The knights in the Agile Kingdom faced challenges sizing epics due to their variable size, complexity, and uncertainty. They developed two recipes - the Blue Recipe which involved planning poker and multiplication, and the Green Recipe which broke down an epic into user stories first. However, neither scale worked well for very large epics. They adapted by using a recently sized existing epic as a benchmark and rescaling. This allowed them to estimate the sizes of three sample epics as 5, 8, and 20 epic points, providing high-level sizing while addressing the issues of comparing variable epics.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
6. Once upon a time…
The Agile Kingdom
Product Owner
Vision of Ice and Fire
Vision
Requirements
User Stories
7. The whole kingdom…sizes user stories
The Agile Kingdom
0 1/2 1 2 3 5
8 13 20 40 100 ?
Product
Backlog
1
3
3
2
3
5
Big user story
Big user story
Small USSmall US
Small
US
Scrum
Team
smallsmall sml
8. Years went by…
The Agile Kingdom
Pricing model Price / story points
0 1/2 1 2 3 5 8 13 20 40 100 ?
equals
12. The brave knights…challenges
The Quest
‘We need to compare in order to size and we don’t have enough epics
to compare to’
0 1/2 1 2 3 5
8 13 20 40 100 ?
‘They come in different shapes and formats – some more rich in
content than others’
‘We can’t spend too much time deep-diving’
‘Not a flexible scale in Planning Poker’
13. The brave knights…challenges
The Quest
‘Proportion of Uncertainty is bigger in epics than in user stories’
Epics
Volume
Complexity
Uncertainty
User stories
Volume
Complexity
Uncertainty
14. The brave knights…recipes
The Quest
Blue Recipe
1. Take epics
2. Do planning poker
3, 5, 3, 2, 8, 13
3. Multiply by scale (10)
30, 50, 30, 20, 80, 130
4. Do one Epic (breakdown and
implement)
30 -> 25
5. Adjust size for everything else
25, 42, 25, 17, 67, 108
Green Recipe
1. Take epics
2. Choose one epic and breakdown
into user stories
3. Size the user stories and sum it up
1, 3, 5, 8, 13 = 30 SP
4. Divide by scale and make it
Reference Epic
÷ 10 -> 3
5. Do Planning Poker
3, 5, 2, 3, 8, 1
6. Multiply by scale
30, 50, 20, 30, 80, 10
16. And the epics considered…
The Quest
The Dragon
‘As a king I want to have a dragon so that I could win battles and conquer
cities.’
The Dire wolf
‘As a king I want to have a dire wolf so that I can protect myself against the
enemies.’
The Wall
‘As a king I want to have the Wall so that it will protect the
kingdom against the White Walkers.’
17. Questions set
The Quest
1. User new data capturing? A: Yes/No
2. UI changes to existing screens? A: Yes/No
3. Integration with third parties? A: Yes/No
4. Data migration? A: Yes/No
5. Does it affect internal processes? A: Yes/No
6. Change the database structure? A: Yes/No
7. Is it a re-usable configurable component? A: Yes/No
8. Specific behavior for transactions? A: Yes/No
9. Special performance considerations? A: Yes/No
10.Does it affect common functionality? A: Yes/No
11. Any product specific variations? A: Yes/No
18. The gathering…sizing epics
The Quest
The Dragon Benchmark 5 points
The Dire Wolf
The Wall
Size 5 points by comparison to The Dragon
Struggle 13 or 20 points by comparison to
The Dragon
There is a problem!! Too BIG for the scale!!
19. The gathering…
The Quest
Inspect
The previous scale and benchmark were too small and needed
adjustment
Adapt
The Wall 20 pointsRe-benchmark
The Dragon 8 pointsResize
The Dire Wolf still 5 pointsResize
Therefore the new scale and benchmark
21. Turn it into story points…
The happy ending?
Blue Recipe
1. Take epics
2. Do planning poker
3. Multiply by scale
What scale? What is the multiplier?
? 4. Do one Epic (breakdown and implement)
5. Adjust size for everything else
No time
Inspect
22. Turn it into story points…
The happy ending?
Existing backlog epic – The Three-eyed crow
“As a king I want to have a three-eyed crow so that I can have power over
nature and prophetic visions.”
The Three-eyed crow Size Trying to introduce Uncertainty
Adapt
3. Choose an epic from the backlog already broken down into
recently sized user stories and on the same scale
23. Final estimates…
The happy ending?
The Three-eyed crow = 5 epic points
The Three-eyed crow in the
backlog
30 Story points multiplier of 6
The Dire Wolf = 5 epic points ~ 30 Story points
The Dragon = 8 epic points ~ 48 Story points
The Wall = 20 epic points ~ 120 Story points
~
24. In the end…
Business owners
Product Owner Scrum Team
The Happy Ending?
visibility
better release planning
25. And they continued to live happily…
…well…not ever after because each day
came with a new quest for the brave knights
in their so called shinning armors.
Questions
What is our reference epic?
Why not use Epic Points?
Why not use greater Fibonacci numbers?
…
Where can we get epics to use as comparison?
Why can’t old epics be used? – already implemented
When committing to a budget it is more difficult as that is not easily re-adjustable
When used in Release Planning it’s easier as it is continuously re-adjusting
When to use
Innovating on the two approaches and created a 3rd
How to choose an epic from the backlog to compare?
Recently sized
On the same scale
Broken down into sized User Stories