Agile + DevOps East 2019 - Developer | TechWell

Agile + DevOps East 2019 - Developer

Customize your Agile + DevOps East 2019 experience with sessions for software developers.

Monday, November 4

Danilo Sato
ThoughtWorks
MA

Continuous Delivery in Practice: A Hands-On DevOps Workshop

Add to calendar
Monday, November 4, 2019 - 8:30am to 4:30pm

For many organizations, delivering software into production has become increasingly more complex with long testing cycles and a division between development and operations teams. DevOps is a cultural movement that is breaking down those barriers. Focusing on automation, collaboration, tools, and knowledge sharing, DevOps is showing that developers and system engineers have much to learn from each other. Through a series of hands-on exercises, Danilo Sato will use a sample web application to demonstrate how to automate its build and deployment pipeline, using infrastructure and pipeline as...

Melissa_Benua
mParticle
MC

Test Design for CI/CD Delivery

Preview
Add to calendar
Monday, November 4, 2019 - 8:30am to 12:00pm

Imagine this … As soon as any developed functionality is submitted into the code repository, it is automatically subjected to the appropriate battery of tests and then released straight into production. Setting up the pipeline capable of doing just that is becoming more and more common and something you need to know about. But most organizations hit the same stumbling block—just what IS the appropriate battery of tests? Automated build architectures don't always lend themselves well to the traditional stages of testing. In this hands-on tutorial, Melissa Benua introduces you to key...

Ryan Ripley
Independent Consultant
ME

Coaching Workshop: Taking Your Scrum to the Next Level

Add to calendar
Monday, November 4, 2019 - 8:30am to 12:00pm

Are you struggling to achieve results from your agile and Scrum teams? Are you having trouble with user story writing or with effective estimation and forecasting? Are your sprint reviews and retrospectives low focus and low energy? What about gaining traction on the organization-side of things? Do your leaders actually understand the underlying principles? Are they measuring things properly? And what about Scrum at Scale—how’s that going? If you have questions, any questions, about how to improve specific practices or generally how to improve your agile journey, then this tutorial is for...

Mary Thorn
Vaco
Bob Galen
Vaco
MF

Learning How to Lead High-Performing Agile Teams

Add to calendar
Monday, November 4, 2019 - 8:30am to 12:00pm

Currently much of agile adoption—coaching, advice, techniques, training, and even the empathy—revolves around the agile teams. Leaders are typically ignored, marginalized at best, and in the worst cases even vilified. But Bob Galen and Mary Thorn contend that there is a central and important role for managers and leaders within agile environments. Join Bob and Mary as they explore the patterns of mature agile managers and leaders. Examine why those who understand servant leadership know how to effectively support, grow, coach, and empower their agile teams in ways that increase the team's...

Tuesday, November 5

Coveros
TB

Introducing Docker and Kubernetes to Your DevOps Toolchain

Add to calendar
Tuesday, November 5, 2019 - 8:30am to 4:30pm

As organizations look to improve the speed with which they deliver software, they increasingly turn to microservices and infrastructure-as-code for software architecture and delivery techniques to help leverage value from their DevOps adoptions. Docker, an industry standard containerization tool, facilitates moving processes into isolated environments that can be frozen into images, with an ecosystem that helps developers across organizations build and share these containers. Kubernetes builds on these capabilities and allows a software team to break down their application into small,...

Gene Gotimer
Coveros, Inc.
TD

Developing Secure Software—A Hands-on Approach

Add to calendar
Tuesday, November 5, 2019 - 8:30am to 12:00pm

If your idea of security in the development process is throwing your code to the security team for approval just before you deliver your app, release deadlines are probably stressful for you. You also know that there has to be a better way—a way to build security into the code from the beginning so that you have confidence that your code is as secure as you can make it when you deliver it. You have to use the right tools, while you pay attention to the details and the right techniques. Most of all, you have to be disciplined to use proper coding and testing practices. With a good...

Tom Stiehm
Coveros, Inc.
TF

Tools for DevSecOps

Add to calendar
Tuesday, November 5, 2019 - 8:30am to 12:00pm

DevOps is about creating alignment across the value stream for an application, service, or product. DevSecOps integrates security into this process, making the entire team responsible for delivering secure code that works and can be deployed and used securely. But how do you actually do that? What tools do you add to your DevOps pipeline to help make your software secure and provide your stakeholders with a high level of confidence that the software meets all security requirements & standards? In this tutorial Tom Stiehm will explore what security tools you can add to your DevOps...

Dana Pylayeva
Agile Play Consulting LLC
TI

Introduction to DevOps with Chocolate and LEGOs

Preview
Add to calendar
Tuesday, November 5, 2019 - 1:00pm to 4:30pm

Organizations today can no longer afford to deliver new features to their respective markets once a year or even once a quarter. In the attempt to catch up with the competition, they jump onto DevOps journey starting with the "How" and losing the sight of "Why" and "What". Join this gamified simulation tutorial to gain a solid understanding of foundational principles of the DevOps culture. Experience the benefits of DevOps transformation even before initiating one in your enterprise! This tutorial is ideally designed for organizations that are evaluating their approach to DevOps...

Wednesday, November 6

AW6

Wabi-Sabi Your DevSecOps

Add to calendar
Wednesday, November 6, 2019 - 10:30am to 11:30am

The ability of DevSecOps to produce secure code requires the merging of two very different cultures: AppSec and DevOps. While AppSec lives in a black-and-white world of secure or not secure that would cause “Hello World” to take six months to release, DevOps knows that the reality of software development is actually shades of gray, especially as demands are increasingly placed on development teams to produce more, faster. Brittany Greenfield will teach you how to apply the Japanese concept of wabi-sabi, which accepts imperfections in the things that we create, to DevSecOps, allowing you to...

Lisa Maurer
State Farm
AW7

Continuous Delivery Dojo: From Doing Agile to Being Agile

Preview
Add to calendar
Wednesday, November 6, 2019 - 10:30am to 11:30am

State Farm adopted an innovative approach to a common problem many organizations face with agile transformation: How do you influence, nurture, and support a whole scale culture of agility? How do you move from doing agile to being agile? The solution was to institute a continuous delivery dojo. State Farm is going on its third year of supporting delivery teams at scale in enhancing agile maturity and establishing a continuous delivery culture. The dojo represents a dedicated place to work with teams to change mindsets, skill sets, and toolsets. It also represents an opportunity to...

Jen Wright
GrayHair Software
Sally Vassalotti
GrayHair Software
AW8

Open Mic: Coaching Up in Your Organization

Add to calendar
Wednesday, November 6, 2019 - 10:30am to 11:30am

The term “coaching up” traditionally refers to communication with a supervisor or person above you in the organizational chart. Coaching up strategies can be effective for all levels: Have you ever had a conversation with a boss, product owner, ScrumMaster, or leader that did not go well? Is one of your teammates dropping the ball? Often our instincts tell us to go on the defensive, which may result in the blame game. Instead, when difficult situations happen—or, better yet, when you anticipate them—let superiors know in a polite and helpful manner. They will appreciate your initiative....

Blaine Carter
Oracle
AW14

DevOps Tools for Database Developers

Add to calendar
Wednesday, November 6, 2019 - 11:45am to 12:45pm

You're thinking about modernizing your database development process ... someday. You have directories full of SQL files you use to build your application. You know unit tests should be included as part of your build process, and you are going to start adding them ... maybe next week. Does this sound like you? If you think modernizing your dev process will be difficult, time-consuming, and expensive, you may be surprised at how easy and cost-effective it is to get started. Blaine Carter will explore how to manage your database application in a continuous development pipeline. He will talk...

Linda Rising
Independent
AW16

An Agile Fireside Chat with Linda Rising

Add to calendar
Wednesday, November 6, 2019 - 11:45am to 12:45pm

Come get your questions answered by an agile expert! We won't have an actual fireside, but Linda Rising will be on hand to answer your questions and discuss the topics that are most important to you. Linda is an internationally known presenter on topics related to agile development, patterns, retrospectives, the change process, and the connection between the latest neuroscience and software development. And she wants to discuss whatever interests you. Bring your questions and be ready for a lively, interactive discussion.

Peter Varhol
Technology Strategy Research
Gerie_Owen
Technology Strategy Research
AW20

Testing Serverless Applications

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

Serverless cloud applications are rapidly moving into the mainstream. In this model, teams focus on developing and deploying code on a known technology stack and runtime, with fixed interfaces for application, database, and network. It offers the advantage of lower costs, faster development, and elastic growth. But testing serverless applications also brings significant challenges to testers. Because the stack is maintained by the cloud provider, it is updated with new versions and security patches on a regular basis. Testers have to continuously test the stack interfaces to make sure that...

Sean Miller
Capital One
Suresh Chellapilla
Capital One
AW21

You Build It, You Own It!

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

The days of writing software and throwing it over the proverbial wall to operations and production support teams are over. It’s time we, as software development teams, become more accountable and take pride and ownership in what we do. The results will be better transparency, more autonomy, and reduced risk (among other things). Join Sean and Suresh as they walk through how Capital One tackled one particular project by leveraging DevOps and forming their "you build it, you own it" principles. You'll gain a better understanding of how to improve quality within your agile teams and how to...

Tom Stiehm
Coveros, Inc.
AW22

Shifting Security Left: The Innovation of DevSecOps

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

DevSecOps uses application security practices that have existed for a while. The innovation of DevSecOps is incorporating security into the daily workflow of the team rather than leaving it to the end, shifting security left by automating aspects of security testing. DevSecOps leverages DevOps practices to make application security a first-class citizen in the practices of modern software development. But that requires a culture change: DevSecOps starts before the code is even written, using techniques like threat modeling and risk analysis to figure out who will attack you and how. Come...

Michelle Hodges
Red Ventures
AW23

Wage Your Bets: Microservice, Monolith, or Serverless

Add to calendar
Wednesday, November 6, 2019 - 3:00pm to 4:00pm

Microservice, Monolith, and Serverless are some of the three architectural styles that have recently gained popularity. Some engineers swear one over the other, but in reality, there is no black and white: there are advantages and disadvantages, depending on each use case. For example, if the flow of your services are dependent on another and each service doesn’t need to scale independently, is it worth increasing the development power it needs to maintain infrastructure? In this talk, Michelle Hodges will provide the pros and cons of going one way versus another, providing real life...

Thursday, November 7

Leslie Lowman
AvidXchange
AT12

Legacy Code and Testing: Let's Energize It!

Preview
Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

Do you want to apply test automation to decade-old spaghetti code but aren't sure where to start? Many teams talk about needing automated tests in order to deliver faster, better quality but don't know just how to get there. Their code was created without a lot of the tools we have today or may have automation that centers on slow, record-and-playback methods. Join Leslie Lowman for an in-depth look at examples of this situation. She'll give some prerequisites, like instituting a solid testing model that focuses on automation, and show how to apply the testing model to older code,...

Tim_Guay
AgileWorks
AT15

A Fool with a Tool: The Dangers of Ignoring Culture by Overfocusing on Tools

Preview
Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

Many organizations ignore culture and overfocus on picking and implementing the right tools. However, these tools have underlying cultural assumptions. If the current culture does not support these assumptions, then automation will only have limited success, or even fail altogether. So how do you address this problem? By recognizing that overfocusing on tools is a problem in the first place. Start by understanding the cultural assumptions supporting the optimum use of the tools, as well as how your organization measures up in relation to high-performing organizations. Finally,...

Owen Gotimer
TechWell
AT16

A DevOps Fireside Chat with Andy Glover

Add to calendar
Thursday, November 7, 2019 - 11:30am to 12:30pm

You've got DevOps questions, and we've got Andy Glover to answer them for you. He won't really be sitting by the fire, but he will be on hand to talk about all things DevOps. From his experiences building the Spinnaker continuous delivery platform to writing the open-source BDD framework easyb, Andy wants to talk about the things that worry you or thrill you about DevOps. Bring your questions and be ready for a lively, interactive discussion.

Owen Gotimer
TechWell
B1

Agile+DevOps Feud!

Add to calendar
Thursday, November 7, 2019 - 1:30pm to 2:00pm

Join us for a game of Agile+DevOps Feud, where two teams of thought leaders compete to name the most popular responses to survey questions to win bragging rights and to share their experiences. Questions and voting will be in the TechWell Hub leading up to the conference, where community members will name their greatest concerns, best practices, etc. Our two teams of panelists, will do their best to guess the community’s viewpoint, and the winning team will get to explain how they deal with those concerns. Our panelists are competing...

Jim Collins
CUNA Mutual Group
AT18

Using Lean XP to Supercharge Your Agile Delivery

Preview
Add to calendar
Thursday, November 7, 2019 - 3:30pm to 4:30pm

Most teams that do agile development start with Scrum. And why not? Scrum is a proven method for focusing your team, ensuring that work adds value, and minimizing the risk with release. Then, after awhile, Scrum becomes stagnant. There are no more speed increases, and the team focuses more on ceremonies than delivery. At this point, Extreme Programming (XP), and Lean XP in particular, is the next step in agile maturity. Lean XP means developing software at the last possible moment ("just-in-time development") using one-week sprints, test driven development, pairing at all levels,...

Guy Herbert
Atlassian
AT21

How DevOps and Agile Fit with Compliance Obligations

Add to calendar
Thursday, November 7, 2019 - 3:30pm to 4:30pm

DevOps and agile are designed to help you be adaptable and move quickly. But meeting your compliance obligations tends to slow you down and make processes rigid. However, by using key components of agile and DevOps and approaching compliance obligations from a different angle, you can meet your obligations while being adaptable. Guy Herbert will show examples of how his company structures their CI/CD processes to include compliance and how they have changed their compliance approach to be able to better meet the needs of the DevOps teams. Guy will also discuss the cultural implications of...

Robin Foster
Coveros
AT25

Maximizing Agile Benefits through Understanding Learning Styles

Preview
Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

The Agile Manifesto says we value people and interactions over processes and tools. Yet when we talk about the agile methods, we usually end up talking about processes. Agilists use timeboxing as a forcing function to draw out resolutions and decisions. What if we just needed a better way to describe our needs and issues? What if we could actually be more effective with our communication? Join Robin Foster as he explores the relationships between learning, memory, communication, teaching, and the agile framework. Discover the cognitive science behind the process of learning new...

AT28

Contract Testing with Pact: A Different Approach

Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

With the microservice architecture evolving and becoming a golden standard, the necessity of testing the contracts between services appears to be more and more obvious. One of the most interesting solutions here is the Pact tool, which helps with testing and verifying the API contracts in a CI/CD manner and opens up a lot of interesting possibilities. However, the devil is always in the details: the implementation. We need to configure the Pact mock servers, but similar configurations are often needed across all the different parts of testing, from the verification of the providers to end-...

Dave Karow
Split
AT29

Feature Flagging: Proven Patterns for Control and Observability in Continuous Delivery

Preview
Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

Are you moving faster than fast? Congrats! Chances are you already use feature flags to decouple code deployments from feature rollouts. Whether you use a roll-your-own feature-flagging solution (with a few quirks) or a feature-flags-as-a-service solution, hopefully you post feature flag rollout changes to something like Datadog so that when a flag rollout lines up with an obvious spike, you know whom to have a talk with. It's a solid start, but that’s just the basics. What do data-driven CD ninjas do? They build in observability to every feature release, so when they push a...

Derek Ashmore
Asperitas Consulting
AT30

AWS Lambda: Best Practices and Common Mistakes

Add to calendar
Thursday, November 7, 2019 - 4:45pm to 5:45pm

AWS Lambda is a serverless architecture that relieves you of hardware and scaling setup concerns. AWS Lambda functions are used by many organizations for serverless application development and automating DevOps tasks. But many teams start using AWS Lambdas and uncover problems such as running into resource limits, debugging nested lambda defects, managing code change across dozens of AWS accounts, and many more. Derek Ashmore will provide tips and tricks to make your AWS Lambda functions usable in different contexts and easier to develop and support. He will show you how to mitigate common...

Friday, November 8

Chris Wysopal
Veracode
DS2

Shifting Security Left: Where to Start

Add to calendar
Friday, November 8, 2019 - 9:30am to 10:00am

Equipped with this guidance you can begin to make the changes that will transform application security into a responsibility that is shared by development and security and that continues once applications are in production and operation. By shifting security left, you unburden your security team, empower your developers to write better code…

DS1

Building Trust Between Security and Development to Accomplish Culture Change

Add to calendar
Friday, November 8, 2019 - 11:00am to 11:30am

DevSecOps empowers engineering teams to take ownership of how their product behaves in production, including security aspects. The primary goal of a DevSecOps initiative is to get development teams to shift their mindset and adopt security practices in their daily activities. However, this can only happen with healthy collaboration and mutual trust between development and security teams. Larry Maccherone can show you how. Larry will discuss how to effectively build trust between developers and security personnel to facilitate a successful DevSecOps program. He will present a proven "Trust...

Jeff Williams
Contrast Security
DS3

Taking DevSecOps To The Next Level - Cutting Edge Tools for your Pipeline

Add to calendar
Friday, November 8, 2019 - 1:00pm to 1:30pm

DevSecOps is so much more than forcing developers to use legacy scanning tools. In this talk, we will discuss a continuous, effective, and scalable DevSecOps pipeline using free cutting-edge tools. We'll discuss and show IAST (Interactive Application Security Testing) to accurately pinpoint vulnerabilities in both custom code and libraries in real time without scanning. We'll discuss and show RASP (Runtime Application Self-Protection) in production to gain visbility into application attaches and to prevent vulnerabilities from being exploited. And we'll discuss how to integrate the results...

Gene Gotimer
Coveros, Inc.
DS7

A Practical Approach to Building Security In

Add to calendar
Friday, November 8, 2019 - 1:30pm to 2:00pm

The release date is a week away. Development is complete. The code works, and everything looks good. Marketing is ready with the media blitz. Our customers are waiting to get their hands on the new features and are sure to give us good feedback. The only step left is to get the security group to scan the application and give us the approval to release. Cross your fingers- let’s hope we get the green light! Otherwise, I don’t know what we are going to do. DevOps, and more importantly, DevSecOps, promises to do away with rolling the dice at the end and hoping we are allowed to release what...

DS9

Panel Discussion: Getting Development and Security To Work Together

Add to calendar
Friday, November 8, 2019 - 2:30pm to 3:00pm

DevSecOps is all about getting security teams, practices, processes, and tooling integrated into your DevOps process but often getting a cross-functional team that includes security in place is difficult. Join DevSecOps practitioners in exploring the best ways to get security groups and personnel involved in day-to-day DevOps teams. Learn what role security personnel play in Sprint activities and how to remove compliance from being an end-of-lifecycle hurdle. Hear how leading organizations successfully shift security left and tips and tricks for getting started.