Submit a future talk at http://submit.cdisrael.com today.
18:00 Getting together
18:30: Ada Sharoni: Integrating security with CI/CD
19:30: Community Announcements & Hiring Callouts
19:35: Baruch Sadogursky : DevOps Patterns & Antipatterns for Continuous Software Updates
20:20: End of the evening
1) Ada Sharoni:
Integrating security with CI/CD
CICD and micro services are great concepts, but in the world of cyber security they can become incredibly risky. Most software developers are not security oriented, and as the race to production becomes incredibly fast, it’s no wonder we get to see a vast increase in exposure to vulnerabilities. Last year, one of three web applications was graded as having an extremely poor level of security, and 83% had some vulnerabilities detected in them. In this lecture we will try to demonstrate vividly how cyber attacks actually look like and what can be done in order to gain more safety while still maintaining fast delivery.
Ada Sharoni is a Software Engineer team lead at Akamai, that specializes in the fields of cyber security and ML. As a Talpiot graduate, she served in the Israeli intelligence community for many years, and for the last few years has focused on cloud security solutions at Akamai.
2) Baruch Sadogursky :
Patterns & Antipatterns for Continuous Software Updates
So, you want to update the software for your user, be it the nodes in your K8s cluster, a browser on user’s desktop, an app in user’s smartphone or even a user’s car. What can possibly go wrong?
In this talk, we’ll analyze real-world software update fails and how multiple DevOps patterns, that fit a variety of scenarios, could have saved the developers. Manually making sure that everything works before sending update and expecting the user to do acceptance tests before they update is most definitely not on the list of such patterns.
Join us for some awesome and scary continuous update horror stories and some obvious (and some not so obvious) proven ideas for improvement and best practices you can start following tomorrow:
Baruch Sadogursky (a.k.a JBaruch) is the Head of Developer Relations and a Developer Advocate at JFrog. His passion is speaking about technology. Well, speaking in general, but doing it about technology makes him look smart, and 18 years of hi-tech experience sure helps. When he’s not on stage (or on a plane to get there), he learns about technology, people and how they work, or more precisely, don’t work together. He is a CNCF ambassador, Developer Champion, and a professional conference speaker on DevOps, DevSecOps, Go, Java and many other topics, and is a regular at the industry’s most prestigious events including DockerCon, GopherCon, Devoxx, DevOps Days, OSCON, Qcon, JavaOne and many others. You can see some of his talks at jfrog.com/shownotes
VENUE - Yalla-DevOps! Conference:
This month's meeting will be held with the cooperation of Yalla-DevOps! Conference, and will take place immediately after the conference, at the conference venue. Jfrog will also be recording and feeding us - thanks!!