Agile + DevOps West 2020 - DevOps | TechWell

Agile + DevOps Virtual 2020 - DevOps

Customize your Agile + DevOps West 2020 experience with sessions covering DevOps.

Monday, June 8

Danilo Sato
ThoughtWorks
MA

Continuous Delivery in Practice: A Hands-On DevOps Workshop

Add to calendar
Monday, June 8, 2020 - 9:00am to 5:00pm

For many organizations, delivering software into production has become increasingly more complex with long testing cycles and a division between development and operations teams. DevOps is a cultural movement that is breaking down those barriers. Focusing on automation, collaboration, tools, and knowledge sharing, DevOps is showing that developers and system engineers have much to learn from each other. Through a series of hands-on exercises, Danilo Sato will use a sample web application to demonstrate how to automate its build and deployment pipeline, using infrastructure and pipeline as...

Bob Foster
Coveros
MC

Finding Performance Issues Early with JMeter

New
Add to calendar
Monday, June 8, 2020 - 9:00am to 5:00pm

Performance issues can be difficult to resolve when found late in the software development lifecycle. Using an open-source tool like JMeter to develop, manage, and execute load and performance tests while the code is being developed, is an inexpensive way to help find performance issues. Executing these performance tests as part of your CI/CD pipeline enables users to find and resolve performance issues as soon as they are introduced. This hands-on workshop will help attendees develop a foundational understanding of JMeter, while engaging them in creating and running performance tests...

Melissa Benua
mParticle
MD

Test Design for CI/CD Delivery

Preview
Add to calendar
Monday, June 8, 2020 - 9:00am to 12:30pm

Imagine this … As soon as any developed functionality is submitted into the code repository, it is automatically subjected to the appropriate battery of tests and then released straight into production. Setting up the pipeline capable of doing just that is becoming more and more common and something you need to know about. But most organizations hit the same stumbling block—just what IS the appropriate battery of tests? Automated build architectures don't always lend themselves well to the traditional stages of testing. In this hands-on tutorial, Melissa Benua introduces you to key...

Melissa Benua
mParticle
MI

Continuous Testing with Containers

Preview
Add to calendar
Monday, June 8, 2020 - 1:30pm to 5:00pm

Containers. Every manager thinks they want them, but few teams have experience in knowing what to DO with them. Used thoughtfully, containerization of your services can transform the way your organization thinks about testing. Gone can be the days of maintaining X different compute environments with Y different configurations. Imagine instead spinning up just the code you need, on the machine type it needs, and only for as long as you need it. In this technical training, Melissa will walk through what containerization means for a legacy code base attempting to practice continuous...

Tuesday, June 9

Dana Pylayeva
Agile Play Consulting LLC
TJ

Seven Rules of Virtual Engagement

Add to calendar
Tuesday, June 9, 2020 - 1:30pm to 5:00pm

Struggling to keep participants engaged in your remote meetings/training? Wish you could connect better with people hidden behind their muted black screens? Join Dana Pylayeva to experience a different level of collaboration in the virtual space and learn her seven practical tips for bringing aliveness, participation and engagement to your online event. Tapping into her extensive experience working with global distributed teams, Dana offers a powerful fusion of brain-based learning principles and a field-tested pattern library of effective methods for collaboration in groups. If you want...

Thursday, June 11

PagerDuty
AT1

The How and Why of Full-Service Ownership

Add to calendar
Thursday, June 11, 2020 - 10:00am to 11:00am

High-performing software development teams are focused on customers and taking greater ownership of their production stack. The tricky part is teaching these teams how to tackle the operational challenges that come with full-service ownership. Julie Gunderson will discuss how to implement a model where development teams are both empowered to own their full-stack production deployments and equipped to manage common software lifecycle operational issues like reducing alert fatigue and learning from failures.

AT2

Agile Fireside Chat

Add to calendar
Thursday, June 11, 2020 - 10:00am to 11:00am

You've got agile and lean questions, and Mary and Tom Poppendieck want to answer them for you. They won't really be sitting by the fire, but they will be on hand to talk about all things lean and agile. Mary has been a programmer, IT manager, and product champion and is well known for the Lean Software Development books that she wrote with her husband, Tom. Tom has been in computing for 25 years, working with health care, logistics, mortgage banking, and travel services, and he holds a Ph.D. in physics. Bring your questions and be ready for a lively, interactive discussion.

Sanjeev Sharma
Independent Consultant
AT5

DataOps: Eliminating Data Friction in DevOps

Add to calendar
Thursday, June 11, 2020 - 10:00am to 11:00am

The DevOps movement has led to the adoption of continuous integration (CI) and continuous delivery (CD) in the application delivery pipeline. The end goal of establishing a CI/CD pipeline is to achieve a continuous "flow" of releases as new features get built, integrated, tested, and deployed to production-like environments, and eventually to production. This flow depends on the continuous integration and delivery of small batches of code for database and environment changes. Data friction results from the inability to have the right data provisioned to the right environment when it is...

Infusionsoft
AT28

Using Security Chaos Engineering to Build Protected, Resilient Systems

Add to calendar
Thursday, June 11, 2020 - 4:45pm to 5:45pm

The speed and scale of complex system operations within cloud-driven architectures make them extremely difficult for humans to mentally model their behavior. This often results in unpredictable and catastrophic outcomes that become costly when unexpected security incidents occur. There is a need to realign the actual state of operational security measures in order to maintain an acceptable level of confidence that our security actually works when we need it to. As an alternative to simply reacting to failures, the security industry has been overlooking valuable chances to further...

Craig Sebenik
Independent Consultant
AT30

Lessons Learned Moving to Trunk-Based Development

Add to calendar
Thursday, June 11, 2020 - 4:45pm to 5:45pm

Moving from a branching model, such as GitFlow, to trunk-based development isn't trivial or easy, but it is definitely worth the effort if increasing release velocity is your goal. Craig Sebenik led the transition to “trunk dev” at a couple of companies after being involved in a massive project at LinkedIn. Join Craig as he describes trunk dev and gives his perspective on the scenarios where the different flavors work best. Discuss what you lose by moving away from a branching model and what you gain with trunk dev, and why that transition will set up the team for future growth and faster...

Thursday, June 25

Alyssa Miller
Snyk, Ltd.
DS1

DevSecOps Summit: So Happy Together: Making the Promise of DevSecOps a Reality

Add to calendar
Thursday, June 25, 2020 - 1:00pm to 1:45pm

It may be hard for some to believe, but it’s been over a decade since DevOps was first introduced. It wasn’t very long after that the concept of DevSecOps began to emerge as security practitioners attempted to keep application security practices engaged in software delivery. However, recent surveys show that even in organizations that have adopted a DevSecOps model, security is still often viewed as a bottleneck. This idea of security as an inhibitor can undermine the promise of DevSecOps to deliver a culture of shared responsibility for security. Hacker, former developer, and application...

Arthur Hicken
Parasoft
DS2

DevSecOps Summit: Effective Static Analysis is the Key to Successful DevSecOps

Add to calendar
Thursday, June 25, 2020 - 1:45pm to 2:15pm

DevSecOps creates more effective security by moving the traditional gate earlier instead of the end of the pipeline, where it’s too late to effectively fix security issues. Static code analysis is the best way to move security as far left as possible by using both early detection checkers for common issues like tainted data as well as secure-by-design coding patterns that harden the code against todays common attacks. However, static analysis has a reputation for being noisy and causing extra work. We will explore tips and tricks to make sure your static analysis is delivering security...

DS3

DevSecOps Summit: AppSec: Grim Reaper or Archangel of Dev?

Add to calendar
Thursday, June 25, 2020 - 2:15pm to 2:45pm

AppSec has gotten a bad rap as the “no” team, having to bear the bad news of why Development can’t deploy. But it’s not their fault—without effective integration of AppSec into the SDLC, both teams suffer from untimely information, which means AppSec can only deliver bad news, not enable security as a health part of a Development process. With an effective SecDevOps program that includes proactive policy assignment to effectively manage security debt and automate governance, Security shifts from being a blocker to an advisor in decreasing project delivery risk, without sacrificing velocity...

Robert Statsinger
Contrast Security
DS4

DevSecOps Summit: Embracing DevSecOps through Embedded Application Security

Add to calendar
Thursday, June 25, 2020 - 3:00pm to 3:30pm

Traditional approaches to application security create unacceptable drag and scaling problems for DevOps, while expert staffing and tooling requirements to support “more code, faster” create untenable economics. This presentation will discuss the transformative impact of embedding application security into applications themselves. Embedded AppSec removes friction, enables security to be seamlessly woven into DevOps, and provides a continuous and unified approach across the SDLC that empowers Dev, Security, QA/Test, Ops, and other stakeholders to collaborate and realize the benefits of...

Guy Herbert
Atlassian
DS5

DevSecOps Summit: Risk Management and Audit in a High Change Environment

Add to calendar
Thursday, June 25, 2020 - 3:30pm to 4:00pm

When you are trying to move fast and ship to customers you don't want risk and compliance holding you back. But the environment that we work in requires you to have good risk management and we all have compliance obligations that we need to maintain. So how do we make this work? At Atlassian, we are always trying to ship faster to meet your needs and we have lots of compliance obligations to maintain - come and hear from Guy Herbert, Atlassian's Risk Futurist about how the combination of people, practices, and tools has enabled teams to ship multiple times per day to regulated compliance...

Friday, June 26

DJ Schleen
Rally | United Healthcare
Infusionsoft
DS6

DevSecOps Summit: Blameless Retrospectives in DevSecOps at Global Healthcare Giants

Add to calendar
Friday, June 26, 2020 - 1:00pm to 1:45pm

Implementing a scalable DevOps program can seem like an impossible task at times. Add security into the mix and the challenge can appear insurmountable. Organizations around the world have come to realize the potential business impacts of adopting DevSecOps and how it can enable engineers to deliver more value to the market faster. While the prospect of transformation seems alluring, a great number of organizations are still unsure of where to start, what’s involved, how much it will cost and how to achieve success. Discussing our triumphs and tragedies not only bring clarity, but champion...

DS7

DevSecOps: Essential Pipeline Tooling To Enable Continuous Security

Add to calendar
Friday, June 26, 2020 - 2:00pm to 2:30pm

As we embrace DevOps to optimize our Agility, we need to move away from slow, manually intensive processes into more of a continuous flow of software into production. Whether we are doing true "Continuous Deployment" straight to production or not, we no longer have time for slow, manual, late-lifecycle security assessments to determine if our code is going to put us on the front page of the newspaper (for the wrong reasons). What we need is the visibility to know that our code is secure enough to pass muster every day. What we need is continuous security.

The DevSecOps movement is...

Bob Crews
Checkpoint Technologies
DS8

DevSecOps Summit: Continuous QA Risk Analysis with an AppSec-DevOps-OWASP Mindset!

Preview
Add to calendar
Friday, June 26, 2020 - 2:30pm to 3:00pm

The scope and complexities of Application Security testing in a DevOps world are rapidly increasing as new technologies emerge, applications become more advanced, vulnerabilities more prevalent, and threats become more astute! The quantity and types of vulnerabilities can make the process of testing overwhelming, especially in a DevOps and Agile world when factoring in aggressive target dates and a lack of resources. Utilizing a rapid, strategic risk-based analysis approach while factoring in the OWASP Top 10 will assist you in prioritizing your overall testing effort. If you can’t...