- DevSecOps - The Changing Landscape of Attacks, Maury Cupitt, Sonatype
The modern day application consists of approximately 80% open source code. In 2017 there were 87 Billion Downloads from The Central Repository (the largest open source Java repository in the world). 1 in 8 of those open source libraries contain a known security vulnerability. Known vulnerabilities in open source are widely exploited as an attack vector and lead to well document breaches such as the one that hit Equifax in 2017 (Apache Struts 2 Rest API library). Cyber Security crime costs the global economy $450 billion in 2016. This eclipsed the entire illicit drug trade which cost the global economy $430 billion. Companies looking to accelerate development and embrace DevOps need to embrace solutions like Jenkins to automate their builds and releases. Companies looking to innovate faster while reducing their risk need to ensure security is included in the development process (DevSecOps) by building secure CI/CD pipelines with integrated and automated quality guardrails such as Nexus Firewall and Nexus Lifecycle for Open Source Governance and inspection during every Jenkins Build. In this session we will take you through how to configure your builds in Jenkins that ensure development can continue to accelerate while also layering in open source security and governance.
- Database DevOps - Keep Your Delivery Processes Secure, Brian McRae, Redgate
DevOps is a key focus for the majority of his conversations, but as IT teams are under increasing pressure to demonstrate data privacy and protection with regulation like GDPR, HIPPA and SOX, among others, tonight we’ll focus on how you can combine these two areas and extend one to embrace the other without compromising on either side. Ultimately, we hope you leave today’s meetup with an understanding of how Database DevOps can ensure you continue to increase the speed of delivery, securely, without jeopardizing compliance. --- For the past 25 years Brian has worked in various roles in technology, ranging from a software engineer, database architect, IT Manager to a solutions consultant and more recently Sales Engineer at Redgate, where he is responsible for helping clients across a range of industries securely automate their database development, change management, continuous integration and deployment processes.
- Introducing the Cloud Native Application Bundle [cnab.io] - Nirmal Mehta
CNAB embraces the multi-tool world and allows for packaging up multiple formats and their accompanying toolchains into a single artefact. Imagine a single installable package that contains Terraform code to launch an RDS instance and a Compose file or Helm charts describing the application that will use it. Today you might package and distribute those separately, with CNAB you can keep them together. That means you can share metadata, cryptographically sign a single artifact, push all aspects of the application to a central registry and more. In this talk you'll learn about CNAB, discuss some of the problems it solves, and see demos of the accompanying tooling. --- Nirmal Mehta, Chief Technologist in the Strategic Innovations Group at Booz Allen Hamilton specializing in research, implementation and integration of emerging technologies to Booz Allen’s federal government client base. He leads the firms efforts in containerization and distributed application architectures, and thought leader for DevOps practices. He is passionate about Open Source, Containerization, Cloud Automation, DevOps, Data Center Transformation and integrating open-source software to push the capabilities of future IT infrastructure. He focuses on bringing leading edge technologies to enterprise systems for commercial and public sector clients.
- From Turing to Big Data: A Look @ Computing & Analytics- PJ Hagerty,DevRelate.io
A look at where computing and analytics began and where it is headed. The basis of all DevOps and development starts with our measurements. We need to understand what role analytics and metrics plays in modern computing. To find out, we look at where analytics began in the advent of computer science and where we stand today, with an eye toward the future. --- Developer, writer, speaker, musician, and Community Advocate, PJ is the founder of DevRelate.io. He is known to travel the world speaking about programming and the way people think and interact. He is also known for wearing hats.
- DevOps is Not War - Chris Short, Red Hat
Over the past 500 years, there have been 16 cases of a rising power threatening to displace a ruling power. 75% of those cases resulted in war. Although your organizational transformation probably won’t lead to war, it could be contentious. History can help prevent conflict when driving change. This talk will analyze human tendencies, historical data, and provide real-world examples of how to prevent conflict during your DevOps journey. --- Chris Short has been a proponent of open source solutions throughout his over two decades in various IT disciplines including systems, security, networks, and DevOps engineering and advocacy across the public and private sectors. He currently works on the Ansible team at Red Hat. Chris is a partially disabled US Air Force veteran living with his wife and son in Greater Metro Detroit. Chris writes about DevOps and other topics at chrisshort.net. He also runs the DevOps, Cloud Native, and open source focused newsletter DevOps’ish.
- DevOps - Improving Software Delivery and Operations, Nathen Harvey, Google
Explore the connections between practices like continuous delivery (CD), DevOps, and Site Reliability Engineering (SRE) in this survey of the capabilities and practices that lead to better software delivery and operations. Nathen Harvey, Cloud Developer Advocate at Google, helps the community understand and apply DevOps and SRE principles and practices in the cloud to drive business outcomes. He is a co-host of the Food Fight Show, a podcast about Chef and DevOps.
- Bringing Empathy to IT - Nirmal Mehta || Real World Observability - Chris Bailey
Come join us for this double header event to end the year! Strong Beliefs Loosely Held: Bringing Empathy to IT | Nirmal Mehta In this talk, the conversation centers around how to use behavioral economics and other processes to assist in getting IT organizations to adopt DevOps practices. Technology is easy but, people are hard. How can we use game theory to encourage empathy in an organization? This talk fosters thought and dialogue on how to address the people and IT cultural needs as organizations transform. --- Nirmal Mehta, Chief Technologist in the Strategic Innovations Group at Booz Allen Hamilton specializing in research, implementation and integration of emerging technologies to Booz Allen’s federal government client base. He leads the firms efforts in containerization and distributed application architectures, and thought leader for DevOps practices. He is passionate about Open Source, Containerization, Cloud Automation, DevOps, Data Center Transformation and integrating open-source software to push the capabilities of future IT infrastructure. He focuses on bringing leading edge technologies to enterprise systems for commercial and public sector clients. ----------------------------------- Real World Observability: Pull the Thread | Chris Bailey Let’s face it, monitoring is hard. In this talk, Chris Bailey will pull the curtain back on building a modern observability platform, warts and all. He will talk through the considerations before even getting started, the pitfalls and gotchas encountered along the way, and the best way to sell the value of comprehensive monitoring, alerting and logging back to the business. At the end of this talk, you should have a good foundation for starting the journey toward your own observability platform. --- Chris Bailey is the head of DevOps at AdvisorEngine, organizer of the Triangle DevOps Meetup group, co-host of Setup for Failure, a podcast about DevOps, an organizer of DevOpsDays Raleigh, and a member of the Opensource.com DevOps team. --- Food and drink provided by Hays.
- Lightning Talks
Lightning talks are back again! Each talk will be a maximum of 5 minutes (with up to 7 slides). Pizza and drinks will be provided by Hays. This year's schedule: "The Hard Path to the Easy Path of Infrastructure Management" - Austin K. "Build Better Dashboards" - Chris Bailey "An Introduction to Pulumi" - Brian Cottingham "Kubernetes Primer" - Kevin Ashline "SecOps Armageddon - A look into the future of security & operations" - Phillip Maddux II "Shift Left. Wait, what? No, Shift Right!" - Phillip Maddux II "Fake It Till You Make It" - Patrick Easters "My Life without Staging" - David Pell "DevOps - Change is Hard" - Mark Mzyk Please post in the comments section if you are interested in speaking with a topic you'd like to speak on or email me directly: [masked]
- All Day DevOps Viewing Party @ Lulu
What is All Day DevOps? --- All Day DevOps is a FREE online community responsible for creating the world's largest DevOps conference. All Day DevOps 2018 will offer over 100, 30-minute sessions across five tracks in all time zones, simultaneously. Tracks included Continuous Everything, Modern Infrastructure and Monitoring, DevSecOps, Cultural Transformations, and DevOps in Government. All sessions are practitioner-led with a "no vendor pitch" policy strictly enforced. https://www.alldaydevops.com/ Hosting will provided by Lulu during normal business hours. Food and drink will be provided throughout the day. Feel free to attend for some or all of the talks until 5 pm!
- A Successful DevOps Initiative Starts with Knowing Your Numbers! - Anne Hungate
IT organizations that don’t know their risk factors and exposure are likely to make investments in DevOps that don’t matter. After working with several teams that lost their DevOps funding after making automation investments in areas that were not business constraints, Anne Hungate's Fact-Based Operations model emerged. Join Anne to learn how to prioritize your DevOps improvements and demonstrate the impact and value you are delivering. After all, DevOps gets traction and funding when teams can show the business impact of doing it, so if you want your DevOps initiative to take off, be prepared to provide some metrics! You'll discover the five key questions you need to be able to answer to show that your DevOps matters, and leave with seven actions you can start taking as soon as you get back to your desk in order to improve the results of your DevOps efforts. Bio Anne Hungate is an IT executive with more than twenty years' experience delivering technology solutions. Experimenting with both engineering practices and organizational design, Anne determined that people and trust are the keys to better software, while facts and data link IT results to business value. Anne is the president of Daring Systems, a consultancy practice that helps clients improve their productivity and profitability by understanding their software delivery supply chain. Anne has presented at local and national conferences, sharing the lessons learned over two decades of transformation and delivery. Anne holds her DevOps Foundation, DevOps Test Engineer, and professional coaching certifications and has earned both CSQA and PMP designations.