The Atlassian Bug Bounty Program
•
2 likes•9,267 views
Bug bounty programs are quickly becoming a go-to way for organizations to increase application security. During these programs industry security experts are given full rein to uncover vulnerabilities and in return are rewarded for their findings. In this talk, learn how the Atlassian Security team has implemented bug bounty programs from inception, through execution, and the results thus far.
Report
Share
Report
Share
Download to read offline
Recommended
Innovation & Regulation - How Eli Lilly Customizes Atlassian to Find the Balance
Bringing new medical innovations to market can be extremely challenging when requirements and regulations are guiding you. Carl Washburn and Michael Iglesias of Eli Lilly oversee quality for digital platforms to support its therapeutic products. Each digital platform is regulated and must strictly comply with guidelines and standards for software as a medical device. In this presentation, find out how an out-of-the-box Atlassian stack can be customized to meet strict regulatory requirements.
What it Means to be a Next-Generation Managed Service Provider
- The webinar will last 60 minutes with Q&A at the end. Questions should be asked via the chat panel and participants should keep their lines muted. The webinar will be recorded.
- John Gray from Datadog, Thomas Robinson from AWS, and Patrick Hannah from CloudHesive will present on monitoring tools and strategies across cloud infrastructure and the AWS Managed Service Provider program.
- Next-generation managed service providers need comprehensive monitoring across customers' infrastructure to quickly resolve issues, improve efficiency, and provide value. Tools like Datadog allow for unified monitoring across platforms and environments.
Change Software Like a Scientist
Tests are a good baseline for defining the behavior of a program, but for complicated programs, are tests enough to ensure safe software changes? Software is mission critical and increasingly the backbone of businesses. New applications like automated driving and connected devices continue to increase the risk of changing software.
Fred Galoso, a developer on Trello's growth team, will share some of the techniques Trello uses to safely change and deploy code to millions of Trello users. Part experience report, refactoring discussion, and workshop, this talk will show how data and metrics can be used to drive changes in software. Finally, it will introduce Scientist, a Node.js library for creating and running experiments between old and new pieces of code.
How We Managed a Multi-Year, Multi-Drug Clinical Trial
Managing a clinical drug trial is an endeavor, filled with complex recording, scheduling and reporting requirements. The effort becomes more convoluted when the trial involves multiple drugs from multiple manufacturers. Though tools and methodologies are readily available for single drug trials, approaches to multi-drug trials are generally a cobbling together of tools and methodologies that may not be optimal.
Fortunately, Jira is an ideal tool for managing more complex clinical trials. We'll show how Jira was tailored to track the full path of a multi-year, multi-drug clinical trial. Leveraging Jira workflows and automation, a solution was crafted to track all stages of the trial, handle issue and schedule creation based on required protocols, and provide traceability.
SecOps - Bringing Agility into Security
Security threats are all around. Over the past year, Atlassian's Security Intelligence Team has pursued a harmonious state to balance responding to new threats while remaining agile. We call it SecOps.
SecOps is ChatOps, DevOps and SecInt - all wrapped up in one.
We’ll show you how our team has created a Security Intel hub, as well as offer a few tips and tricks using our Atlassian products to make security programs work.
Andrew Wurster, Security Intelligence Team Lead, Atlassian
DOES SFO 2016 San Francisco - Julia Wester - Predictability: No Magic Required
This document discusses predictability in workflows and queues. It begins by defining predictability and noting that predictable systems usually have reduced cycle times and variation. It then discusses how workflows can be viewed as chains of queues and how queues can impact cycle times, throughput, and motivation if allowed to grow too large. The document provides choices that can be made to influence queues, such as using push vs pull systems and prioritization methods. It also recommends monitoring queue size and cycle time ranges as leading indicators of predictability. The overall message is that managers have control over predictability by understanding and managing their queues.
Merging and Migrating: Data Portability from the Trenches
Atlassian products contain lots of data, and often there isn't just one Jira system in use. Be it moving to or from the Cloud, or between instances - merging and migrating data can be hard. Dan Hardiker from Adaptavist will share the challenges they face and solutions they've found to common data portability issues. Learn some best practices, including their standardised Export-Transform-Load approach, and uncover many hidden gremlins you may trip over along the way. After this sessions you'll be ready to fearlessly move data from one Jira instance to another!
The Four Principles of Atlassian Performance Tuning
There are typically four primary variables that influence the performance of an Atlassian application: users, application admins, add-on developers, and system administrators. Each plays a different role and its impact on performance can be profound at scale. Dan Hardiker, Chief Technical Officer at Adaptavist who's advised Fortune 500 companies on their Atlassian implementations, will share best practices and demonstrate how to use the process of "monitor, measure, mitigate" to identify key performance bottlenecks and provide data that your organization can use to optimize performance.
Dan Hardiker, CTO, Adaptavist
Recommended
Innovation & Regulation - How Eli Lilly Customizes Atlassian to Find the Balance
Bringing new medical innovations to market can be extremely challenging when requirements and regulations are guiding you. Carl Washburn and Michael Iglesias of Eli Lilly oversee quality for digital platforms to support its therapeutic products. Each digital platform is regulated and must strictly comply with guidelines and standards for software as a medical device. In this presentation, find out how an out-of-the-box Atlassian stack can be customized to meet strict regulatory requirements.
What it Means to be a Next-Generation Managed Service Provider
- The webinar will last 60 minutes with Q&A at the end. Questions should be asked via the chat panel and participants should keep their lines muted. The webinar will be recorded.
- John Gray from Datadog, Thomas Robinson from AWS, and Patrick Hannah from CloudHesive will present on monitoring tools and strategies across cloud infrastructure and the AWS Managed Service Provider program.
- Next-generation managed service providers need comprehensive monitoring across customers' infrastructure to quickly resolve issues, improve efficiency, and provide value. Tools like Datadog allow for unified monitoring across platforms and environments.
Change Software Like a Scientist
Tests are a good baseline for defining the behavior of a program, but for complicated programs, are tests enough to ensure safe software changes? Software is mission critical and increasingly the backbone of businesses. New applications like automated driving and connected devices continue to increase the risk of changing software.
Fred Galoso, a developer on Trello's growth team, will share some of the techniques Trello uses to safely change and deploy code to millions of Trello users. Part experience report, refactoring discussion, and workshop, this talk will show how data and metrics can be used to drive changes in software. Finally, it will introduce Scientist, a Node.js library for creating and running experiments between old and new pieces of code.
How We Managed a Multi-Year, Multi-Drug Clinical Trial
Managing a clinical drug trial is an endeavor, filled with complex recording, scheduling and reporting requirements. The effort becomes more convoluted when the trial involves multiple drugs from multiple manufacturers. Though tools and methodologies are readily available for single drug trials, approaches to multi-drug trials are generally a cobbling together of tools and methodologies that may not be optimal.
Fortunately, Jira is an ideal tool for managing more complex clinical trials. We'll show how Jira was tailored to track the full path of a multi-year, multi-drug clinical trial. Leveraging Jira workflows and automation, a solution was crafted to track all stages of the trial, handle issue and schedule creation based on required protocols, and provide traceability.
SecOps - Bringing Agility into Security
Security threats are all around. Over the past year, Atlassian's Security Intelligence Team has pursued a harmonious state to balance responding to new threats while remaining agile. We call it SecOps.
SecOps is ChatOps, DevOps and SecInt - all wrapped up in one.
We’ll show you how our team has created a Security Intel hub, as well as offer a few tips and tricks using our Atlassian products to make security programs work.
Andrew Wurster, Security Intelligence Team Lead, Atlassian
DOES SFO 2016 San Francisco - Julia Wester - Predictability: No Magic Required
This document discusses predictability in workflows and queues. It begins by defining predictability and noting that predictable systems usually have reduced cycle times and variation. It then discusses how workflows can be viewed as chains of queues and how queues can impact cycle times, throughput, and motivation if allowed to grow too large. The document provides choices that can be made to influence queues, such as using push vs pull systems and prioritization methods. It also recommends monitoring queue size and cycle time ranges as leading indicators of predictability. The overall message is that managers have control over predictability by understanding and managing their queues.
Merging and Migrating: Data Portability from the Trenches
Atlassian products contain lots of data, and often there isn't just one Jira system in use. Be it moving to or from the Cloud, or between instances - merging and migrating data can be hard. Dan Hardiker from Adaptavist will share the challenges they face and solutions they've found to common data portability issues. Learn some best practices, including their standardised Export-Transform-Load approach, and uncover many hidden gremlins you may trip over along the way. After this sessions you'll be ready to fearlessly move data from one Jira instance to another!
The Four Principles of Atlassian Performance Tuning
There are typically four primary variables that influence the performance of an Atlassian application: users, application admins, add-on developers, and system administrators. Each plays a different role and its impact on performance can be profound at scale. Dan Hardiker, Chief Technical Officer at Adaptavist who's advised Fortune 500 companies on their Atlassian implementations, will share best practices and demonstrate how to use the process of "monitor, measure, mitigate" to identify key performance bottlenecks and provide data that your organization can use to optimize performance.
Dan Hardiker, CTO, Adaptavist
5 Essential Techniques for Building Fault-tolerant Systems
Building add-ons for Atlassian products today means building a Connect add-on and running it as a service in your own infrastructure, or a PaaS provider’s infrastructure, or (more commonly) a set of microservices. While this has many benefits, the transition from monolithic to distributed systems brings with it additional failure modes that simply do not manifest in the world of local function calls. Join Atlassian developer Diego Berrueta for a walk-through of 5 resilience techniques that will help keep your services rock-solid in the face of unreliable, slow, or faulty systems.
Diego Berrueta, Engineering Principal, Atlassian
DOES SFO 2016 - Paula Thrasher & Kevin Stanley - Building Brilliant Teams
After an initial DevOps transformation as a company, we had to grapple with how to scale and grow the talent and workforce to build a NextGen DevOps-minded company of 18,000+ people. We have built a number of programs to expand awareness, encourage growth mindsets, and drive workforce development. We will share the different ways we are working to "Build Brilliant Teams" to drive our DevOps transformations.
The History of DevOps (and what you need to do about it)
The document discusses the history and evolution of DevOps. It traces the origins of DevOps back to 2007 when the terms "DevOps" and "Agile Infrastructure" first emerged. It then summarizes the rise in DevOps conferences and communities from 2009 onward. The document also outlines key findings that DevOps adopters see significantly faster lead times, higher deployment frequencies, better change success rates, and faster recovery times compared to non-adopters. Additionally, DevOps teams are more likely to exceed goals for profitability, market share and productivity. The document argues that organizations should focus on fast feedback loops, continuous improvement and adopting an "Improvement System" like DevOps Kaizen in order to see these benefits as a
DevOps Picc12 Management Talk
Devops Management is a topic discussed in the halls of conferences and few managers. This talk will focus on the topic of management in a highly collaborative and cooperative environment, specifically one that is rapidly growing with a focus on continuous development/deployment
Behind the Scenes of Vendor Security Reviews in the Enterprise
The document discusses vendor security reviews that companies conduct on third-party vendors. It outlines key elements of a vendor security review including questionnaires, supporting documentation requests, and penetration testing. It provides examples of each element and discusses their implementation difficulty and value. The document also offers advice on how vendors can prepare and "ace" their security reviews by being transparent, treating findings as learning opportunities, and making security a standard part of their processes.
Finding Efficiencies in Your Development Lifecycle
Many of us feel like we never have enough time to complete everything we want in a given sprint, cycle, or phase. Even though we can't add more hours to our day, we can add time by removing inefficiencies in our development lifecycle management approach. Melissa Tondi explores a number of areas that may be causing inefficiencies in our overall approach. These problem areas include acceptance criteria for requirements that are not understood, actionable, or demonstrable; unit tests that are misunderstood or non-existent; and demos that don’t actually demonstrate capability. Melissa shares practical solutions that can be implemented quickly. Share your previous inefficiencies and your solutions. Once you have a plan to reduce or eliminate the inefficiencies, you can spend more time in your overall development schedule—and effectively add more time to accomplish what you need to do.
Cultivating Content: Designing Wiki Solutions That Scale
The document discusses challenges faced by Opower, a software company, in managing knowledge as it experiences rapid growth. As Opower hires more employees and develops new products, its wiki has become overwhelmed, leading users to feel there is too much or outdated information. The speaker recommends treating the wiki like a product by identifying root causes through stakeholder interviews, metrics, usability testing, and question tracking. Initial findings revealed frustrations with credibility and accessibility of information, as well as critical needs around product limitations. Solving scaling problems requires understanding usage and pain points.
A Practical Guide to Scaling Agile
A case study and experience sharing on Agile at Scale and Scaled Agile Framework (SAFe) implementation
Herding Microservices – the Atlassian Way
Matej Konecny discusses how his team at Atlassian manages their microservices architecture. In the early days, their applications were built as WAR files running on EC2 with autoscaling and logs stored in CloudTrail, which made monitoring and incident handling difficult. They have since implemented a unified PaaS across Atlassian using Docker Compose with automated provisioning of containers and resources. This common platform enforces best practices and allows sidecars to be reused. Incident detection and communication is now automated through tools like OpsGenie, and changes are easier to track. Regular meetings cover metrics, alerts, and code health to improve oversight of services.
Improving Agility (Learning from Maersk Line's Journey) | Özlem Yüce | Agile ...
Improving Agility (Learning from Maersk Line's Journey) as presented from Özlem Yüce @ Agile Greece Summit 2016
Strategic Approach To Data Migration Project Plan
Presenting this set of slides with name Strategic Approach To Data Migration Project Plan. This is a six stage process. The stages in this process are Plan, Develop, Validate, Migrate Stage, Test. This is a completely editable PowerPoint presentation and is available for immediate download. Download now and impress your audience. https://bit.ly/3CTswep
Scrumban
Scrumban Demystified. Talk from Agile New England.
A few of the Scrumban Evolutions from Mamamoth bank from the upcoming book on Scrumban.
More excerpts can be found at facebook.com/scrumban
Learn more at scrumban.io
Do you have a case study of applying the Kanban Method in a Scrum context. We want to learn more from your experiments and results. Contact us at info@codegenesys.com
Embrace Chaos - Introducing Chaos Engineering to your Organization
This document discusses introducing chaos engineering to an organization. It describes game days, which are planned fault injection exercises where engineers imagine failure scenarios, implement protections, and then cause the failures in production to test the protections and gain confidence in the system's resiliency. An example game day at UnderArmour is described where they tested failure scenarios like services becoming unavailable or experiencing high latency. Takeaways were that they learned a lot, identified valuable action items, and experienced less alert fatigue. Next steps discussed automating fault injection and doing more frequent game days across more teams.
ACE NYC and TOR Sep 2021 Slideshare Deck
Atlassian's Point A program is developing the next generation of tools to power the future of teamwork. Join us for a deep dive into Team Central and discover all the other products in Point A (Jira Work Management, Jira Product Discovery, Halp, and more). Atlassian's Claire Maynard, Mary Raleigh, and Vivian Chau will share the virtual stage to cover these topics and answer your burning questions.
DevOps Kaizen: Practical Steps to Start & Sustain a Transformation
Damon Edwards (DTO Solutions) talk from #DOES15 on October 20, 2015 in San Francisco, CA.
Video coming soon... http://devopsenterprise.io
Site reliability engineering - Lightning Talk
A brief introduction into Site Reliability Engineering concepts of service level objects, service level indicators, and service level agreements.
Agile ITSM: New Ways of Working for High Velocity Teams
In a world of digital transformation, Agile, and DevOps, the way that IT teams work is rapidly evolving. Is your IT team still struggling to adapt to new ways of working?
In this session, we'll cover the tools, people, and best practices, to build a lean, mean, agile ITSM machine:
- Build team culture with Atlassian's Open philosophy
- How to lean into the future of "Lean and Agile ITSM"
- Integrate DevOps best practices into the way IT teams work
- Improve self-service by "shifting left," or knowledge-centric support
- Lower MTTR (mean time to resolution) by improving incident response communications and collaboration
- Improve the flow of your change control with agile ways of working
- Plus challenges and lessons learned from customers around the globe
We're bringing back this popular talk from Summit 2018 in Barcelona to provide you pragmatic thought leadership and practical approaches you and your team can actually use
Implementing kanban at scale at sandvik IT
In this talk, we present why Sandvik IT chose to use the Kanban method for continuous improvements, how it was packaged and introduced for more than 60 teams and how it is supported. We finish by looking at the results that Sandvik has gotten so far.
During the talk, we present some of the tools that we have developed for managing this implementation at scale: the Kanban Kick-start Field Guide and the Kanban assessment.
Why #DevOps Transformation has to start with you
Why #DevOps Transformation has to start with you.
You are part of your organisation's culture, and in order to change the culture you need to change yourself, first. Learn some useful ideas of personal and DevOps Transformation from the @DevOpsGuys.
The Kanban Retrospective
This document discusses how to interpret data from Kanban retrospectives to identify opportunities for optimizing workflow. It provides examples of metrics like lead time, cycle time, and work in progress that can be analyzed to address issues like bottlenecks, piles of work in specific states, outliers in work completion times, frequent blockers, the impact of unplanned work, and ensuring team well-being and sustainability. The document advocates using a structured process of planning improvements, implementing changes, measuring their impact, and adjusting as needed.
Do Agile Right - Lessons Learned from an Atlassian Product Manager - Sherif M...
Great products start with great planning. At Atlassian we take a multitude of approaches to plan our feature releases. Learn how you can take some of the practices the Confluence Product Management Team makes use of – such as product requirements, prototypes, customer interviews, and user journeys – to deliver great solutions for your customers.
Introduction to Google Developer Relations
This document provides a history of Google's Developer Relations program from 2006 to 2011. It discusses how DevRel was originally founded in the US in 2006 and has since expanded globally. Key events discussed include the launches of Android, Google Maps API, and Google I/O conference. The document outlines DevRel's mission to make Google platforms the ecosystem of choice for developers and describes the roles of Developer Advocates, Engineers, and Program Managers. It also summarizes some of the programs DevRel runs like IO, Developer Days, GTUGs, and Developer Labs.
More Related Content
What's hot
5 Essential Techniques for Building Fault-tolerant Systems
Building add-ons for Atlassian products today means building a Connect add-on and running it as a service in your own infrastructure, or a PaaS provider’s infrastructure, or (more commonly) a set of microservices. While this has many benefits, the transition from monolithic to distributed systems brings with it additional failure modes that simply do not manifest in the world of local function calls. Join Atlassian developer Diego Berrueta for a walk-through of 5 resilience techniques that will help keep your services rock-solid in the face of unreliable, slow, or faulty systems.
Diego Berrueta, Engineering Principal, Atlassian
DOES SFO 2016 - Paula Thrasher & Kevin Stanley - Building Brilliant Teams
After an initial DevOps transformation as a company, we had to grapple with how to scale and grow the talent and workforce to build a NextGen DevOps-minded company of 18,000+ people. We have built a number of programs to expand awareness, encourage growth mindsets, and drive workforce development. We will share the different ways we are working to "Build Brilliant Teams" to drive our DevOps transformations.
The History of DevOps (and what you need to do about it)
The document discusses the history and evolution of DevOps. It traces the origins of DevOps back to 2007 when the terms "DevOps" and "Agile Infrastructure" first emerged. It then summarizes the rise in DevOps conferences and communities from 2009 onward. The document also outlines key findings that DevOps adopters see significantly faster lead times, higher deployment frequencies, better change success rates, and faster recovery times compared to non-adopters. Additionally, DevOps teams are more likely to exceed goals for profitability, market share and productivity. The document argues that organizations should focus on fast feedback loops, continuous improvement and adopting an "Improvement System" like DevOps Kaizen in order to see these benefits as a
DevOps Picc12 Management Talk
Devops Management is a topic discussed in the halls of conferences and few managers. This talk will focus on the topic of management in a highly collaborative and cooperative environment, specifically one that is rapidly growing with a focus on continuous development/deployment
Behind the Scenes of Vendor Security Reviews in the Enterprise
The document discusses vendor security reviews that companies conduct on third-party vendors. It outlines key elements of a vendor security review including questionnaires, supporting documentation requests, and penetration testing. It provides examples of each element and discusses their implementation difficulty and value. The document also offers advice on how vendors can prepare and "ace" their security reviews by being transparent, treating findings as learning opportunities, and making security a standard part of their processes.
Finding Efficiencies in Your Development Lifecycle
Many of us feel like we never have enough time to complete everything we want in a given sprint, cycle, or phase. Even though we can't add more hours to our day, we can add time by removing inefficiencies in our development lifecycle management approach. Melissa Tondi explores a number of areas that may be causing inefficiencies in our overall approach. These problem areas include acceptance criteria for requirements that are not understood, actionable, or demonstrable; unit tests that are misunderstood or non-existent; and demos that don’t actually demonstrate capability. Melissa shares practical solutions that can be implemented quickly. Share your previous inefficiencies and your solutions. Once you have a plan to reduce or eliminate the inefficiencies, you can spend more time in your overall development schedule—and effectively add more time to accomplish what you need to do.
Cultivating Content: Designing Wiki Solutions That Scale
The document discusses challenges faced by Opower, a software company, in managing knowledge as it experiences rapid growth. As Opower hires more employees and develops new products, its wiki has become overwhelmed, leading users to feel there is too much or outdated information. The speaker recommends treating the wiki like a product by identifying root causes through stakeholder interviews, metrics, usability testing, and question tracking. Initial findings revealed frustrations with credibility and accessibility of information, as well as critical needs around product limitations. Solving scaling problems requires understanding usage and pain points.
A Practical Guide to Scaling Agile
A case study and experience sharing on Agile at Scale and Scaled Agile Framework (SAFe) implementation
Herding Microservices – the Atlassian Way
Matej Konecny discusses how his team at Atlassian manages their microservices architecture. In the early days, their applications were built as WAR files running on EC2 with autoscaling and logs stored in CloudTrail, which made monitoring and incident handling difficult. They have since implemented a unified PaaS across Atlassian using Docker Compose with automated provisioning of containers and resources. This common platform enforces best practices and allows sidecars to be reused. Incident detection and communication is now automated through tools like OpsGenie, and changes are easier to track. Regular meetings cover metrics, alerts, and code health to improve oversight of services.
Improving Agility (Learning from Maersk Line's Journey) | Özlem Yüce | Agile ...
Improving Agility (Learning from Maersk Line's Journey) as presented from Özlem Yüce @ Agile Greece Summit 2016
Strategic Approach To Data Migration Project Plan
Presenting this set of slides with name Strategic Approach To Data Migration Project Plan. This is a six stage process. The stages in this process are Plan, Develop, Validate, Migrate Stage, Test. This is a completely editable PowerPoint presentation and is available for immediate download. Download now and impress your audience. https://bit.ly/3CTswep
Scrumban
Scrumban Demystified. Talk from Agile New England.
A few of the Scrumban Evolutions from Mamamoth bank from the upcoming book on Scrumban.
More excerpts can be found at facebook.com/scrumban
Learn more at scrumban.io
Do you have a case study of applying the Kanban Method in a Scrum context. We want to learn more from your experiments and results. Contact us at info@codegenesys.com
Embrace Chaos - Introducing Chaos Engineering to your Organization
This document discusses introducing chaos engineering to an organization. It describes game days, which are planned fault injection exercises where engineers imagine failure scenarios, implement protections, and then cause the failures in production to test the protections and gain confidence in the system's resiliency. An example game day at UnderArmour is described where they tested failure scenarios like services becoming unavailable or experiencing high latency. Takeaways were that they learned a lot, identified valuable action items, and experienced less alert fatigue. Next steps discussed automating fault injection and doing more frequent game days across more teams.
ACE NYC and TOR Sep 2021 Slideshare Deck
Atlassian's Point A program is developing the next generation of tools to power the future of teamwork. Join us for a deep dive into Team Central and discover all the other products in Point A (Jira Work Management, Jira Product Discovery, Halp, and more). Atlassian's Claire Maynard, Mary Raleigh, and Vivian Chau will share the virtual stage to cover these topics and answer your burning questions.
DevOps Kaizen: Practical Steps to Start & Sustain a Transformation
Damon Edwards (DTO Solutions) talk from #DOES15 on October 20, 2015 in San Francisco, CA.
Video coming soon... http://devopsenterprise.io
Site reliability engineering - Lightning Talk
A brief introduction into Site Reliability Engineering concepts of service level objects, service level indicators, and service level agreements.
Agile ITSM: New Ways of Working for High Velocity Teams
In a world of digital transformation, Agile, and DevOps, the way that IT teams work is rapidly evolving. Is your IT team still struggling to adapt to new ways of working?
In this session, we'll cover the tools, people, and best practices, to build a lean, mean, agile ITSM machine:
- Build team culture with Atlassian's Open philosophy
- How to lean into the future of "Lean and Agile ITSM"
- Integrate DevOps best practices into the way IT teams work
- Improve self-service by "shifting left," or knowledge-centric support
- Lower MTTR (mean time to resolution) by improving incident response communications and collaboration
- Improve the flow of your change control with agile ways of working
- Plus challenges and lessons learned from customers around the globe
We're bringing back this popular talk from Summit 2018 in Barcelona to provide you pragmatic thought leadership and practical approaches you and your team can actually use
Implementing kanban at scale at sandvik IT
In this talk, we present why Sandvik IT chose to use the Kanban method for continuous improvements, how it was packaged and introduced for more than 60 teams and how it is supported. We finish by looking at the results that Sandvik has gotten so far.
During the talk, we present some of the tools that we have developed for managing this implementation at scale: the Kanban Kick-start Field Guide and the Kanban assessment.
Why #DevOps Transformation has to start with you
Why #DevOps Transformation has to start with you.
You are part of your organisation's culture, and in order to change the culture you need to change yourself, first. Learn some useful ideas of personal and DevOps Transformation from the @DevOpsGuys.
The Kanban Retrospective
This document discusses how to interpret data from Kanban retrospectives to identify opportunities for optimizing workflow. It provides examples of metrics like lead time, cycle time, and work in progress that can be analyzed to address issues like bottlenecks, piles of work in specific states, outliers in work completion times, frequent blockers, the impact of unplanned work, and ensuring team well-being and sustainability. The document advocates using a structured process of planning improvements, implementing changes, measuring their impact, and adjusting as needed.
What's hot (20)
5 Essential Techniques for Building Fault-tolerant Systems
5 Essential Techniques for Building Fault-tolerant Systems
DOES SFO 2016 - Paula Thrasher & Kevin Stanley - Building Brilliant Teams
DOES SFO 2016 - Paula Thrasher & Kevin Stanley - Building Brilliant Teams
The History of DevOps (and what you need to do about it)
The History of DevOps (and what you need to do about it)
Behind the Scenes of Vendor Security Reviews in the Enterprise
Behind the Scenes of Vendor Security Reviews in the Enterprise
Finding Efficiencies in Your Development Lifecycle
Finding Efficiencies in Your Development Lifecycle
Cultivating Content: Designing Wiki Solutions That Scale
Cultivating Content: Designing Wiki Solutions That Scale
Improving Agility (Learning from Maersk Line's Journey) | Özlem Yüce | Agile ...
Improving Agility (Learning from Maersk Line's Journey) | Özlem Yüce | Agile ...
Embrace Chaos - Introducing Chaos Engineering to your Organization
Embrace Chaos - Introducing Chaos Engineering to your Organization
DevOps Kaizen: Practical Steps to Start & Sustain a Transformation
DevOps Kaizen: Practical Steps to Start & Sustain a Transformation
Agile ITSM: New Ways of Working for High Velocity Teams
Agile ITSM: New Ways of Working for High Velocity Teams
Viewers also liked
Do Agile Right - Lessons Learned from an Atlassian Product Manager - Sherif M...
Great products start with great planning. At Atlassian we take a multitude of approaches to plan our feature releases. Learn how you can take some of the practices the Confluence Product Management Team makes use of – such as product requirements, prototypes, customer interviews, and user journeys – to deliver great solutions for your customers.
Introduction to Google Developer Relations
This document provides a history of Google's Developer Relations program from 2006 to 2011. It discusses how DevRel was originally founded in the US in 2006 and has since expanded globally. Key events discussed include the launches of Android, Google Maps API, and Google I/O conference. The document outlines DevRel's mission to make Google platforms the ecosystem of choice for developers and describes the roles of Developer Advocates, Engineers, and Program Managers. It also summarizes some of the programs DevRel runs like IO, Developer Days, GTUGs, and Developer Labs.
Next-Level Incident Management: Culture Matters When Things Break
Ever had an incident that didn't go as planned? The culture amongst Ops, DevOps and SRE teams is critical to ensuring that your team is effective when things break. We've taken our years of collective experience and converted them into 5 easy to understand values that help teams move away from a hero-driven culture to a team based culture. Learn how to guide autonomous decisions and create a consistent culture between teams that you can easily apply and share with others.
Embracing a Remote Workforce - Our Practices for Global Productivity and Comm...
Today, 37% of Americans work from home part-time. And the trend is spreading throughout organizations across the globe. From day one, Auth0 – a fast-growing identity platform – has welcomed geographical diversity. After-all, co-founders Eugenio Pace and Matías Woloski created the company while on two different continents. They believe in hiring the best person for a role, regardless of where they reside, and now have 200 employees spread across 25 countries. While there are many benefits to a work-from-home lifestyle, there are also a unique set of challenges, including the need to have buy-in from the entire company for a remote culture to work.
In this session, Eugenio will discuss best practices for creating and supporting a remote workforce like how to effectively manage distributed projects and run global meetings. You will leave with specific, practical steps to communicate deliberately, create processes, and utilize tools to work productively from anywhere.
Early Signal Testing: Designing Atlassian’s New Look
You probably have noticed the new look of Atlassian's Cloud products. Our new Design Guidelines took many months to create, and our team had many tough decisions to make. Luckily, we incorporated customer research along the way to guide us.
One of our most valuable research tools is called “early signal testing”, and we think it can help you too. Early signal testing can help you gain confidence in a direction, rather than being paralyzed by a choice. It can help assess your design's usability, clarity, comprehension, and more. This talk explains how your team can gather measurable user feedback in as little as a week, for even the very biggest of problems.
With Great Automation Comes Great Responsibility
You want to help your team by automating business workflows, but how do you know when and where to use automation?
How can you unleash the full potential of automation using scripts and apps? And what are some pitfalls you need to be aware of?
In this talk, Peter Van de Voorde of Atlassian will walk you through what automation with scripts and apps entails, when you should use it, and what to watch out for.
So you can use automation to unleash the potential of your team.
Managing Product Development Chaos with Jira Software and Confluence
Launching a product can be a herculean task to any team, particularly a product team. With relentless prioritization, requirements revisions, and status reporting, Product Managers are often overwhelmed. It was no different at Square, but one product team decided to try something different.
Ronald Lai, ex Product Manager at Square, will discuss how his team used JIRA Software and Confluence to automate workflows to replace their most time-consuming tasks and focused on creating product value.
Ship Faster, Reduce Risk, and Build Scale with Feature Flags
Today's software companies are trying to move faster than ever before. Feature flagging is a way for to reduce risk, increase the amount of visibility, and improve your ability to respond to change. Learn how you can begin utilizing feature flagging effectively, and how Atlassian flags with LaunchDarkly to ship software daily.
Making Software for the Software Makers: How Atlassian Teams use Jira Software
Ever wondered how internal Atlassian teams push Jira Software to the limit? At Atlassian each team defines a process that best meets their unique needs and challenges. In this talk Product and Marketing Management duo Jason Wong and Jake Brereton will share insights into how Atlassian teams harness and stress test Jira Software to get their teams humming. You'll leave this session with a behind-the-scenes look at how our teams:
- Build custom views that put the right information in front of every team, role, and specialization
- Add depth and accuracy to status tracking with deep developer tool integrations
- Use apps for Atlassian tools to ensure all team members are fully connected to a common workflow
Viewers also liked (9)
Do Agile Right - Lessons Learned from an Atlassian Product Manager - Sherif M...
Do Agile Right - Lessons Learned from an Atlassian Product Manager - Sherif M...
Next-Level Incident Management: Culture Matters When Things Break
Next-Level Incident Management: Culture Matters When Things Break
Embracing a Remote Workforce - Our Practices for Global Productivity and Comm...
Embracing a Remote Workforce - Our Practices for Global Productivity and Comm...
Early Signal Testing: Designing Atlassian’s New Look
Early Signal Testing: Designing Atlassian’s New Look
Managing Product Development Chaos with Jira Software and Confluence
Managing Product Development Chaos with Jira Software and Confluence
Ship Faster, Reduce Risk, and Build Scale with Feature Flags
Ship Faster, Reduce Risk, and Build Scale with Feature Flags
Making Software for the Software Makers: How Atlassian Teams use Jira Software
Making Software for the Software Makers: How Atlassian Teams use Jira Software
Similar to The Atlassian Bug Bounty Program
Pacific crest-ets-2015-saa s-business-metrics-panel-discussion1
1) The panel discussion focused on traditional metrics for perpetual license software versus SaaS, including recurring revenue retention, churn, LTV, and CAC.
2) Examples were provided of cohort analysis and how small differences in churn can significantly impact cohort performance over time.
3) Various public SaaS companies were examined regarding their different methodologies for reporting metrics like subscription revenue retention and dollar-based net expansion.
4) A case study of an imaginary company XYZ Corp. was presented, showing its growth, margins, churn, and sales/marketing expenses over two years. Metrics like LTV, CAC, and LTV/CAC were analyzed to assess the company's attractiveness.
How to Implement TOC Principles and Tools in State Government and Achieve Gre...
Kristen Cox, Executive Director, Governor’s Office of Management and Budget (USA) & Greg Gardner, Director of Operational Excellence for Utah Governor’s Office of Management and Budget (USA) @ TOCICO International Public Sector Effectiveness Conference 2013 Vilnius
- Overview of the SUCCESS Framework.
- Introduction of Utah’s measurement criteria.
- Introduction to the SUCCESS Management Information System (SMIS).
-Utah’s use of additional tools to assist agencies achieve great results.
-Utah’s progress to anchor the budgeting process to performance.
- Status of implementing the SUCCESS Framework across Utah’s 24 Cabinet agencies.
More information - http://pse.lt
How the Linux Foundation Standards for Compliance and Security will Fix Your ...
This document discusses open source and society. It argues that while open source has enabled technological progress, it has not solved all of society's problems on its own. Engineers tend to focus on functional problems, but society faces other challenges like access, equality and opportunity that require political solutions beyond just technology or licenses. The document encourages focusing on continuous improvement through standards and processes to make incremental progress on these issues. It highlights how standards like OpenChain help bring more predictability and visibility to software supply chains.
6 Guidelines for A/B Testing
This document provides guidelines for A/B testing, including prioritizing test ideas based on estimated new conversions per day, creating tests by running a power analysis and having incremental tests, analyzing tests by monitoring health metrics, and making decisions carefully based on analysis results. It recommends calculating potential impact, having a data scientist involved, and not launching on neutral results to avoid technical debt.
Generating Revenue for Development Tools Consultants
This document discusses how OpsHub software can enable additional revenue streams for consulting firms through new engagements including:
1) Initial health check analyses and ongoing quarterly health checks using OpsHub Analytics to assess software development performance.
2) New consulting engagements to address issues uncovered by Analytics around speed, quality, productivity and predictability.
3) Installation of Analytics across organizations.
It describes OpsHub Analytics capabilities like pulling data from tools, providing reports and KPIs, and enabling drill-down analysis. A typical process is outlined where consulting firms can introduce Analytics to customers, conduct an initial health check, uncover new projects, and set up ongoing billing for quarterly checks and license renewals.
Assignment 1 Business Security PostureDue Week 3 and worth 90 poi.docx
Assignment 1: Business Security Posture
Due Week 3 and worth 90 points
Company XYZ, a mid-sized corporation, is in the middle of satisfying their regulatory compliance needs. The manager of security at the company has been tasked by the CIO (Chief Information Officer) to report on the company’s current security posture. You are called upon as a 3
rd
party penetration tester, based on your industry reputation of being both careful and thorough to report on company XYZ’s security posture. The only information available about the company is the generalized information found on its company Website which includes a contact page, home page, customer login portal, copyright and acceptable use page, and disclaimers page.
As an experienced penetration tester, you already have a collection of typical tools you use to conduct your tests (
at minimum, all the tools available in CEH labs for this course
.) The end goal here is to report on company XYZ’s current security posture through performing penetration tests.
Write a four to five (4-5) page paper in which you outline all steps you would take to provide company XYZ’s request. Include but do not limit yourself to the following:
Determine the communications and questions that you need to ask the Manager of Security before beginning your work assignment.
Determine the type of documents you would bring to your first meeting with the Manager of Security (i.e. documents to sign, to review, to consider).
Explain chronologically when things happen.
Predict what results are expected based on tools and techniques you use. For example, if a goal is to collect recon data, one might use the Nmap tool to perform a subnet scan. A similar scan can be conducted in your iLabs environment and the resulting data used as support in the form of screenshots when explaining your theories.
Evaluate the importance of the Nondisclosure Agreement (NDA) and other legal agreements to both parties.
Propose the main pre-penetration test steps that the penetration tester should perform before beginning the initial phases of the XYZ penetration test. Provide a rationale to support your proposal.
Use at least three (3) quality resources in this assignment.
Note:
Wikipedia and similar Websites do not qualify as quality resources.
Your assignment must follow these formatting requirements:
Be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides; citations and references must follow APA or school-specific format. Check with your professor for any additional instructions.
Include a cover page containing the title of the assignment, the student’s name, the professor’s name, the course title, and the date. The cover page and the reference page are not included in the required assignment page length.
The specific course learning outcomes associated with this assignment are:
Discuss the need for security analysis.
Discuss the techniques and apply the tools to perform penetration tests.
D.
GOING THE EXTRA MILE: Using Client Data to Improve Client Service, Loyalty, A...
Surveying clients through the matter lifecycle may seem like a crazy concept but it's happening. This means regularly gathering feedback from clients about their expectations and your firm's performance. Learn how firms gather this information, and how they use it to manage their successful businesses while rewarding attorneys and employees.
Catalyst_CaseStudy_Predict_Proves_Effective_for_Small_Collection
This document discusses using technology-assisted review (TAR) on a small collection of 16,000 documents that needed to be reviewed within a tight deadline for an SEC investigation. Traditional TAR 1.0 would not have been effective for such a small set due to the extensive training required by a subject matter expert. However, Insight Predict's continuous active learning protocol requires no control set or training by an expert. On this small collection, Predict reduced the review time by 75% and the relevant documents were found within the deadline and fixed budget. This case shows that TAR can be effective even for smaller collections without a minimum threshold.
IS/IS NOT Solving “Unsolvable” Problems
This document provides an overview of the Kepner-Tregoe problem solving method, which involves defining the problem, describing it in terms of what is and is not occurring, establishing possible causes, testing the most probable cause, and verifying the true cause. It includes examples of problems that were initially unsolvable but were resolved by properly applying the Kepner-Tregoe method, such as defining the problem statement more precisely, gathering all relevant resources, finding patterns in timing data, and thinking beyond the immediate fix. The key lessons are to follow the problem solving process, let it guide the investigation, and consider non-obvious factors or causes.
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
This document discusses lessons learned from previous compliance initiatives that can be applied to improving the state of PCI DSS compliance. It draws parallels between problems with SOX-404 compliance and current issues with PCI DSS, noting frustration with both standards. The document proposes using concepts from the GAIT framework, which was created to address SOX-404 problems, as a model for how to better scope the PCI assessment and define relevant controls. It intends to get feedback on this plan to help refine the approach and potentially mobilize industry stakeholders to improve PCI DSS practices.
2010 07 BSidesLV Mobilizing The PCI Resistance 1c
Properly Mobilizing the PCI Resistance: Lessons Learned From Fighting Prior Wars (SOX-404)"
I have noticed that there is a growing wave of discontent and disenchantment from information security and compliance practitioners around the PCI DSS. Josh Corman has been an effective voice for these concerns, providing an intellectually honest and earnest analysis in his talk “Is PCI The No Child Left Behind Act For Infosec?”
The problem are well-known and significant: too much ambiguity in the PCI DSS, Qualified Security Assessors (QSAs) and consultant using subjective interpretations, existing guidance either too prescriptive or too vague, scope missing critical systems that could risk cardholder data, overly broad scope and excessive testing costs, excessive subjectivity and inconsistency, poor use of scarce resources, no meaningful reduction in risk of data breaches, and so forth.
For years, I have been studying the PCI DSS compliance problem, as well. I have noticed many similarities to the PCI compliance challenges and the “SOX-404 Is The Biggest IT Time Waster” wars in 2005. I was part of the leadership team at the Institute of Internal Auditors (IIA) where we did something about the it. We identified inability to accurately scope the IT portions of SOX-404 as the root cause of the billions of dollars of wasted time and effort, while not reducing the risk of financial misstatements.
I propose to present the two-year success story of the IIA GAIT project and how we changed the state of the IT audit practice in support of SOX-404 financial reporting audits. We defined the four GAIT Principles, which could be used to correctly scope the IT portions of SOX-404. We mobilized over 100K internal auditors, the SEC and PCAOB regulatory and enforcement bodies, as well as the external auditors from the 8 big CPA firms (e.g, Big Four and other firms doing SOX advisory work). In short, we made a difference, in a highly political process that involved many constituencies.
I am attempting to do something similar with the PCI Security Standards Council, through my work as part one of the leaders of the PCI Scoping SIG (Special Interest Group). My personal goal is to find a “third way” to better enable correct scoping of the PCI Cardholder Data Environment, and create a risk-based approach of substantiating the effective controls to ensure that cardholder data breaches can be prevented, and quickly detected and corrected when they do occur.
My desired outcome is to find fellow travelers who also see the pile of dead bodies in PCI compliance efforts, and work with those practitioners to catalyze a similar movement to achieve the spirit and intent of PCI DSS.
A Set of Heuristics to Support Early Identification of Conflicting Requirements
This paper presents a set of heuristics that could support identifying conflicting requirements or objectives by structuring non-normative methods such as subject matter experts.
DOI: http://dx.doi.org/10.1002/j.2334-5837.2015.00062.x
Lean, Six Sigma and Emotional Intelligence
An introduction to Lean and Six Sigma process improvement techniques as well as Emotional Intelligence in leadership to a medical staff. Using Lean can help 1) Reduce cost 2) Improve Reliability and Safety and 3) Increase the Quality of Care. Using Six Sigma can improve processes by reducing variation. Leadership with high Emotional Intelligence create the optimal environment to implement Lean and Six Sigma strategies.
Measuring your way_to_successful_automation_webinar
Developing a set of metrics is the first step to make in your transition to automation. A quantitative goal will help convince your boss what you need now and help you measure improvement over time.
In this Webinar, Rajeev Rai, the CEO of QASource, who has over 25 years of experience in QA and is a veteran at creating and managing high quality teams, will discuss metrics that helped him overcome challenges to drive automation success.
From the Ashes of Phoenix - PrDeliver 2018
When the Phoenix Pay system was released in April 2016, it had severe problems affecting some 70% of the people who the system was intended to pay. It has been fraught with issues ever since resulting in under and overpayments of those employees, and in some cases no payments at all. Hundreds of millions of dollars have been and will be spent to correct the pay issues and update the system. This was yet another example of the ineffectiveness of the antiquated approach that the government used to deliver Phoenix.
When the 2018 budget was tabled, nearly half a BILLION dollars was allocated to fixing Phoenix! What seemed like a footnote to that was $16 million over two years to study how to build the replacement system.
Study. That's what finally broke me. I had been grumbling at the stories of Phoenix for years, but this finally triggered me to do something.
Determining the Fit and Impact of CTI Indicators on Your Monitoring Pipeline ...
Implementing an appropriate data processing pipeline to make good use of your indicators of compromise is a problem that has been successfully addressed over the last few years. Even with all the push of automation and orchestration, a fundamental question remains: WHICH data should I be ingesting in my detection pipelines? There is no lack of data available, shared or not, paid or not. But how to keep my CTI IR team from spinning their wheels on a pile of CTI mud?
This talk will discuss statistical analysis you can do with the CTI indicators you collect and your own network telemetry to define:
- FIT: How appropriate does the CTI data apply to your own traffic. CTI vendors always talk about vertical specific threats, but is that measurable and verifiable?
- IMPACT: How much was your true positive detections assisted by matches and link analysis derived from those CTI feeds
- COVERAGE: Is your current mix of CTI feeds providing "intelligence" on the current threats that you should actually be concerned with?
Those concepts will be introduced and explained with minimal math background needed, and pseudo-code (and real-code!) will be provided to assist organizations to perform those experiments on their own environment. We hope those tools will help attendees to better evaluate the quality of the CTI feeds they ingest from their open sources, paid providers and sharing communities.
Sales and Use Tax Process: Benchmarks and Best Practices for Retailers
Nearly half of all retailers have not established KPI’s for to measure their sales tax process. Those that do are leading the way with a more strategic approach to compliance. Watch the on demand Webinar (see slide 4) to understand what they are doing.
View our webinar on demand to learn:
Challenges and risks for retailers
Performance benchmarks to help understand how you compare to your peers
Strategies and drivers for change
How leaders are leveraging technology to achieve superior results
HIM 500 Technology Information Featherfall Medical Cen
HIM 500 Technology Information
Featherfall Medical Center has an existing admission discharge transfer (ADT)/master patient index
(MPI) system that was developed in-house and implemented over 20 years ago. By now, all of the
original programmers have resigned or retired. The system is cumbersome to manage and update to
meet the current needs of the center. This has also led to the compliance, ethical, and governance
issues previously stated.
An RFP was sent out to two vendors: Intel (SOA Expressway for Healthcare) and Alert (Admission
Discharge and Transfer [ADT]). Key portions of the RFP have been summarized to allow for easy
comparison. The responses to the functional requirements have also been provided for review.
Demonstrations were conducted at the Center, and both systems looked good. The MPI module is
preferred on Intel, and the ADT system is preferred on Alert; however, both systems were received
favorably. The committee went to see both systems in operation and liked them both. References were
checked on both systems. The references for Alert were glowing. All of them said that the system was
good and the people were great to work with because they wanted their new company to succeed and
grow. However, given their small size, they might lack the resources of a larger company. The references
on Intel were excellent as well. The only negative about Intel was that the company is quite large and
was sometimes slow to respond to what the company saw as minor problems. The next release of Alert
is due out in 6 months and of Intel is due out in 8 months. The Committee has used the following tables
to summarize and compare the information that was gathered and is awaiting your recommendation
before final decision is reached.
System Comparison
Topic Intel (SOA Expressway for
Healthcare)
Alert (Admission Discharge and
Transfer [ADT])
Cost of interface $378,000 $238,000
Cost of software $465,000 $325,000
Cost of hardware $375,000 $400,000
Implementation costs $275,000 $175,000
Other costs $110,000 $120,000
Annual maintenance $75,000 $65,000
Training costs $350,000 $264,000
Number systems in use in
hospitals
364 12
Length of time in business 30 years 3 years
Stability of company Good Good
RFP Response from Intel (SOA Expressway for Healthcare)
System Functions Standard Next Release Not Available Custom
Admit patient to ER X
Admit patient to inpatient status X
Admit patient to outpatient status X
Transfer patient from room to room X
Transfer patient from inpatient to
outpatient
X
Transfer patient from outpatient to
inpatient
X
Transfer patient from ER to inpatient
status
X
Discharge patient from ER X
Discharge patient from inpatient status X
Discharge patient from outpatient status X
Notify housekeeping when patient
discharged
X
Notify HIM when patient admitted X
Meets UHDDS ...
Improving the development process with metrics driven insights presentation
- Jack Humphrey, VP of Engineering at Indeed, discusses how the company uses metrics and data analytics to improve processes and make decisions.
- They capture metrics on everything from code commits to production deployments to better understand workflows.
- As an example, Indeed measured translation verification times in JIRA and found issues were pending for too long, so they implemented a new deployment process that significantly reduced times.
- Metrics must be questioned and used carefully to avoid unintended outcomes, but can effectively support process improvement when paired with learning and discussion.
Security Snake Oil Cycle 2019
An exploration of the cyber security market factors that lend to pervasive issues with hyperbole and feelings of broken trust across the various participants. Much is left off the slide & was covered in narrative at a recent OWASP LA meetup, original done for B-Sides LV.
Similar to The Atlassian Bug Bounty Program (20)
Pacific crest-ets-2015-saa s-business-metrics-panel-discussion1
Pacific crest-ets-2015-saa s-business-metrics-panel-discussion1
How to Implement TOC Principles and Tools in State Government and Achieve Gre...
How to Implement TOC Principles and Tools in State Government and Achieve Gre...
How the Linux Foundation Standards for Compliance and Security will Fix Your ...
How the Linux Foundation Standards for Compliance and Security will Fix Your ...
Generating Revenue for Development Tools Consultants
Generating Revenue for Development Tools Consultants
Assignment 1 Business Security PostureDue Week 3 and worth 90 poi.docx
Assignment 1 Business Security PostureDue Week 3 and worth 90 poi.docx
GOING THE EXTRA MILE: Using Client Data to Improve Client Service, Loyalty, A...
GOING THE EXTRA MILE: Using Client Data to Improve Client Service, Loyalty, A...
Catalyst_CaseStudy_Predict_Proves_Effective_for_Small_Collection
Catalyst_CaseStudy_Predict_Proves_Effective_for_Small_Collection
A Set of Heuristics to Support Early Identification of Conflicting Requirements
A Set of Heuristics to Support Early Identification of Conflicting Requirements
Measuring your way_to_successful_automation_webinar
Measuring your way_to_successful_automation_webinar
Determining the Fit and Impact of CTI Indicators on Your Monitoring Pipeline ...
Determining the Fit and Impact of CTI Indicators on Your Monitoring Pipeline ...
Sales and Use Tax Process: Benchmarks and Best Practices for Retailers
Sales and Use Tax Process: Benchmarks and Best Practices for Retailers
HIM 500 Technology Information Featherfall Medical Cen
HIM 500 Technology Information Featherfall Medical Cen
Improving the development process with metrics driven insights presentation
Improving the development process with metrics driven insights presentation
More from Atlassian
International Women's Day 2020
We aim to celebrate women every day, but we’re taking today to give special recognition to womxn at Atlassian continue who inspire and lead.
For #InternationalWomensDay, we asked Atlassians to nominate and recognize amazing womxn at Atlassian who inspire them, challenge them, and truly represent Atlassian values.
10 emerging trends that will unbreak your workplace in 2020
Is this the year we finally cancel always-on culture? Use virtual reality to build empathy with coworkers? The future of work is about to arrive.
Forge App Showcase
Ever wondered what Atlassian engineers do in their 20% time? Join Forge engineering lead Tim Pettersen on a lightning tour of how Forge is being used inside Atlassian. Attendees will get a rare view into some of the apps, tools, and tweaks we’ve built internally on top of Forge in the spirit of dogfooding and innovation. Come along and be inspired with some great ideas for improving and automating your own teams' workflows!
Let's Build an Editor Macro with Forge UI
Race out of the gate with Forge UI: a new way of building UI extensions for Atlassian products. In this session, Forge UI Developer Experience lead Peter Gleeson will demonstrate how build an Editor macro from scratch! Attendees will learn about Forge foundational concepts such as the FaaS dev loop, Forge CLI, and how to construct UIs from Forge UI components.
This session provides a great introduction to the Forge platform for any developer looking to get productive with editor apps and Forge UI.
Meet the Forge Runtime
In the words of Jeff Atwood: “JavaScript is the lingua franca of the web”. It’s also the first language we’ve chosen to support in Forge. In this session, Forge engineer Shorya Raj will walk through the Node.js isolate based runtime you’ll be using to write apps for Forge.
Attendees will learn about the unique features of the Forge JavaScript Runtime, such as automatic authentication and tenant context management. Shorya will also cover the differences between the Runtime, conventional browser, and Node.js APIs.
Developers or attendees with some programming experience will get the most out of this session.
Forge UI: A New Way to Customize the Atlassian User Experience
UI extensibility is an integral part of Atlassian's ecosystem story. In cloud, traditionally this has been accomplished with the humble iframe. In this session you will learn about Forge UI, an additional and innovative way to build visual apps for Atlassian products.
Join Product Manager Simon Kubica and Senior Developer Michael Oates from the Forge team in exploring the underlying concepts and technology powering Forge UI, and learn how it will unlock exciting new opportunities in our ecosystem.
Take Action with Forge Triggers
This document discusses using triggers to automate actions in Forge apps. It begins with an overview of triggers and then discusses:
- Product triggers that are triggered by events in Atlassian products like Jira, Confluence etc.
- Web triggers that are triggered by HTTP requests to a Forge function.
- How to authenticate and make requests to external services like Opsgenie from Forge functions in response to triggers.
- Demos of building a Forge app that responds to Jira issue creation by assigning the issue and notifying Opsgenie.
The document provides details on the event payload formats, making authenticated requests, and deploying/managing the Forge app lif
Observability and Troubleshooting in Forge
The document discusses the evolution of software development from bare metal servers to virtualization, containers, and serverless functions. It notes how debugging and observability have become more difficult as software moves to remote "somebody else's computer" environments. The author introduces Forge as Atlassian's solution for providing developers a declarative language and best-in-class experience for building user interfaces on serverless infrastructure, including features for debugging, monitoring, and security.
Trusted by Default: The Forge Security & Privacy Model
Security and trust have become increasingly important requirements for our customers in Cloud. We’re working to make it easier for you to build and maintain secure apps for Atlassian products.
In this session, Engineering Team Lead Dugald Morrow and Principal Product Manager Joël Kalmanowicz will explain how security and trust have been baked into the Forge framework and the benefits the platform can offer you and your users. Learn how much less work it can be to build trusted apps customers will love on Forge by going deep on the safeguards we’re putting in place.
Developers or attendees with some software security experience will get the most out of this session.
Designing Forge UI: A Story of Designing an App UI System
Creating apps with Forge and its UI frontend components is now easier than ever. Join Senior Designer Allard van Helbergen and Product Manager Josephine Lee as they walk through the story of designing Forge UI.
What is a declarative UI and why did we choose this paradigm? What are all the considerations that go into defining the set of components to build apps with? And how do you make ‘creating apps’ simple? Walk away understanding the foundations of Forge, how all the different components work together, and where Forge UI is headed in the future.
Forge: Under the Hood
After a day of learning about the exciting features of Forge, get ready for a peek under the hood to discover how it’s all implemented. Join Forge Architect Patrick Streule as he goes deep on topics such as Forge FaaS infrastructure, the internal workings of tenant isolation, and automatic authentication.
Attendees will also get a glimpse of some features we’re looking at building into the future of Forge, such as a serverless data store for apps and more!
Access to User Activities - Activity Platform APIs
How do you stay on top of your work when it is scattered across multiple Atlassian products?
"If only there was a single place where I could see all my activity..." - sounds familiar?
We are going to provide you an insight into what lead to the creation of a new Activity API. Following last year’s Atlas Camp announcement from our CTO Sri Viswanath, Atlassian is moving onto GraphQL - new Activity API is one the first pieces of the GraphQL Atlassian Platform and is the technology behind start.atlassian.com.
Join Sergey Meshkov, Senior Developer, who will provide you a sneak peek of the new GraphQL Activity API as it will soon be available to our vendors.
Design Your Next App with the Atlassian Vendor Sketch Plugin
Our designers work 3x quicker with the Atlassian Vendor Sketch Plugin — and now we’re unleashing these superpowers to the Atlassian Ecosystem. If you mockup screens for code or marketing, we’ll help you drag and drop your way to an Atlaskit design in less than 10 minutes. And if you’re a designer, you’ll want to hear about our pixel-perfect component library and suite of seamless Sketch integrations.
Join Atlassian’s resident Sketch aficionado, Huw Evans, to learn about:
Sketch Components: If it’s in Atlaskit, it’s now in Sketch. And introducing the Symbol Palette, the quickest way to find the right component for the job.
Product Templates: Spark inspiration by building your designs inside realistic screens from Jira & Confluence — or craft hero images for your Marketplace listing!
Color and Text Styles: Heard of N75? H400? If those mean nothing to you, we’ll run through how to make your users feel at home by using Atlassian colors & typography, right inside Sketch.
Data Suppliers: Say goodbye to Lorem Ipsum. Learn how to use Sketch Data Suppliers to generate realistic copy using live data from Jira, Confluence and Bitbucket. Bonus: How we used AI to create people who don’t exist!
♀️ It's All Open Source: How we made it really easy to customise the Atlassian Vendor Sketch Plugin for your team's needs.
Tear Up Your Roadmap and Get Out of the Building
The document discusses conducting customer research by tearing up existing roadmaps and getting out of the building. It recommends running a research spike with the team to define what needs to be learned. Tips are provided for recruiting participants through support, community, and sales teams. Conducting customer interviews is discussed, including roles for scribes and interviewers. Analyzing interviews by consolidating themes from transcripts is also covered. An example analysis identified themes around customer journeys, collaboration as a team sport, and overwhelming demand for participation. The document encourages being honest about whether a research spike could be run and why or why not.
Nailing Measurement: a Framework for Measuring Metrics that Matter
When it comes to designing apps and new features, we just can't get enough of metrics. In an age where we can collect data from almost anything, how can we cut through the noise and focus on the right metrics to measure the success and failures of the apps that we’re building?
Join Atlassian Product Manager Josephine Lee as she delves through what exactly makes a good metric. Throughout the talk, we’ll walk through real Atlassian examples of good and bad metrics. By exploring a framework for measurement, we’ll cover detailed features that showcase how best to measure and choose the right set of success, supportive, and counter metrics.
You'll walk away with tips and learnings from Atlassian’s approach to measuring success, and learn how to use data and metrics to inspire action in your apps.
Building Apps With Color Blind Users in Mind
Color-blind people are using your apps. 1 in 12 men is color blind. And for women, this is 1 in 200.
Building apps that work well for color blind people is not difficult. Some simple techniques help us with the design of our interface. And some tools help us see what color blind people see.
In this talk, Maarten Arts of Avisi will look at common varieties of color blindness. We will look at apps through the eyes of a color-blind person. And we will discover what color-blind people struggle with.
Regardless of whether you're a designer or developer, this talk will equip you with the skills and the tools you need to make sure that your app works for color-blind people.
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
The words we choose have the power to include or alienate our users. The reality is that for many, English is spoken as a second language. And unless you're going to localize your product for those major non-English speaking markets, you'll need to thoughtfully create content that is accessible to a larger audience.
But how do we create products that maintain a sense of personality without isolating a wide audience of non-native speakers?
Join Atlassian Content Designer, Roana Bilia, as she walks you through why thoughtful, inclusive content, is key to creating well-designed user experiences. You'll walk away with foundational principles for good UX copy when optimizing your product UI, a few quick wins that you as creators and developers can incorporate into your next products, as well as a set of mistakes to avoid that companies—including Atlassian—have made, which prioritized native speakers but isolated non-native speakers.
Beyond Diversity: A Guide to Building Balanced Teams
We hear it all the time, and we get it. Diversity and inclusion are important! But isn't it an HR problem? HR may be able to help with diversity but inclusion or creating an inclusive environment is everyone's responsibility. So how do we create an inclusive environment that celebrates diversity and engages and supports everyone? Isabel Nyo will be sharing best practices and lessons she has learned along the way. She will also be sharing her experience as a minority, a female technical leader, in the technology industry.
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
In September 2018, K15t took its mission to go self-managed to the next-level when the entire company worked together to decide on the Next Big Thing™ to build for Atlassian users and present it at Summit in Las Vegas.
In this session, Anshuman Dash, an intern turned software engineer, turned product manager, shares his journey of professional self-discovery. In under five months, he joins a freshly assembled, self-managed team in building a new Atlassian Marketplace app.
Dash will give a quick intro to what it means for a team to be self-managed. Then, he'll share his observations and experiences on the team, as well as the best-practices, patterns, and processes K15t has discovered along the way.
Whether you are a new team with a kick-ass product idea or a big company figuring out ways to scale, this talk will provide you with practical tips and ideas your team can try out!
Building Apps With Enterprise in Mind
Designing for the enterprise comes with a unique set of challenges; ensuring readability and accessibility at scale, meeting the needs of multi-layered organizations, and building a trust when your software - used by dozens of thousands of employees - is considered mission-critical.
At Atlassian, we've spent countless hours digging deep into our enterprise customer's needs and we've gathered a vast repository of insights.
In this talk, Pawel Wodkowski, a senior designer on Jira Server, will share all that we've learned from our research (while not being shy about busting some of those wild admin myths!). You'll get a crash course in what it means to design for scale the Atlassian way.
More from Atlassian (20)
10 emerging trends that will unbreak your workplace in 2020
10 emerging trends that will unbreak your workplace in 2020
Forge UI: A New Way to Customize the Atlassian User Experience
Forge UI: A New Way to Customize the Atlassian User Experience
Trusted by Default: The Forge Security & Privacy Model
Trusted by Default: The Forge Security & Privacy Model
Designing Forge UI: A Story of Designing an App UI System
Designing Forge UI: A Story of Designing an App UI System
Access to User Activities - Activity Platform APIs
Access to User Activities - Activity Platform APIs
Design Your Next App with the Atlassian Vendor Sketch Plugin
Design Your Next App with the Atlassian Vendor Sketch Plugin
Nailing Measurement: a Framework for Measuring Metrics that Matter
Nailing Measurement: a Framework for Measuring Metrics that Matter
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Creating Inclusive Experiences: Balancing Personality and Accessibility in UX...
Beyond Diversity: A Guide to Building Balanced Teams
Beyond Diversity: A Guide to Building Balanced Teams
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
The Road(map) to Las Vegas - The Story of an Emerging Self-Managed Team
Recently uploaded
How to write a program in any programming language
How to write a program in any programming language
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Graspan: A Big Data System for Big Code Analysis
We built a disk-based parallel graph system, Graspan, that uses a novel edge-pair centric computation model to compute dynamic transitive closures on very large program graphs.
We implement context-sensitive pointer/alias and dataflow analyses on Graspan. An evaluation of these analyses on large codebases such as Linux shows that their Graspan implementations scale to millions of lines of code and are much simpler than their original implementations.
These analyses were used to augment the existing checkers; these augmented checkers found 132 new NULL pointer bugs and 1308 unnecessary NULL tests in Linux 4.4.0-rc5, PostgreSQL 8.3.9, and Apache httpd 2.2.18.
- Accepted in ASPLOS ‘17, Xi’an, China.
- Featured in the tutorial, Systemized Program Analyses: A Big Data Perspective on Static Analysis Scalability, ASPLOS ‘17.
- Invited for presentation at SoCal PLS ‘16.
- Invited for poster presentation at PLDI SRC ‘16.
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Salesforce Healthcare CRM, implemented by VALiNTRY360, revolutionizes patient management by enhancing patient engagement, streamlining administrative processes, and improving care coordination. Its advanced analytics, robust security, and seamless integration with telehealth services ensure that healthcare providers can deliver personalized, efficient, and secure patient care. By automating routine tasks and providing actionable insights, Salesforce Healthcare CRM enables healthcare providers to focus on delivering high-quality care, leading to better patient outcomes and higher satisfaction. VALiNTRY360's expertise ensures a tailored solution that meets the unique needs of any healthcare practice, from small clinics to large hospital systems.
For more info visit us https://valintry360.com/solutions/health-life-sciences
Hand Rolled Applicative
User Validation
Code Kata
Could you use a simple piece of Scala validation code (granted, a very simplistic one too!) that you can rewrite, now and again, to refresh your basic understanding of Applicative operators <*>, <*, *>?
The goal is not to write perfect code showcasing validation, but rather, to provide a small, rough-and ready exercise to reinforce your muscle-memory.
Despite its grandiose-sounding title, this deck consists of just three slides showing the Scala 3 code to be rewritten whenever the details of the operators begin to fade away.
The code is my rough and ready translation of a Haskell user-validation program found in a book called Finding Success (and Failure) in Haskell - Fall in love with applicative functors.
Energy consumption of Database Management - Florina Jonuzi
Presentation from Florina Jonuzi at the GSD Community Stage Meetup on June 06, 2024
Microservice Teams - How the cloud changes the way we work
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
Requirement Traceability in Xen Functional Safety
Using OpenFastTrace to trace requirements in Xen functional safety
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
No one wants their application to drag like a car stuck in the slow lane! Yet it’s all too common to encounter bumpy, pothole-filled solutions that slow the speed of any application. Symfony apps are not an exception.
In this talk, I will take you for a spin around the performance racetrack. We’ll explore common pitfalls - those hidden potholes on your application that can cause unexpected slowdowns. Learn how to spot these performance bumps early, and more importantly, how to navigate around them to keep your application running at top speed.
We will focus in particular on tuning your engine at the application level, making the right adjustments to ensure that your system responds like a well-oiled, high-performance race car.
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Presentation about a VSCode plugin from Dario Jurisic at the GSD Community Stage meetup
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
Charla impartida en el evento de "KuberTENes Birthday Bash Guadalajara" para celebrar el 10mo. aniversario de Kubernetes #kuberTENes #celebr8k8s #k8s
WWDC 2024 Keynote Review: For CocoaCoders Austin
Overview of WWDC 2024 Keynote Address.
Covers: Apple Intelligence, iOS18, macOS Sequoia, iPadOS, watchOS, visionOS, and Apple TV+.
Understandable dialogue on Apple TV+
On-device app controlling AI.
Access to ChatGPT with a guest appearance by Chief Data Thief Sam Altman!
App Locking! iPhone Mirroring! And a Calculator!!
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech is a premier mobile app development company in Noida, providing cutting-edge solutions for businesses.
Visit Us For : https://www.dronainfotech.com/mobile-application-development/
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Dr. Jesús Barrasa, Head of Solutions Architecture for EMEA, Neo4j
Découvrez les dernières innovations de Neo4j, et notamment les dernières intégrations cloud et les améliorations produits qui font de Neo4j un choix essentiel pour les développeurs qui créent des applications avec des données interconnectées et de l’IA générative.
Unveiling the Advantages of Agile Software Development.pdf
Learn about Agile Software Development's advantages. Simplify your workflow to spur quicker innovation. Jump right in! We have also discussed the advantages.
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Wondering how X-Sign gained popularity in a quick time span? This eSign functionality of XfilesPro DocuPrime has many advancements to offer for Salesforce users. Explore them now!
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Presentation from Ghazal Aakel and Eric Jochum at the GSD Community Stage Meetup on June 6th, 2024
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
https://2024.springio.net/sessions/automated-software-refactoring-with-openrewrite-and-generative-ai/
Recently uploaded (20)
How to write a program in any programming language
How to write a program in any programming language
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Need for Speed: Removing speed bumps from your Symfony projects ⚡️
Fundamentals of Programming and Language Processors
Fundamentals of Programming and Language Processors
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
KuberTENes Birthday Bash Guadalajara - Introducción a Argo CD
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Unveiling the Advantages of Agile Software Development.pdf
Unveiling the Advantages of Agile Software Development.pdf
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
Everything You Need to Know About X-Sign: The eSign Functionality of XfilesPr...
openEuler Case Study - The Journey to Supply Chain Security
openEuler Case Study - The Journey to Supply Chain Security
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
ALGIT - Assembly Line for Green IT - Numbers, Data, Facts
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
Automated software refactoring with OpenRewrite and Generative AI.pptx.pdf
The Atlassian Bug Bounty Program
- 1. The Atlassian Bug Bounty Program MATT HART | SECURITY ENGINEER | ATLASSIAN
- 2. What is a Bug Bounty?
- 4. Time to turn this around
- 6. New Issue Filtering: Filter newly reported issues before they reach the security team. Better Inscentives: Better incentives attract more researchers and reports of higher quality. Sounds Good, But How? Explicit Rules and Scope: Be explicit around what is and isn’t in scope, and rules of engagement.
- 7. New Issue Filtering: Filter newly reported issues before they reach the security team. Better Inscentives: Better incentives attract more researchers and reports of higher quality. Sounds Good, But How? Explicit Rules and Scope: Be explicit around what is and isn’t in scope, and rules of engagement.
- 8. New Issue Filtering: Filter newly reported issues before they reach the security team. Better Incentives: Better incentives attract more researchers and reports of higher quality. Sounds Good, But How? Explicit Rules and Scope: Be explicit around what is and isn’t in scope, and rules of engagement.
- 9. Can’t someone else do it? ME, APPROXIMATELY 10 MONTHS AGO
- 11. Total Bounty Submissions (per bounty) 0 35 70 105 140 Nov 16 Dec 16 Jan 17 Feb 17 Mar 17 Apr 17 May 17 Jun 17 Jul 17 Aug 17 Jira/Confluence Cloud StatusPage Bitbucket Cloud Server Products
- 12. Breakdown of Valid Report Severity 0 5 10 15 20 Nov 16 Dec 16 Jan 17 Feb 17 Mar 17 Apr 17 May 17 Jun 17 Jul 17 Aug 17 cvss-critical cvss-high cvss-medium cvss-low
- 13. Percentage of Valid Submissions 0 45 90 135 180 Nov 16 Dec 16 Jan 17 Feb 17 Mar 17 Apr 17 May 17 Jun 17 Jul 17 Aug 17
- 15. Percentage of Valid Submissions (over time) 0 0.25 0.5 0.75 1 Nov 16 Feb 17 Mar 17 Apr 17 Jun 17 Aug 17
- 16. What 75% Valid Submissions Looks Like 0 10 20 30 40 Nov 16 Dec 16 Jan 17 Feb 17 Mar 17 Apr 17 May 17 Jun 17 Jul 17 Aug 17
- 17. New Issue Filtering: Filter newly reported issues before they reach the security team. Better Incentives: Better incentives attract more researchers and reports of higher quality. Deeper Analytics Explicit Rules and Scope: Be explicit around what is and isn’t in scope, and rules of engagement.
- 18. Thank you! MATT HART | SECURITY ENGINEER | ATLASSIAN