Agile + DevOps East 2019 - DevOps Automation | TechWell

Agile + DevOps East 2019 - DevOps Automation

Wednesday, November 6

AW6

Wabi-Sabi Your DevSecOps

Add to calendar
Wednesday, November 6, 2019 - 10:30am to 11:30am

The ability of DevSecOps to produce secure code requires the merging of two very different cultures: AppSec and DevOps. While AppSec lives in a black-and-white world of secure or not secure that would cause “Hello World” to take six months to release, DevOps knows that the reality of software development is actually shades of gray, especially as demands are increasingly placed on development teams to produce more, faster. Brittany Greenfield will teach you how to apply the Japanese concept of wabi-sabi, which accepts imperfections in the things that we create, to DevSecOps, allowing you to...

Blaine Carter
Oracle
AW14

DevOps Tools for Database Developers

Add to calendar
Wednesday, November 6, 2019 - 11:45am to 12:45pm

You're thinking about modernizing your database development process ... someday. You have directories full of SQL files you use to build your application. You know unit tests should be included as part of your build process, and you are going to start adding them ... maybe next week. Does this sound like you? If you think modernizing your dev process will be difficult, time-consuming, and expensive, you may be surprised at how easy and cost-effective it is to get started. Blaine Carter will explore how to manage your database application in a continuous development pipeline. He will talk...

Tom Stiehm
Coveros, Inc.
AW22

Shifting Security Left: The Innovation of DevSecOps

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

DevSecOps uses application security practices that have existed for a while. The innovation of DevSecOps is incorporating security into the daily workflow of the team rather than leaving it to the end, shifting security left by automating aspects of security testing. DevSecOps leverages DevOps practices to make application security a first-class citizen in the practices of modern software development. But that requires a culture change: DevSecOps starts before the code is even written, using techniques like threat modeling and risk analysis to figure out who will attack you and how. Come...

Thursday, November 7

Matty Stratton
PagerDuty
AT6

The Psychology of Chaos Engineering

Add to calendar
Thursday, November 7, 2019 - 10:00am to 11:00am

Chaos engineering, failure injection, and similar practices have verified benefits to the resilience of systems and infrastructure. But can they provide similar resilience to teams and people? What are the effects and impacts on the humans involved in the systems? This talk will delve into both positive and negative outcomes for all the groups of people involved, including users, engineers, product owners, and business owners. Using case studies from organizations where chaos engineering has been implemented, Matty Stratton will explore the changes in attitude that these practices create,...

Lee Barnes
Utopia Solutions
AT14

Effective Test Automation in DevOps

Preview
Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

The ultimate objective of a DevOps approach is to deliver quality products to your customers as efficiently as possible. DevOps shops that achieved this state point to continuous testing as a key contributor to their success. However, QA and testing have become forgotten along the DevOps journey of many organizations. For groups that have incorporated testing, many have a release cadence that resembles something more like waterfall. The culprit is often the inability to incorporate stable automation into their testing practices. Lee Barnes will discuss how organizations can address...

Michelle Hodges
Red Ventures
AT22

Build It, Buy It, or Both? An Engineering-Focused Approach to Security Tooling

Add to calendar
Thursday, November 7, 2019 - 3:30pm to 4:30pm

The technology market is growing faster than the security tooling market that supports it. This puts security teams in difficult situations where the available tooling may only provide a partial solution to critical problems, so you may wonder: Do we buy it, build it, or both? This led Michelle Hodges's company to build an internal agile development team dedicated to creating custom security tooling for the various groups within the security and privacy organization. In weeks, they produced live products that enabled them to process data, show metrics, and automate work pipelines, all...

Derek Ashmore
Asperitas Consulting
AT30

AWS Lambda: Best Practices and Common Mistakes

Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

AWS Lambda is a serverless architecture that relieves you of hardware and scaling setup concerns. AWS Lambda functions are used by many organizations for serverless application development and automating DevOps tasks. But many teams start using AWS Lambdas and uncover problems such as running into resource limits, debugging nested lambda defects, managing code change across dozens of AWS accounts, and many more. Derek Ashmore will provide tips and tricks to make your AWS Lambda functions usable in different contexts and easier to develop and support. He will show you how to mitigate common...