Craft Conf Special Edition

This time we teamed up with the organizers of the Craft Conference to bring you two internationally recognized experts. We are pleased to announce that Aaron Rinehart and Daniel Terhorst-North accepted our invitation and will give you 2 exciting talks. We still need to sort out a few things but we wanted to share all the information currently available with you. Please find their Bio and the title of Dan's talk below. We will soon get back to you with more details. I am confident this event will be a unique one. So waste no time and register for this event. Let's make this event one of our largest ever meet-up.

Daniel Terhorst-North:

Daniel Terhorst-North uses his deep technical and organisational knowledge to help CIOs, business and software teams to deliver quickly and successfully. He puts people first and finds simple, pragmatic solutions to business and technical problems, often using lean and agile techniques. With over twenty-five years of experience in IT, Dan is a frequent speaker at technology conferences worldwide. The originator of Behaviour-Driven Development (BDD) and Deliberate Discovery, Dan has published feature articles in numerous software and business publications, and contributed to The RSpec Book: Behaviour Driven Development with RSpec, Cucumber, and Friends and 97 Things Every Programmer Should Know: Collective Wisdom from the Experts. He occasionally blogs at https://dannorth.net/blog.

Aaron Rinehart:

Aaron Rinehart, CTO @Verica.io | Former Chief Security Architect, @UnitedHealthGroup Aaron has been expanding the possibilities of Chaos Engineering in its application to other safety- critical portions of the IT domain notably cybersecurity. He began pioneering the application of Security in Chaos Engineering during his tenure as the Chief Security Architect at the largest private healthcare company in the world, UnitedHealth Group (UHG). While at UHG Aaron released ChaoSlingr, one of the first open source software releases focused on using Chaos Engineering in cybersecurity to build more resilient systems. Aaron recently founded the first Chaos Engineering Meetup in Washington DC and is a frequent author, consultant and speaker in the space.

Talks:

Daniel Terhorst-North - BDD is not about Testing:
BDD started as a way to teach TDD to programmers who kept getting hung up on the idea they were writing tests. Fast-forward a decade or so and it seems BDD scenario automation tools have invaded the world of acceptance testing like Japanese knotweed. All around I see teams harming themselves writing awkward, verbose tests using slow, cumbersome tools like Cucumber and SpecFlow, and acting as though BDD is some kind of testing approach.

Part of the problem is that once you have an automated BDD scenario and you've written the software to satisfy it, it can look seductively like a test. From there it is a short step to thinking of these scenario automation tools as testing software, and the rest is frustrating, repetitive history.

This long-overdue talk explores the relationship between BDD scenarios and acceptance tests, and suggests some strategies for avoiding the pain of BDD-as-test automation.

Aaron Rinehart - The Windy Road from Rugged to Chaos
Large scale distributed systems have unpredictable and complex outcomes that are costly when incidents and outages occur. This session will cover the foundations of Chaos Engineering and how the craft has evolved to advance DevSecOps and Incident Response. As part of this talk I will share lessons learned throughout my journey in driving multiple digital transformations including Rugged DevOps, Open Source, and pioneering the application of Chaos Engineering to Cyber Security at the largest healthcare company in the world. We will cover how Security Chaos Engineering allows for teams to experiment on recurring failure patterns to determine underlying factors within the environment. Furthermore using Chaos Engineering techniques, allows incident response and product teams to derive new information about the state of security within the system that was previously unknown. Within this new paradigm of instrumentation where we proactively conduct “Pre-Incident” vs. “Post-Incident” reviews we are now able to more accurately measure how effective our product security teams, tools, skills, and procedures are during the manic of the incident management function.