In this presentation I'll talk about my experience helping companies moving towards a DevOps and Agile approach, what are the most common problems, solutions and the over-arching journey covering everything from Engineering, planning to leadership.
DOES16 San Francisco - Marc Ng - SAP’s DevOps Journey: From Building an App t...Gene Kim
SAP’s DevOps Journey: From Building an App to Building a Cloud
Marc Ng, Cloud Infrastructure Engineering & Automation, SAP
SAP has been using a DevOps & Continuous Delivery approach for building its web and mobile apps for several years, and is now building and running a global cloud at the scale needed to support the digital transformation needs of its customers. This talk recaps the story of how SAP originally adopted DevOps practices before moving on to describe how the Cloud Infrastructure Services team is building and operating its 3rd generation cloud automation system using microservices, containers and open-source software.
DevOps Enterprise Summit San Francisco 2016
User Experience: Building with Hypermedia for Other FolksNordic APIs
Why do certain technologies succeed in upending the development landscape while so many others fall to the wayside? Can we drive commercial success from technological choices we make on a daily basis?
SPA frameworks like React, and Angular, and opinionated libraries like Ruby on Rails, Spring and Django all share a common obsession with the user experience. Many of the worlds largest organizations grew relying on obsessive customer focus. What can we learn from this to enhance our API Design and Strategy?
In this talk we’ll explore how we can utilize hypermedia to improve experiences for our consumers and developers.
Presented at DOXLON August'15 MeetUp. My update from the initial 6 months at Pearson and how I am trying to drive a real transformation of a 171 year old company to enable better IT Performance.
What is Value Stream Management and why do you need it?Tasktop
Agile has provided a framework for shortening iterations and adapting to ever changing requirements. DevOps established practices for automating the software delivery pipeline. While these methods are becoming standard practices in building software, scaling these concepts is problematic. That’s where Value Stream Management (VSM) comes in.
During this webinar, Senior VSM Strategist, Carmen DeArdo, discusses:
- What is Value Stream Management and why you need it
- How to architect your delivery pipeline for end-to-end flow and delivery speed
- Why moving from a project to product approach is critical to survive in the age of digital disruption
At RS IT Department we took the initiative to trial an SAP Agile Team, in the Back Office team, learning how to best deliver real business changes with Agile methodology using ceremonies, tools and new roles.
DevOps - an Agile Perspective (at Scale)Brad Appleton
by Brad Appleton, Agile Day Chicago 2018, October 26 2018;
This presentation gives a comprehensive introduction to DevOps, for Agile development practitioners. In 2018, there are many misunderstandings about Agile & DevOps and how they relate to one another. Too many think of Agile (development) as primarily "Scrum", and that DevOps is Continuous Integration & Delivery (both of which are wrong). This presentation describes the meaning, origin & history of DevOps from an Agile development perspective.
DOES16 San Francisco - Marc Ng - SAP’s DevOps Journey: From Building an App t...Gene Kim
SAP’s DevOps Journey: From Building an App to Building a Cloud
Marc Ng, Cloud Infrastructure Engineering & Automation, SAP
SAP has been using a DevOps & Continuous Delivery approach for building its web and mobile apps for several years, and is now building and running a global cloud at the scale needed to support the digital transformation needs of its customers. This talk recaps the story of how SAP originally adopted DevOps practices before moving on to describe how the Cloud Infrastructure Services team is building and operating its 3rd generation cloud automation system using microservices, containers and open-source software.
DevOps Enterprise Summit San Francisco 2016
User Experience: Building with Hypermedia for Other FolksNordic APIs
Why do certain technologies succeed in upending the development landscape while so many others fall to the wayside? Can we drive commercial success from technological choices we make on a daily basis?
SPA frameworks like React, and Angular, and opinionated libraries like Ruby on Rails, Spring and Django all share a common obsession with the user experience. Many of the worlds largest organizations grew relying on obsessive customer focus. What can we learn from this to enhance our API Design and Strategy?
In this talk we’ll explore how we can utilize hypermedia to improve experiences for our consumers and developers.
Presented at DOXLON August'15 MeetUp. My update from the initial 6 months at Pearson and how I am trying to drive a real transformation of a 171 year old company to enable better IT Performance.
What is Value Stream Management and why do you need it?Tasktop
Agile has provided a framework for shortening iterations and adapting to ever changing requirements. DevOps established practices for automating the software delivery pipeline. While these methods are becoming standard practices in building software, scaling these concepts is problematic. That’s where Value Stream Management (VSM) comes in.
During this webinar, Senior VSM Strategist, Carmen DeArdo, discusses:
- What is Value Stream Management and why you need it
- How to architect your delivery pipeline for end-to-end flow and delivery speed
- Why moving from a project to product approach is critical to survive in the age of digital disruption
At RS IT Department we took the initiative to trial an SAP Agile Team, in the Back Office team, learning how to best deliver real business changes with Agile methodology using ceremonies, tools and new roles.
DevOps - an Agile Perspective (at Scale)Brad Appleton
by Brad Appleton, Agile Day Chicago 2018, October 26 2018;
This presentation gives a comprehensive introduction to DevOps, for Agile development practitioners. In 2018, there are many misunderstandings about Agile & DevOps and how they relate to one another. Too many think of Agile (development) as primarily "Scrum", and that DevOps is Continuous Integration & Delivery (both of which are wrong). This presentation describes the meaning, origin & history of DevOps from an Agile development perspective.
From Zero to Sixty: Driving a DocOps Based Approach to APIs at Ford Motor Com...Pronovix
How does a 115 year old automaker transform into a Mobility company? Platform Enablement! The session take a look under the hood at Ford and will highlight Ford’s ongoing journey into building and cultivating a DocOps and developer centric approach to APIs.
Radical Roadmapping - Creating Synchronized Agile Product and Technology Road...Matt Roberts
This session will discuss why a company would create and maintain three major artifacts - Innovation Roadmap, Infrastructure/ Platform Roadmap, and Operations/DevOps Roadmap - as well as the process to do so. Further, it will cover how to synchronize them in order to move away from making "OR" decisions to making "AND" decisions that will please all stakeholders. It will also discuss key cultural changes that must be present in order to achieve maximum benefit from this approach and challenges experienced along the way to making this a reality at Socialware, a SaaS product company. Finally, this session will include real world examples of the evolution of these roadmaps over 18 months that participants can take away and use as guidelines for their own situations.
This was presented at the Keep Austin Agile 2016 conference, the #AgileAustin Product SIG and Product Camp Austin 2016 (#PCATX17)
Let's drop the tester labels such as "functional tester", "system integration tester", "automation tester", etc. More and more teams are cross-functional and team members are required to be poly-skilled. If you are testing you can and should be involved in the full SDLC, which should include deployments and infrastructure. Just like there is application code, there is infrastructure code, which needs testing too. So where do you fit in? How can you remain relevant and helpful in the DevOps world?
How to align architecture and organizational structure to better your products, processes and people.
A skillset for the organizationally-aware architect
Socio-technical architecture
Feedback loops
Conway's law
Knowledge creation and retention
Behavioral analysis
Most senior executives in large enterprises believe DevOps and CI/CD are interchangeable. If I have a CI/CD pipeline, I am “doing DevOps”, right? Not exactly. The dilemma that these executives have is that they don’t believe DevOps can be with the people they have. It can be done. I’ll show you how!
Creating a DevOps Practice for Analytics -- Strata Data, September 28, 2017Caserta
Over the past eight or nine years, applying DevOps practices to various areas of technology within business has grown in popularity and produced demonstrable results. These principles are particularly fruitful when applied to a data analytics environment. Bob Eilbacher explains how to implement a strong DevOps practice for data analysis, starting with the necessary cultural changes that must be made at the executive level and ending with an overview of potential DevOps toolchains. Bob also outlines why DevOps and disruption management go hand in hand.
Topics include:
- The benefits of a DevOps approach, with an emphasis on improving quality and efficiency of data analytics
- Why the push for a DevOps practice needs to come from the C-suite and how it can be integrated into all levels of business
- An overview of the best tools for developers, data analysts, and everyone in between, based on the business’s existing data ecosystem
- The challenges that come with transforming into an analytics-driven company and how to overcome them
- Practical use cases from Caserta clients
This presentation was originally given by Bob at the 2017 Strata Data Conference in New York City.
Organizational culture plays a major role in adopting and adapting Service Management processes. Given the uptake of multiple frameworks, standards and practices, IT has actually evolved into a multi-cultural society, each with its evangelists and detractors. This presentation provides the ingredients for a potent “IT Culture Cocktail” using DevOps as the mixer. Come join the party and become an “IT Culture Mixologist”.
apidays Paris 2022 - APIOPS Cycles, Marjukka Niinioja, Osaangoapidays
apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022
APIOPS Cycles
Marjukka Niinioja, CEO of Osaango
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
Slides from a webinar October 2021.
This webinar tells the story of Earnestine from starting her new job as an Enterprise Architect to having set up an impactful collaborative Enterprise Architecture (EA) practice that spans the whole company. Using this story, recurring Enterprise Design Patterns, typical blockers and proven solution strategies are presented in an easy-to-understand way.
You will learn:
- How to set up a continuous, collaborative EA process?
- How to build the relationships with the many stakeholders?
- How do you get the management support you need?
- Which EA maps and tools are valuable in which context?
- How to integrate EA with multi-project management and corporate strategy?
Mind the Gap: Bridging the Divide Between the Business and Agile/DevOps Teams...Tasktop
Software delivery organizations have transformed the way they develop and deliver software, adopting Agile and DevOps practices to help them achieve ambitious business targets. But as more teams see success with these methods, they’re finding that there’s a disconnect keeping them from reaching their full potential.
Join us as featured guest Chris Condo, Sr. Analyst at Forrester discusses findings from their recent report on value stream management and how organizations are bridging the gap between the business and their Agile and DevOps teams to maintain their competitive edge.
We’ll discuss how adopting value stream management enables IT leadership to:
* Track the flow of work across the entire lifecycle, from ideation to production and back through feedback loops
* Get beyond localized optimization to measure and improve the speed at which functionality is being delivered to customers
* Relate value stream delivery to business objectives like revenue and customer retention
The People Pillar of Cloud Adoption: Developing Your Workforce & Building Dig...Amazon Web Services
A successful cloud-transformation journey incorporates three pillars: people, process, and technology. Far too often, organisations focus on process improvements and technology implementation, but ignore the human aspect. Many leaders acknowledge that the first two are easy to modify, while influencing culture is more difficult. This session covers best-practice methods meant to empower customers to address this challenge. Learn about roles and responsibilities germane to the transition and post-cloud adoption phase. Assess your organisation’s gaps among the requisite skills and competencies, build effective training models, and shape an effective DevOps culture.
DevOps provides the ability to increase time to market to an new level. The question is no longer if we need to speed up our delivery. The challenge is to find the right „pace“ for your product. Not every organization and every product needs to run at the speed of Netflix and Spotify, even if we’d like it to be like this. We need to adjust the organization, processes and tools appropriatly and to identify the real bottlenecks in the delivery pipeline continuously. And by the way, we need to justify our investment in the DevOps mission. Are we just automating the current processes or can we use this DevOps thing to really support our business? In this talk, I’d like to discuss with you how to find the right design for your delivery process and your organization to behave as a business enabler and how you can scale DevOps within your organization without loosing agility. Let’s explore how we can listen carefully to the unknown customer out there and to build software they really like in the speed of your business.
2i recently attended a DevOps Summit in London to learn more about how different companies have implemented DevOps. Read our overview to gain a better understanding of the DevOps operating model.
Always wanted to know more about how cgroups work in Linux, where do they come from and how they shape the way we do containers nowadays? Look no further!
In this talk Marc will try to give you a bit of history of cgroups, where the idea comes from (the answer might surprise you) and how cgroups have evolved over time.
DevOps and Agile are great at speeding up development and providing quick results, however most organisations struggle to transition and adapt their team and leadership structures, which is made of FAIL.
In this talk I'll go through some of the experiences I had and interesting ways to solve it while keeping it light so you don't have to run for coffee.
More Related Content
Similar to The DevOps journey - How to get there painlessly
From Zero to Sixty: Driving a DocOps Based Approach to APIs at Ford Motor Com...Pronovix
How does a 115 year old automaker transform into a Mobility company? Platform Enablement! The session take a look under the hood at Ford and will highlight Ford’s ongoing journey into building and cultivating a DocOps and developer centric approach to APIs.
Radical Roadmapping - Creating Synchronized Agile Product and Technology Road...Matt Roberts
This session will discuss why a company would create and maintain three major artifacts - Innovation Roadmap, Infrastructure/ Platform Roadmap, and Operations/DevOps Roadmap - as well as the process to do so. Further, it will cover how to synchronize them in order to move away from making "OR" decisions to making "AND" decisions that will please all stakeholders. It will also discuss key cultural changes that must be present in order to achieve maximum benefit from this approach and challenges experienced along the way to making this a reality at Socialware, a SaaS product company. Finally, this session will include real world examples of the evolution of these roadmaps over 18 months that participants can take away and use as guidelines for their own situations.
This was presented at the Keep Austin Agile 2016 conference, the #AgileAustin Product SIG and Product Camp Austin 2016 (#PCATX17)
Let's drop the tester labels such as "functional tester", "system integration tester", "automation tester", etc. More and more teams are cross-functional and team members are required to be poly-skilled. If you are testing you can and should be involved in the full SDLC, which should include deployments and infrastructure. Just like there is application code, there is infrastructure code, which needs testing too. So where do you fit in? How can you remain relevant and helpful in the DevOps world?
How to align architecture and organizational structure to better your products, processes and people.
A skillset for the organizationally-aware architect
Socio-technical architecture
Feedback loops
Conway's law
Knowledge creation and retention
Behavioral analysis
Most senior executives in large enterprises believe DevOps and CI/CD are interchangeable. If I have a CI/CD pipeline, I am “doing DevOps”, right? Not exactly. The dilemma that these executives have is that they don’t believe DevOps can be with the people they have. It can be done. I’ll show you how!
Creating a DevOps Practice for Analytics -- Strata Data, September 28, 2017Caserta
Over the past eight or nine years, applying DevOps practices to various areas of technology within business has grown in popularity and produced demonstrable results. These principles are particularly fruitful when applied to a data analytics environment. Bob Eilbacher explains how to implement a strong DevOps practice for data analysis, starting with the necessary cultural changes that must be made at the executive level and ending with an overview of potential DevOps toolchains. Bob also outlines why DevOps and disruption management go hand in hand.
Topics include:
- The benefits of a DevOps approach, with an emphasis on improving quality and efficiency of data analytics
- Why the push for a DevOps practice needs to come from the C-suite and how it can be integrated into all levels of business
- An overview of the best tools for developers, data analysts, and everyone in between, based on the business’s existing data ecosystem
- The challenges that come with transforming into an analytics-driven company and how to overcome them
- Practical use cases from Caserta clients
This presentation was originally given by Bob at the 2017 Strata Data Conference in New York City.
Organizational culture plays a major role in adopting and adapting Service Management processes. Given the uptake of multiple frameworks, standards and practices, IT has actually evolved into a multi-cultural society, each with its evangelists and detractors. This presentation provides the ingredients for a potent “IT Culture Cocktail” using DevOps as the mixer. Come join the party and become an “IT Culture Mixologist”.
apidays Paris 2022 - APIOPS Cycles, Marjukka Niinioja, Osaangoapidays
apidays Paris 2022 - APIs the next 10 years: Software, Society, Sovereignty, Sustainability
December 14, 15 & 16, 2022
APIOPS Cycles
Marjukka Niinioja, CEO of Osaango
------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
Slides from a webinar October 2021.
This webinar tells the story of Earnestine from starting her new job as an Enterprise Architect to having set up an impactful collaborative Enterprise Architecture (EA) practice that spans the whole company. Using this story, recurring Enterprise Design Patterns, typical blockers and proven solution strategies are presented in an easy-to-understand way.
You will learn:
- How to set up a continuous, collaborative EA process?
- How to build the relationships with the many stakeholders?
- How do you get the management support you need?
- Which EA maps and tools are valuable in which context?
- How to integrate EA with multi-project management and corporate strategy?
Mind the Gap: Bridging the Divide Between the Business and Agile/DevOps Teams...Tasktop
Software delivery organizations have transformed the way they develop and deliver software, adopting Agile and DevOps practices to help them achieve ambitious business targets. But as more teams see success with these methods, they’re finding that there’s a disconnect keeping them from reaching their full potential.
Join us as featured guest Chris Condo, Sr. Analyst at Forrester discusses findings from their recent report on value stream management and how organizations are bridging the gap between the business and their Agile and DevOps teams to maintain their competitive edge.
We’ll discuss how adopting value stream management enables IT leadership to:
* Track the flow of work across the entire lifecycle, from ideation to production and back through feedback loops
* Get beyond localized optimization to measure and improve the speed at which functionality is being delivered to customers
* Relate value stream delivery to business objectives like revenue and customer retention
The People Pillar of Cloud Adoption: Developing Your Workforce & Building Dig...Amazon Web Services
A successful cloud-transformation journey incorporates three pillars: people, process, and technology. Far too often, organisations focus on process improvements and technology implementation, but ignore the human aspect. Many leaders acknowledge that the first two are easy to modify, while influencing culture is more difficult. This session covers best-practice methods meant to empower customers to address this challenge. Learn about roles and responsibilities germane to the transition and post-cloud adoption phase. Assess your organisation’s gaps among the requisite skills and competencies, build effective training models, and shape an effective DevOps culture.
DevOps provides the ability to increase time to market to an new level. The question is no longer if we need to speed up our delivery. The challenge is to find the right „pace“ for your product. Not every organization and every product needs to run at the speed of Netflix and Spotify, even if we’d like it to be like this. We need to adjust the organization, processes and tools appropriatly and to identify the real bottlenecks in the delivery pipeline continuously. And by the way, we need to justify our investment in the DevOps mission. Are we just automating the current processes or can we use this DevOps thing to really support our business? In this talk, I’d like to discuss with you how to find the right design for your delivery process and your organization to behave as a business enabler and how you can scale DevOps within your organization without loosing agility. Let’s explore how we can listen carefully to the unknown customer out there and to build software they really like in the speed of your business.
2i recently attended a DevOps Summit in London to learn more about how different companies have implemented DevOps. Read our overview to gain a better understanding of the DevOps operating model.
Similar to The DevOps journey - How to get there painlessly (20)
Always wanted to know more about how cgroups work in Linux, where do they come from and how they shape the way we do containers nowadays? Look no further!
In this talk Marc will try to give you a bit of history of cgroups, where the idea comes from (the answer might surprise you) and how cgroups have evolved over time.
DevOps and Agile are great at speeding up development and providing quick results, however most organisations struggle to transition and adapt their team and leadership structures, which is made of FAIL.
In this talk I'll go through some of the experiences I had and interesting ways to solve it while keeping it light so you don't have to run for coffee.
Puppet and your Metadata - PuppetCamp London 2015Marc Cluet
How do you organise your metadata in Puppet, it's important to know all the different options, choices and steps you can do to make your metadata rock!
This talk will guide you through the first steps to understand Consul and do some cool stuff with it.
You also have a live Vagrant demo available in github at https://github.com/lynxman/consul-first-steps
Autoscaling Best Practices - WebPerf Barcelona Oct 2014Marc Cluet
This talk is an evolution of the one presented at FOSDEM'14, we talk about what are the common practices and methodologies for autoscaling, we also cover some best practices and the global scope of autoscaling inside your infrastructure.
Innovation in the Cloud - Rackspace Zurich EventMarc Cluet
This presentation talks about the challenges of innovating and transforming your application to be cloudy.
It's also an introduction to DevOps for business.
Introduction to DevOps - Rackspace tech nightMarc Cluet
Talk given during the July Rackspace tech night which is an introduction to DevOps, no need for any previous technical knowledge as this concentrates on the culture and methodology.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
2. October 17, 2018
@lynxman
Co-Founder of Ukon Cherry
Working at DevOpsGroup
Organiser of London DevOps
Organiser of DevSecOpsDays London
Previously DevOps instigator at
Rackspace, Trainline, Canonical
Been DevOps’in for the last 9 years
Who am I?
6. October 17, 2018
So many questions!
How about uptime?
What about
compliance?
What about old
software?
What to do with
current provider
contracts?
How much this will
cost?
What about my job
position? Will it
change?
How can we hire new
people competing
against big players?
How can we uptrain all
our current
Engineers?
What about our
outsource team?
How to get onboard
the C-level
executives?
How this will affect
Business As Usual
How this will align with
ITIL/ITSM?
7. October 17, 2018
What good looks like
Aspect of Software
Delivery
Performance
Low Medium High Elite
Deployment
Frequency
On-demand
(multiple per day)
Once per hour to
once per day
Once per week to
once per month
Once per week to
once per month
Lead time for
changes
Less than one hour One day to one week One week to one
month
One to six months
Time to restore
service
Less than one hour Less than one day Less than one day Between one week
and one month
Change failure rate 0% to 15% 0% to 15% 0% to 15% 46% to 60%
DORA State of DevOps Report 2018
8. October 17, 2018
Learning
Keep C.A.L.M.S. and carry on!
Culture
Automation
Lean
Sharing
Measurement
Optimising
DevOps
Values
9. October 17, 2018
Change creates tension
https://www.flickr.com/photos/redux/4040224962/
People
Process
Tools
12. October 17, 2018
Know where your teams are
Application Portfolio Processes
Deployment
methodology
Development
Methodology
Code External
Dependencies
Internal Team
Dependencies
General satisfaction
Will to change
Knowledge
bottlenecks
14. October 17, 2018
Create a plan
First 3 months
Clear objectives
Clear timelines
Measure everything
Feedback process
First 6 months
Next steps objectives
Aspirational timelines
Measure everything
Feedback process
First year
Aspirational objectives
No timelines
Measure everything
Feedback process
Future
Aspirational everything
16. October 17, 2018
Target Operating Model
New ways of working
Reduce human error
Reduce repetitive ! tasks, automate early
Shift contribution towards valuable Engineering
Shift left security, make it an integral part of your design
Increase governance, standardise outputs
17. October 17, 2018
Target Operating Model
New organisational culture
Reduce silos and bottlenecks
Create appropriate teams, short lived if necessary
Make things easy, if somebody doesn’t know how to use it it’s a bug!
Constant feedback, culture and process open to change
19. October 17, 2018
Target Operating Model
DON’T COPY THE MODEL
Only you know the blend of skills and needs for your company
20. October 17, 2018
Get people onboard
Put people first always
Identify your champions
Create short lived spikes to spread knowledge and culture
Ensure people are happy with direction and decisions
21. October 17, 2018
Application Transformation
Chisel away the monolith
Reduce the complexity/size of workloads to deploy
Design applications to fail gracefully
Ensure availability for external dependencies if possible
Focus on reducing the blast radius
23. October 17, 2018
Application Transformation
Continuous Delivery
Automate testing as much as possible
Differentiate between internal quality and external quality (QA team)
Concentrate on test coverage
Make tests meaningful/useful and business oriented
24. October 17, 2018
Application Transformation
Continuous Deployment
Deployment should not be scary or special
Make deployments automatic
Always have an automatic rollback/roll forward strategy
Ensure audit trail of deployments
28. October 17, 2018
In Summary
Change is hard! It always creates tension
Understand where your teams are
Have a Mission, Vision and plan
Measure everything and get feedback early
Create a TOM putting people always first
Transform your applications to be anti-fragile where possible
Automation and testing are key
Reduce fear of deployment and rollback by automation
The job is never finished, keep iterating and changing