packaging, release approval and deployment of Microservices-based applications over elastic infrastructures
- Create a controlled and auditable delivery pipeline to support
Microservices-based application.
- Prepare for “future” applications, pipelines and patterns.
There are options beyond a straight forward lift and shift into Infrastructure as a Service. This session is about learning about how Azure helps modernize applications faster utilising modern technologies like PaaS, containers and serverless
An introduction to the devsecops webinar will be presented by me at 10.30am EST on 29th July,2018. It's a session focussed on high level overview of devsecops which will be followed by intermediate and advanced level sessions in future.
Agenda:
-DevSecOps Introduction
-Key Challenges, Recommendations
-DevSecOps Analysis
-DevSecOps Core Practices
-DevSecOps pipeline for Application & Infrastructure Security
-DevSecOps Security Tools Selection Tips
-DevSecOps Implementation Strategy
-DevSecOps Final Checklist
Operationalize the network to affect positive cultural change across IT silos to accelerate time to market because the second place is the first loser in an application world.
In medicine - an MRI can quickly reveal a hidden ailment and actionable insight to get better. For IT and business leaders whose key concern with the mainframe is the platform costs and lean operations - the CA Mainframe Resource Intelligene reveals multiple sources of hidden mainframe costs and operational inefficiencies along with actionable recommendations. This is the only offering in the market that combines economic consulting services with proprietary utilities and automation technologies. View this SlideShare to understand the solution – how services, best practices and mainframe expertise of 40+ years from CA comes together to solve the CIO and CFO’s biggest challenge.
Call your account director or mainframe specialist.: https://www.ca.com/us/contact/mainframe-economic-consultant.html
The adoption of DevOps practices and tools for mainframe-native and cross-platform apps is gaining traction.
This session will present findings from a recent IDC study on the current state with a close examination of where leaders are finding the most value. Learn about the exciting trends with IDC Research Vice President Mary Johnston Turner and Sujay Solomon, Broadcom’s Chief Z DevOps Advocate. This session is a must for both Mainframe leaders and DevOps champions.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Micro Focus Software Delivery and Testing Jan De Coster Presentation on the Journey to DevOps in the recent Micro Focus #DevDay Copenhagen.
Micro Focus enables enterprise software organizations to build innovative software and accelerate application delivery to meet the needs of the business. Whatever the challenges and infrastructures, our core principle—of reusing what already works to minimize business risk while supporting modern software practices—has positioned our customers to be better prepared to support the digital transformation of the business.
Build, test and deliver innovative software faster with less risk.
April 2017.
Microservices architectures are changing the way that organizations build their applications and infrastructure. Companies can now achieve new levels of scale and efficiency by disaggregating their large, monolithic applications into small, independent “micro services”, each of which perform different functions. In this session, we’ll introduce the concept of microservices, help you evaluate whether your organization is ready for microservices, and discuss methods for implementing these architectures. We’ll also cover topics such as using API gateways, enabling self-service infrastructure provisioning, and ways to manage your microservices.
Businesses are speeding up development and automating operations to remain competitive and to get large organizations to scale. Project based monolithic application updates are replaced by product teams owning containerized microservices. This puts developers on call, responsible for pushing code to production, fixing it when it breaks, and managing the cost and security aspects of running their microservices. In this world operations skill-sets are either embedded in the microservices development teams, or building and operating API driven platforms. The platform automates stress testing, canary based deployment, penetration testing and enforces availability and security requirements. There are no meetings or tickets to file in the delivery process for updating a containerized microservice, which can happen many times a day, and takes seconds to complete. The role of site reliability engineering moves from firefighting and fixing outages to buiding tools for finding problems and routing those problems to the right developers. SREs manage the incident lifecycle for customer visible problems, and measure and publish availability metrics. This may sound futuristic but Werner Vogels described this as “You build it, you run it” in 2006.
The state of containers for your DevOps journeyAgile Montréal
Containers, Containers, Containers! We are hearing about Containers everywhere, what are their key concepts? Why could they simplify your DevOps journey? What are the tools to help you with Containers and orchestratethem? What’s the road ahead with Containers? Let’s talk about that! Through this presentation you will see also how the Cloud and the Open Source tools and communities are driving this Containers adoption. This presentation will be illustrated by demonstrations.
Mathieu Benoit
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...Ian Choi
- Title: Innovation with open sources and app modernization for developers
- Event: OpenInfra Days Vietnam 2019 (URL: https://2019.vietopeninfra.org )
- Presenter: Ian Choi
All you need for Containerized application in Microsoft AzureEvgeny Rudinsky
In this presentation you will see list of available services from Azure for containerized application. There are some samples of how to get started with them. NB! This is not complete list of container's offerings in Microsoft! Check portal.azure.com!
How Symantec Cloud Workload Protection Secures LifeLock on AWS PPTAmazon Web Services
When LifeLock decided to migrate their workloads to Amazon Web Services (AWS) from their on-premises data center, they were concerned that traditional security technology and processes would not transfer to the cloud. They turned to Symantec and deployed Cloud Workload Protection (CWP) to secure both their corporate and customer data, as well as their intellectual property, in part because CWP’s cloud-native design enabled seamless integration with their DevOps workflows and AWS infrastructure.
How Symantec Cloud Workload Protection Secures LifeLock on AWSAmazon Web Services
Join this webinar to learn:
- Automatic discovery, visibility, and protection of workloads on AWS
- How DevOps can build security directly into service deployment workflows
- How to protect hybrid cloud workloads from a single console
Continuous Integration and Deployment Best Practices on AWSAmazon Web Services
With AWS, organizations now have the ability to develop and run their applications with speed and flexibility like never before. Working with an infrastructure that can be 100% API-driven enables organizations to use lean methodologies and realize these benefits. In this session, we will explore some key concepts and design patterns for continuous deployment and continuous integration, two elements of lean application and infrastructure development. We will look at several use cases where IT organizations leveraged AWS to rapidly develop and iterate on applications for scale, high availability and cost optimization.
Speaker: Adrian White, Solutions Architect, Amazon Web Services
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Iolaire Mckinnon, Senior Consultant - Security, Risk & Compliance, Professional Services, AWS
Slides (in English, only the first one in Italian) from my session at .NET Conf 2020 (https://dotnetconf.it/) about Kubernetes (AKS) versus Azure App Service for .NET Developers
Managing Your Application Lifecycle on AWS: Continuous Integration and Deploy...Amazon Web Services
In this session you’ll learn best practices for managing your application lifecycle with these tools with a particular focus on development speed and release agility. Through interactive demonstrations, this session shows you how to get an application running using AWS Elastic Beanstalk, CloudFormation and CodeDeploy. You will also see how advanced techniques such as blue/green deployment, AMI baking, customer resources and in-place deployment reduce deployment friction and rapid change in your environment.
AWS January 2016 Webinar Series - Introduction to Deploying Applications on AWSAmazon Web Services
Based on your specific needs and the nature of your application, AWS offers a variety of services for getting your application up and running. You may want to launch and scale a web application or you may want to host a microservices application using Docker containers. How do you decide which service to use and when?
In this webinar, we will provide an overview of the AWS services that help simplify launching and running your application in the cloud. We will discuss the strengths of each service and provide a framework for understanding when to use them.
Learning Objectives:
Understand the primary services for deploying your application on AWS
Learn the basics of AWS Elastic Beanstalk, AWS CodeDeploy, and Amazon EC2 Container Service
Gain an understanding of the strengths of each service and when to use them
Who Should Attend:
Developers, DevOps Engineers, IT Professionals
During the session we will describe common methods used to create a Hybrid Cloud with AWS. We step through successful operational models, how to get started, and tools to simplify operations. We will explore topics such as networking, directories, DNS, and security. Importantly, we will cover ongoing operational and management practices.
Speaker: Phil Barlow, Solutions Architect, Amazon Web Services
Featured Customer - AMP
The Carrier DevOps Trend (Presented to Okinawa Open Days Conference)Alex Henthorn-Iwane
Telecom carriers are adopting DevOps practices to complement new SDN and NFV network architectures. This presentation to the Okinawa Open Days 2014 conference talks about why this is so, how carriers are going about it, and some best practices.
Modernizing on IBM Z Made Easier With Open Source SoftwareDevOps.com
In the past decade, IDC has seen IBM Z evolve first from a siloed platform to what they call a "connected" platform, and then to a "transformative" platform. This transition has been driven by IBM, by the IBM Z software vendors, like Rocket Software, and by businesses themselves.
IDC research shows that businesses that choose to modernize IBM Z achieve higher satisfaction than re-platformers and many are using open source software (OSS) in their modernization initiatives. Employing OSS makes it possible to crack the platform open and enable it to connect to the rest of the datacenter and the outside world. Join IDC guest speaker, Al Gillen and Peter Fandel as they take a deeper look at the value proposition associated with using commercially supported OSS in mission-critical environments, like IBM Z. In this webinar we’ll discuss:
How OSS can neutralize the disparity between seasoned IBM Z and emerging developers
The modernization initiatives that involve OSS
What to consider before bringing OSS to IBM Z
How Rocket Software is delivering commercially supported OSS to IBM Z
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
With the growing adoption of Kubernetes, organizations want to take advantage of containerized Microsoft SQL Server 2019 to optimize transactional performance and accelerate time-to-insights from their business-critical data. However, as enterprises embrace hybrid cloud strategy, they need to consider several aspects based on the performance, cost and data protection requirements for running enterprise-grade SQL Server databases.
In this webinar, we will compare and contrast various cloud-native platforms for SQL Server that would help CIOs, DevOps engineers, database administrators and applications architects to determine the most suitable platform that fits their business needs.
Join us as we explore some exciting results from a recent performance benchmark study conducted by McKnight Consulting Group, an independent consulting firm, to compare the performance of Microsoft SQL Server 2019 on the best possible configurations of the following Kubernetes platforms:
Diamanti Enterprise Kubernetes Platform
Amazon Web Services Elastic Kubernetes Service (AWS EKS)
Azure Kubernetes Service (AKS)
Topics will include:
Platform considerations and requirements for running Microsoft SQL Server 2019
Performance comparison and analysis of running SQL Server on various platform
Best practices for running containerized SQL Server databases in Kubernetes environment
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...DevOps.com
With the growing adoption of Kubernetes, organizations want to take advantage of containerized Microsoft SQL Server 2019 to optimize transactional performance and accelerate time-to-insights from their business-critical data. However, as enterprises embrace hybrid cloud strategy, they need to consider several aspects based on the performance, cost and data protection requirements for running enterprise-grade SQL Server databases.
In this webinar, we will compare and contrast various cloud-native platforms for SQL Server that would help CIOs, DevOps engineers, database administrators and applications architects to determine the most suitable platform that fits their business needs.
Join us as we explore some exciting results from a recent performance benchmark study conducted by McKnight Consulting Group, an independent consulting firm, to compare the performance of Microsoft SQL Server 2019 on the best possible configurations of the following Kubernetes platforms:
Diamanti Enterprise Kubernetes Platform
Amazon Web Services Elastic Kubernetes Service (AWS EKS)
Azure Kubernetes Service (AKS)
Topics will include:
Platform considerations and requirements for running Microsoft SQL Server 2019
Performance comparison and analysis of running SQL Server on various platform
Best practices for running containerized SQL Server databases in Kubernetes environment
Next Generation Vulnerability Assessment Using Datadog and SnykDevOps.com
Vulnerability assessment for teams can often be overwhelming. The dependency graph could be thousands of packages depending on the application. Triaging vulnerability data and prioritizing actions has historically been a very manual process, until now. With Datadog and Snyk, learn how to trace security and performance issues by leveraging continuous profiling capabilities for actionable insight that help developers remediate problems.
Join us on Thursday, January 21 for a unique opportunity to learn more about continuous profiling, vulnerability management, and the benefit to customers from using both of these products. In this webinar, you will:
Bust some myths around continuous profiling and learn how Datadog differentiates itself
See decorated traces in action for sample Java applications and understand how Snyk + Datadog reduce time to triage supply chain vulnerabilities
Learn roadmap information for upcoming public announcements from both partners
In the era of cloud generation, the constant activity around workloads and containers create more vulnerabilities than an organization can keep up with. Using legacy security vendors doesn't set you up for success in the cloud. You’re likely spending undue hours chasing, triaging and patching a countless stream of cloud vulnerabilities with little prioritization.
Join us for this live webinar as we detail how to streamline host and container vulnerability workflows for your software teams wanting to build fast in the cloud. We'll be covering how to:
Get visibility into active packages and associated vulnerabilities
Reduce false positives by 98%
Reduce investigation time by 30%
Spot a legacy vendor looking to do some cloud washing
2021 Open Source Governance: Top Ten Trends and PredictionsDevOps.com
If you work in software development, jumpstart your engineering team in 2021—get ahead of the engineering curve and your competitors—by attending this must-watch open source trends and predictions webinar.
Alex Rybak, Director of Product Management at Revenera, and Russ Eling, founder and CEO of OSS Engineering Consultants, share their top 10 open source usage, license compliance and security insights for the new year.
Just a few hints at what you’ll learn more about:
Where the adoption of shift-left is headed and the decisions you’ll face going forward
The impact of a lack of software developer security training relative to pandemic fallout
The broader role of the engineering team in open source management and governance
The expanding role and impact of open source marketplaces such as GitHub
Don’t miss the discussion for valuable insight and learning for software engineering teams
2020 was a brutal year for ransomware. Cybercriminals operated without any human decency, targeting the most vulnerable and at-risk parties, such as hospitals, scientists, and global manufacturers. The approach has become more sophisticated and life-threatening, shifting from individual targets to global enterprises, destroying backups, blackmailing victims with public leakage of exfiltrated data, and paralyzing critical systems and infrastructure.
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
As containers and Kubernetes are adopted in production, security is a critical concern and DevOps teams need to go beyond image scanning. Use cases such as runtime security, network visibility and segmentation, incident response and compliance become priorities as your Kubernetes security framework matures.
In this talk, we’ll share an overview of runtime security, discuss approaches used by open source and commercial tools, and hear how users are getting started quickly without impacting developer productivity.
In any fast-paced engineering environment, unexpected incidents can arise and escalate without warning. Without strong leadership within teams, you get chaotic, stressful, and tiring situations that waste valuable engineering time, slow down resolution, and most importantly, impact your customers.
Operationally mature organisations use proven incident response systems led by Incident Commanders. Incident Commanders provide the leadership needed to help stabilize major incidents fast.
In this webinar, we’ll take lessons learned from formalized incident response, such as those used by first responders, and show you how to apply those same practices to your organization. By utilising these methods you’ll improve both the speed and effectiveness of your team’s response, reducing the amount of downtime experienced.
In this workshop, attendees will:
Be introduced to the Incident Command System and learn how it can be adapted to their organisation
Walk through the basics of incident response best practices
Discuss examples of formal incident response from multiple organisations
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureDevOps.com
Chaos engineering is becoming a critical part of the DevOps toolchain when adopting Site Reliability Engineering (SRE) practices. Every system is becoming a distributed system and chaos engineering proclaims many advantages for them.
It improves infrastructure automation, increases reliability and transforms incident management. However, an often-overlooked benefit of chaos engineering and SRE involves culture transformation. Culture is often touched upon when talking about chaos engineering and SRE but not as often as skills and process.
In this webinar, we will discuss how you can build out a chaos engineering practice and how you can adopt a true blameless culture and maximize the potential of your team.
You will learn how to:
Hold blameless postmortems
Share post mortems with other teams
Run regular fire drills and game days
Automate chaos experiments for continuous validation
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportDevOps.com
Enterprises are best served by leveraging an RBAC system to manage access to their SSH and Kubernetes resources. With Teleport, an open source software, employers are able to provide granular access controls to developers based on the access they need and when they need it. This makes it possible for employers to maintain secure access without getting in the way of their developers’ daily operations.
Join Steven Martin, solution engineer at Teleport, as he demonstrates how to assign access to developers and SRE’s across environments with Teleport through roles mapped from enterprises’ identity providers or SSOs.
Monitoring Serverless Applications with DatadogDevOps.com
Join Datadog for a webinar on monitoring serverless applications with AWS Lambda. You'll learn how to get the most of Datadog's platform, as well ask the following key takeaways:
Learn how to set up a Twitter bot that makes API calls with Node.js
Deploying Serverless Applications
What does observability look like with less infrastructure?
Deliver your App Anywhere … Publicly or PrivatelyDevOps.com
Developers are increasingly adopting a microservices approach for their apps in order to gain rapid iteration capabilities required for delivering new services faster. However, delivering the App still requires multiple steps such as allocation of virtual IPs, provisioning the front load balancer, configuring firewall rules, configuring a public domain, and DDOS. At present, each of these steps requires coordination across multiple teams with multiple iterations per team. The time efficiencies gained by adopting microservices and cloud-native technologies is negated due to the time taken to deliver the App.
In this session, Pranav Dharwadkar, VP of products at Volterra, and Jakub Pavlik, director of engineering, will help you understand these challenges and introduce a distributed proxy architecture that can alleviate the challenges across different cloud environments. This webinar will include a live demo using a distributed proxy architecture to advertise an App publicly and privately.
In this webinar, you will learn:
The steps required to deliver an App using the current approaches
How a distributed proxy architecture can be used to deliver the app publicly and privately
The operational benefits of a distributed proxy architecture for delivering new services
Securing medical apps in the age of covid finalDevOps.com
The COVID-19 pandemic has drastically altered the connected healthcare landscape, accelerating the usage of telemedicine and other remote healthcare delivery systems by as much as 11,000% for some populations. How has this unprecedented push affected healthcare and medical device application security? The security team at Intertrust recently analyzed 100 Android and iOS medical apps to find out.
In this webinar, we'll discuss:
Medical application and device threat trends
The top mHealth security vulnerabilities uncovered in our analysis
Strategies to keep your mHealth apps safe
Future advances in digital healthcare and how your security can evolve with it
Raise your hand if you enjoy being buried in alerts or woken up at 2 a.m. — yeah … thought so. Ever-rising customer expectations around high availability and performance put massive pressure on the teams who develop and support SaaS products. And teams are literally losing sleep over it. Until outages and other incidents are a thing of the past, organizations need to invest in a way of dealing with them that won’t lead to burn-out.
In this session, you’ll learn how to combine the latest tooling with DevOps practices in the pursuit of a sustainable incident response workflow. It’s all about transparency, actionable alerts, resilience and learning from each incident.
The Evolving Role of the Developer in 2021DevOps.com
The role of the developer continues to change as they sit on the front line of application and even cloud infrastructure security. Today, developers are focused on innovating fast and improving security, but how do high-performing teams accomplish this? They commit code frequently, release often and update dependencies regularly (608x faster than others).
In this webinar, we'll discuss the key traits of high-performing teams and how that impacts the role of the developer.
Key Takeaways:
Choose the best third party dependencies
Determine the lowest effort upgrades between open source versions
Solve for issues in both direct and transitive dependencies with a single-click
Block and quarantine suspicious open source components
Service Mesh: Two Big Words But Do You Need It?DevOps.com
Today, one of the big concepts buzzing in the app development world is service mesh. A service mesh is a configurable infrastructure layer for microservices application that makes communication flexible, reliable and fast. Let’s take a step back, though, and answer this question: Do you need a service mesh?
Join this webinar to learn:
What a service mesh is; when and why you need it — or when and why you may not
App modernization journey and traffic management approaches for microservices-based apps
How to make an informed decision based on cost and complexity before adopting service mesh
Learn about NGINX Service Mesh in a live demo, and how it provides the best service mesh option for container-based L7 traffic management
Secure Data Sharing in OpenShift EnvironmentsDevOps.com
Red Hat OpenShift is enabling quicker adoption of DevOps practices. Containers are an essential component of DevOps and the OpenShift Kubernetes Container Platform is integral for orchestration within these environments. Data security is now challenged to keep pace with the size and scope of container usage. The migration from legacy in-house deployments to hybrid-cloud installations has created new attack surfaces as data is shared more freely in Kubernetes deployments.
Protecting data at rest and in motions is a necessity. Learn how you can keep data protected and securely share data in OpenShift environments with real-time data protection solutions.
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...DevOps.com
Managing access permissions in the public cloud can be a very complex process. In fact, by 2023, 75% of cloud security failures will result from the inadequate management of identities, access and privileges, according to Gartner.
Join us as Guy Flechter, CISO of AppsFlyer, presents a real-world case of how his company works to enforce least-privilege and to govern identities in their cloud. This webinar will also provide an overview of how to govern access and achieve least privilege by analyzing the access permissions and activity in your public cloud environment. With thousands of human and machine identities, roles, policies and entitlements, this webinar will give you the tools to examine the access open to people and services in your public cloud, and determine whether that access is necessary.
In this workshop, you will learn about:
The risks of IAM misconfiguration and excessive entitlements in cloud environments
The challenges in identifying and mitigating Identity and access risks for both human and machine identities
How to automate cloud identity governance and entitlement management with Ermetic
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...DevOps.com
Open-source machine learning can be transformative, but without the proper tools in place, enterprises struggle to balance the IT security and governance requirements with the need to deliver these powerpoint tools into the hands of their developers and modelers.
How can organizations get the latest technology from the open-source brain trust, while ensuring enterprise-grade management and security? In this webinar, we will discuss how Anaconda Team Edition, available on RedHat Marketplace, enables IT departments to mirror a curated set of packages into their organization in a safe and governed way.
Join Michael Grant, VP of services at Anaconda, to discuss:
How IT organizations are using Anaconda Team Edition to curate, govern and secure Python and R packages
Tips for how development and data science teams can get the most out of Team Edition, from uploading your own packages to building custom channels for groups or projects
How to distribute conda environments to desktops, servers and clusters:
GUI-based installers for desktop users
“Conda packs” for automated delivery to remote servers and distributed computing clusters
Conda-enabled Docker containers for application deployment
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. Quali
Digital transformation is changing the world
The digital transformation bottleneck is environments
What is an “environment”?
Environments in DevOps
The benefits of EaaS approach
Resident
DevOps Goals
Using CloudShell Colony and AWS to scale DevOps – Solution
Drill Down
Results
Vision
AWS
Kubernetes on AWS with Amazon EKS
Conclusion
Q&A
4. The Digital Transformation Bottleneck is Environments
Approval requests
Stakeholders
Responsible for Infrastructure
Shadow IT
Waiting for
infrastructure kills
innovation
Bottleneck for innovation
Uncontrolled Direct
access to
infrastructure
5. Responsible for
cloud cost,
security and
compliance
DevOps Environment Challenges
Using environments
for development,
testing, support, Ops
• How can I offer self-service?
• How can I scale DevOps when I
integrate open source tools in the
broader toolchain?
• How can I make it easier to maintain
and troubleshoot environments?
Responsible to
provide environments
for DevOps
• How can I get environments fast?
• How can I do my job without
environments being a bottleneck?
• How can I get environments without
being responsible for cloud spend
or security?
• How can we benefit from the power and
flexibility of the cloud without losing
control?
• How can I manage environment cost?
• How can we avoid environment
security and compliance blind spots?
Innovate At Scale Under Control
6. Logging & Monitoring
Data/Service Virtualization
Applications Dev/Test/Sec Tools
Infrastructure
An environment is not about any single technology.
It’s about a business need
Environments Fuel Innovation
All the components you need to get a job done
7. Environments for DevOps
CI/CD
Dev Functional tests ProductionPerformance tests Dynamic security Staging
Source ControlArtifact Repository
Chaos monkey
Consume environments throughout the
value stream
Keep blueprints in your source
control tool
Get application artifacts from
your artifact repository
Integrate with Infrastructure as
Code tools
Infrastructure as Code
8. After
Before
Waiting for
infrastructure kills
innovation
Enabler for innovation
Business is no
longer constrained
by infrastructure
Digital Transformation
Stakeholders Policies and access Control
Blueprints
Approval requests
Stakeholders
Responsible for Infrastructure
Shadow IT
Bottleneck for innovation
Uncontrolled Direct
access to
infrastructure
Responsible for Infrastructure
9. Benefits of Environment as a Service
SERVE A
BUSINESS NEED
an environment
represents a business
need, abstracted from the
technology
SCALE
standardize and re-use
automation across the
value stream
CONTROL
automated cost control,
security and compliance
DRIVE BUSINESS
INSIGHTS
connect infrastructure
consumption data with
business need
10. Environment as a Service with CloudShell Colony
Sign Up
Create an account in
CloudShell Colony and
connect your
cloud-provider
1
Blueprint
Blueprint your
environment
2 Environments at
scale™
Launch environments from a self- service UI
or from the CI/CD pipeline with
Out-of-Box plugins.
All the way from development to production
3
11. Let’s see how Resident turned
this vision into reality with
CloudShell Colony on AWS cloud
Pavel Eliav, Head of DevOps
Resident
12. Introduction to Resident
Resident is an innovative retail ISV managing over 10 online brands
Resident is a house of direct-to-consumer brands in the home
goods space. The company owns and operates multiple brands
catering to different consumer furnishing needs including Nectar
and DreamCloud.
The company is headquartered in San Francisco with a
dedicated New York City office and an R&D facility in Tel
Aviv. Yet, at the heart of the company is the belief in
building a team using the best talent possible, no matter
where they reside. From 15 cities across 5 countries,
Resident also has a diversified virtual workforce of more
than 200 employees.
https://www.residenthome.com
13. Resident’s DevOps Goals
• Support fast growth with multiple globally distributed teams
• Avoid developers sharing static integration and staging environments >
remove bottlenecks and conflicts
• Make it possible to provide fast feedback on new features
• Cut time spent on ongoing environment maintenance and
troubleshooting activity
• Control and secure infrastructure access
• Accurately track AWS usage
14. The Resident Solution
On-Demand Secure Environments throughout the release pipeline.
ProductionQA Staging
Source Control Artifact RepositoryCloud Provider Pipeline
Used for:
Feature Development,
Integration Tests (CI)
https://www.nectarsleep.com/
ChatOps Bot
Used for:
Product Review
Last mile Validation
Security tests
https://www.dreamcloudsleep.com/
https://www.bundleliving.com/
https://www.wovenlyrugs.com/
… and more
Development
Used for:
Manual QA Tests
15. Use Case Drill Down – Self Service Environments
1 2
Environment Ready!
16. Results - Innovating Faster
Self Service in under 5 minutes
Global teams get access to secure https environments
using a self-service slack bot
No Static Environments
Remove conflicts and bottlenecks
100% Role Based Access Control
Access control to cloud accounts
Increased Development Speed
Dynamic environments make it possible to immediately
test new features, Develop more features in parallel.
Visibility on Cloud Utilization
Environments are tagged automatically and tracked.
Scale
Easy to manage standardized environments
17. The Vision
Adopting Containers & Kubernetes
• Launch environments on Amazon EKS Kubernetes Service.
• Migrate existing assets
• Overcome technical & cultural challenges with CloudShell Colony
18. Kubernetes on AWS
with Amazon EKS
Kevin Wall, Partner Solutions Architect
AWS Partner Network
19. • Create a culture of innovation by organizing into small DevOps teams
• Continually evaluate your security posture by automating security
• Componentize applications using microservices
• Update applications & infrastructure quickly by automating CI/CD
• Standardize and automate operations by modeling infrastructure as code
• Simplify infrastructure management with serverless technologies
• Improve application performance by increasing observability
AWS best practices for building modern applications
21. AWS Container Services Landscape
Management
Deployment, Scheduling,
Scaling & Management of
containerized applications
Hosting
Where the containers run
Amazon Elastic
Container Service
Amazon Elastic
Kubernetes
Service
Amazon EC2 AWS Fargate
Image Registry
Container Image Repository
Amazon Elastic
Container Registry
22. Balancing flexibility and simplicity:
Workload-by-workload
Flexibility focused
Low level of opinion
Low level of abstraction
Focus on infrastructure
and configuration
Installing, configuring, and managing
managing my compute environment is
environment is critical to achieving my
achieving my goals
Value simplicity
High level of opinion
High level of abstraction
Focus only on app
and primitive
Having a standardized and
on-demand compute environment
is critical to achieving my goals
28. Amazon EKS
Worker VPC (your account)
Kubectl
Master VPC (AWS account)
etcd
AZ 1
API Server
etcd
API Server
prod-cluster-123.eks.amazonaws.com
EKS-owned ENI
Kubelet
AZ 1
Worker
node
EKS-owned ENI
Kubelet
AZ 2
Worker
node
AZ 2
Kube-proxy Kube-proxy
30. AWS Identity and Access Management
(IAM) Authentication
Kubectl
3) Authorizes AWS identity with RBAC
K8s API
1) Passes AWS identity
2) Verifies AWS identity
4) K8s action
allowed/denied
31. Container Storage Interface (CSI)
A flexible standard for orchestration
and storage provider connections
We support the CSI standard through following drivers:
Amazon Elastic Block Store: Amazon EBS CSI Driver
Amazon Elastic File System: Amazon EFS CSI Driver
Amazon FSx for Lustre: Amazon FSx CSI Driver
32. • Amazon EKS-Optimized AMI
• Standard EC2 compute instance types
• P2 and P3 accelerated instances
• i3 bare metal
• Spot Instances
Worker Node Instance Flexibility
34. Continuous Deployment Cycle
Code
Repository
Code Pipeline Execution New Image Generated Trigger Deployment
1 2 4
3 5
6
1
Developers continuously integrate
changes into a main branch hosted
within a repo
2
Triggers an execution of the pipeline
when a new version is found, builds
a new image with build id
3
Pushes the newly built image
tagged with build id to container repo
4
Trigger application deployment
5
Update Kubernetes deployment
6
Fetches new container image
and performs a rolling update
of deployment
Developer
Container Repo
Environment can be a lot of different components, because it’s not about technology. Today you can have VMs or containers or switches or firewalls in your environment, and tomorrow there may be some other thing – but you will still need an environment. For testing, for development, for production, for demos and PoCs
Teams get access to secure https environments using a self-service slack bot in under 5 minutes
Transition from static to dynamic environments – optimizing cloud consumption and increasing development speed
Testing on production-like environments
Environments standardized and easy to manage
Cloud Account Access control
All cloud infrastructure is automatically and consistently tagged