Agile + DevOps East 2020 - DevOps Practices | TechWell

Agile + DevOps Virtual 2020 - DevOps Practices

Wednesday, November 11

Ray-Elenteny
Solutech Consulting, LLC
DZ1

Getting Application Developers Onboard the DevOps Train

Add to calendar
Wednesday, November 11, 2020 - 11:45am to 12:45pm

Exceptional businesses understand that frequent delivery cycles can be leveraged as a competitive advantage. This has been a primary driver in the evolution and importance of DevOps culture and processes. A group that often suffers from a lack of urgency in delivering more value more frequently is the people writing the code. It seems ironic as software developers often state that they are most satisfied when their code is being used. A healthy DevOps culture requires willing participants from all constituents. While one would think that development teams having a seat at the table...

Judy Johnson
Onyx Point
DZ2

Automation Justification

Add to calendar
Wednesday, November 11, 2020 - 1:15pm to 2:15pm

To many people, DevOps is solely about automation. Automation is a huge part of the DevOps process, but there are many other aspects to consider. I’ll be talking about how and why DevOps is important to me, and how automation is a part of each of our DevOps steps. We’ll discuss how automation becomes important to each workday by streamlining tasks and leaving time for the more important (and fun) work. We’ll go over why we automate, what we automate, and how we automate. We will have examples of some of the many tools and processes to simplify automation while noting how important choice...

Kim-Davis
ASRC Federal
AW17

DevOps Culture – A Transformational Component for Rapid Value Delivery in the Government

Preview
Add to calendar
Wednesday, November 11, 2020 - 4:00pm to 5:00pm

For government agencies, value generally flows through layers from the agency itself to various contractors and vendors, and eventually into the hands of the users. For meeting agency missions in a timely manner, it is imperative we build a culture of shared responsibility based on the foundations of DevOps and Lean Agile Leadership to transform how we’ve traditionally delivered products, solutions and services. This cultural transformation fosters a “badge-less society” where value driven collaboration becomes the core for delivering faster and with higher quality. This culture...

Thursday, November 12

DZ4

Before Disaster Strikes: Training DevOps Engineers for the Worst

Preview
Add to calendar
Thursday, November 12, 2020 - 11:45am to 12:45pm

Picture this: you are startled awake in the middle of the night by a phone call from your supervisor. An emergency has occurred in production, and the only description is that a heavily trafficked site is down. You rush to a conference call with five of your colleagues to find that everyone has a different assessment about what the problem is and how to fix it. There’s no plan in place for this, and as the DevOps engineer, the decision and responsibility for fixing the problem is yours. There’s only time to try one of these methods; you have minutes, not hours, to find the issue and...

DZ5

DevOps Your Amazon Skills

Add to calendar
Thursday, November 12, 2020 - 1:15pm to 2:15pm

Since 2011 voice assistants have been entering our lives little by little. It wasn't until 2014 that Amazon created the Echo devices with its built-in assistant, Alexa. In 2018 they give us the opportunity for anyone to add functionality through skills, it means to be able to create voice based applications for the first time. Developing an Alexa skill can be a lot of fun, but nobody likes to find negative comments and reviews in order to begin to identify and correct bugs. Skills developers use tests and automation to minimize these risks. In this talk, I will talk about how to test your...

AT17

Things We May Never Get Right

Add to calendar
Thursday, November 12, 2020 - 3:45pm to 4:45pm

When there's no clear right way to solve a difficult problem, how do you avoid getting frozen in indecision?  How do you know if you made the right decision?  How do you know when a decision that used to be the best one isn't any more, and it's time to try something else?

We're part of a global marketplace developed and operated by multiple squads.  We consider ourselves a mature DevOps organization, but there are several things we've really struggled with over the years, and we've even reversed direction at times.  For example: Should designers be assigned to one squad for months...

Wednesday, November 18

DJ Schleen
Rally | United Healthcare
Infusionsoft
DS1

Blameless Retrospectives in DevSecOps at Global Healthcare Giants

Add to calendar
Wednesday, November 18, 2020 - 1:00pm to 1:45pm

Implementing a scalable DevOps program can seem like an impossible task at times. Add security into the mix and the challenge can appear insurmountable. Organizations around the world have come to realize the potential business impacts of adopting DevSecOps and how it can enable engineers to deliver more value to the market faster. While the prospect of transformation seems alluring, a great number of organizations are still unsure of where to start, what’s involved, how much it will cost and how to achieve success. Discussing our triumphs and tragedies not only bring clarity, but champion...

Judy Johnson
Onyx Point
DS2

The Science of Compliance - Early Code to Secure Your Node

Add to calendar
Wednesday, November 18, 2020 - 1:45pm to 2:30pm

We all know that the earlier in the software development process, you start testing, the more money and time you save in the long run. This is the case not only with the coding process, but also with securing your systems. In this talk, we’ll talk about the difference between compliance and security, and how adding compliance is a measurable and repeatable way to make code more secure. We will discuss tools and methodologies for integrating compliance and inserting compliance checking at various places in the development process, starting with a compliant infrastructure, and continuing...

Peter-Hesse
10pearls
DS3

Usability vs. Security: Having Your Cake and Eating It Too

Add to calendar
Wednesday, November 18, 2020 - 2:45pm to 3:45pm

In today’s rapidly changing marketplace, the usability of software is paramount to its adoption and success. However, we also recognize the need for solutions to have resiliency and security. How do you successfully navigate the tradeoffs between usability and security? Simple… you don’t! Instead of choosing one or the other, reject the false tradeoff and instead find ways to embrace both security and usability in your DevSecOps processes. Join Peter Hesse as he discusses strategies for getting security and user experience teams to work closely together, enabling the creation of better...

Thursday, November 19

Alyssa Miller
Snyk, Ltd.
DS5

So Happy Together: Making the Promise of DevSecOps a Reality

Add to calendar
Thursday, November 19, 2020 - 1:00pm to 1:45pm

It may be hard for some to believe, but it’s been over a decade since DevOps was first introduced. It wasn’t very long after that the concept of DevSecOps began to emerge as security practitioners attempted to keep application security practices engaged in software delivery. However, recent surveys show that even in organizations that have adopted a DevSecOps model, security is still often viewed as a bottleneck. This idea of security as an inhibitor can undermine the promise of DevSecOps to deliver a culture of shared responsibility for security. Hacker, former developer, and application...

Rich Mills
Coveros
DS6

DevSecOps: Essential Pipeline Tooling To Enable Continuous Security

Add to calendar
Thursday, November 19, 2020 - 1:45pm to 2:30pm

As we embrace DevOps to optimize our Agility, we need to move away from slow, manually intensive processes into more of a continuous flow of software into production. Whether we are doing true "Continuous Deployment" straight to production or not, we no longer have time for slow, manual, late-lifecycle security assessments to determine if our code is going to put us on the front page of the newspaper (for the wrong reasons). What we need is the visibility to know that our code is secure enough to pass muster every day. What we need is continuous security.

The DevSecOps movement is...

Chris-Romeo
Security Journey
DS7

DevSecOps Culture: Laughing Through the Failures

Add to calendar
Thursday, November 19, 2020 - 2:45pm to 3:30pm

Rolling out DevOps + Security has its series of pitfalls. In this talk, we’ll explore real-world challenges, sprinkling in a bit of humor on behalf of the Internet, and work out the solutions to how to avoid these pain points using security culture. Examples include individuals with a non-collaborative mindset (not playing nice), security tools that provide zero value in the pipeline, old school thinking concerning requirements, the inability to perform threat modeling at DevOps speed, and many more. You’ll experience what can go wrong, to expose how to do things right.

DS8

Go Beyond DevSecOps to Continuous Security

Add to calendar
Thursday, November 19, 2020 - 3:30pm to 4:15pm

Continuous. If you have been around DevOps for any length of time then you have heard this term. As in Continuous Integration, Continuous Build, Continuous Deployment, Continuous Delivery, Continuous Testing, Continuous Planning among others. Now we are living in a time when personal and data privacy matters more than ever, and so one "Continuous" is rising to the forefront: Continuous Security.

But what really IS Continuous Security? Is it simply a notion of running scans and tests as part of a pipeline and reporting vulnerabilities? We think it is much more then that. For years...