Cloud Development Technologies
Wednesday, August 18, 2021
SaaS is not for all! Many organizations are prohibited storing data outside their data centers, worried about security or restrained by limited change control!
The solution is a hybrid architecture that allows deploying your SaaS offering on-premises. While we have known examples such as AWS Outputs or Google Anthos the fact is that not everyone is Google or Amazon! Join my session where I share how we at Dynatrace moved from SaaS to a hybrid offering including an on-premises deployment. I discuss my top 3 aspects of a successful hybrid implementation: pro-active support, automated updates delivery, and zero-configuration approach and how our “Mission Control” takes care of these. This talk should inspire you how to expand your software offering from SaaS to premises with the lowest total cost of ownership!
With the increasing complexity of modern applications, continuous profiling methods and tools are gaining popularity among the Developer and Engineering communities. In this session, we cover what continuous profiling entails and why you should implement a profiler into your tech stack (if you haven’t done so already). We’ll then bring theory to practice and demonstrate a real-life scenario using gProfiler, a free open-source continuous profiling tool.
Software is in the heart of many products that we use today, from consumer to mobile applications. The way we deliver software has changed as well now that we work in the cloud. Every developer became a little DevSecOps engineer, when expected to deliver secured, robust and scalable software. CI/CD technology was supposed to make time from coding to production much faster and processes were supposed to be fully automated. But are we really doing it right?
In this session I will talk about current trends in developer-centric security, best practices for implementation and some of the lessons learned from creating a shift-left cloud security product.
Single cloud is no longer enough, it is time for Multi-cloud! In the session, the latest trend and technologies related to Multi-cloud will be presented. However technology is not enough, the real business case studies and their benefits will be presented. Finally, the future research directions will be briefly described. The session is based on the commercial and research experience for over 5 years period.
Organizations are thriving for productivity and agility. And the billion dollar question of the technology industry today is, how do we get there? The answer mostly lies in the hands of developers. If developers can produce quality software, at pace, and keep sustaining it forever, we can build dynamic and agile organizations successfully. However, the technology landscape of today’s industry is overwhelming. Developers are burdened with so much complexity, it creates a lot of confusion and sucks out their energy in solving meta problems instead of focusing on the business need.
This talk is about introducing the concepts of Cloud Native Engineering and teaching how it can help organizations build dynamic teams capable of delivering quality software at scale.
Should you always run your cluster in multiple availability zones? How can a transition rule on S3 double your storage costs? I want to monitor and understand my data transfer costs, where should I start? Following so-called “best practices” works only when you fully understand the implications, costs included. We will discuss a few cloud anti-patterns, making your bill smaller and your deployment better. And possibly reducing your cloud carbon footprint too.
The cloud is a fortress. Public cloud infrastructure is owned by a handful of companies with hardly any oversight. They get to decide who to welcome, who to block and they can slow transmissions. Not that they will, but they can. Once organizations select a cloud provider, they essentially have no choice but to trust a monopoly that could also become a competitor. But it does not need to be. Thanks to Kubernetes, Cloud Neutrality is now only possible, it is easy.
In a few minutes, we will deploy a cloud neutral Kubernetes cluster that spans across any number of cloud providers and will show how your workloads are free to roam between clouds, automatically switching for cost optimization, scale, performance or simply for resilience to a cloud failure.
Cloud security in most dev environments is broken. With ever-changing environments, engineers focused on features, and DevOps enabling incredible agility, traditional cloud security can't keep up. Even with a security resource at hand, the chance of catching each bad Terraform default or hidden * in a wide-open IAM policy is near impossible across endless cloud services. In this session, we'll show how (with very little effort) you can adopt DevSecOps with the right training, tools, processes and strategy. You’ll get practical advice and tactical tips to start implementing IaC security scanning and fixing security issues right away.
How can you make time for real innovation and improvement?
How do you know what to automate next?
How do you escape process prison?
How can you get everyone aligned to make a difference?
How do you get from where you are to your next performance target?
Flow Engineering builds on the lean practice of value stream mapping with a full framework of collaborative mapping techniques. You can use it right now to reveal your biggest opportunities, eliminate hours of friction every week, and invest in what's next.
I'll introduce 4 powerful maps: Outcome, Value Stream, Dependency, and Capability, that you can co-create with your teams to uncover hidden insights and opportunities. I'll show you how to take those insights and create a powerful roadmap of actions and experiments to dramatically improve flow and deliver continuous value.
Use it to improve your:
- Development process
- Planning and shaping
- Delivery/Data/Testing/Analytics/Logging Pipeline
- Employee/Customer Onboarding
- Support/Failure Recovery/Incident Management
- Workflow of choice
…and start spending more time on what's next
In this talk, I will share the story of how LinkedIn designed our software engineering system, Multiproduct, and what we’ve learned from implementing, operating and evolving over the last ten years. I will share examples of design and implementation decisions we’ve made and how those decisions impacted our ability to develop and deploy software. I will describe tools and automation we’ve built and the organizational structures that have emerged to support our software development system. You will learn about LinkedIn’s multi-repo code setup and how we leverage semantic versioning and dependency management to share code across our product ecosystem. The lessons we learned will help you with your decisions when designing a software engineering system for your company.
Once upon a time, devices like Nest or connected coffee makers were all anyone talked about when mentioning IoT. But these use cases, while seemingly innovative at the time, were more about creating shortcuts over Solving Problems, and those are inherently limited the number of use cases. As we enter the second phase of IoT, we’re solving problems behind the scenes and building hidden infrastructure that’s silently connecting the world
To truly scale application security testing, developers need to maintain their role in the security process beyond SCA and SAST, continuing the automation you are already achieving and rely less on manual testing.
Traditional DAST scanners are a blocker to this automation. They are hard to use, impossible to integrate, not developer friendly and produce too many false positives. This results in crippling human bottlenecks that stifle CI/CD, whether it's the need for security to constantly tweak scanners or the drain of manually validating vulnerabilities.
Either way, technical and security debt is compounded, resulting in insecure product hitting production. Change is needed, and fast.
In this session with Bar Hofesh, CTO and Co-Founder at NeuraLegion, you will discover:
1. Key features that your dev-first DAST needs to enable developers to take ownership of security
2. How you can detect, prioritise and remediate security issues early, automated in the pipeline
3. Insights into reducing the noise of false alerts to remove your manual bottlenecks to shift left
4. Steps you can take to achieve security testing automation as part of your CI/CD, to test your applications and APIs.
Thursday, August 19, 2021
Product Manager, this is a title that is very hard to explain and most of the time comes with big responsibilities but yet it is easy to overlook. Moreover, in the Application Modernization journey that focuses on modernizing your legacy application.
We are not delivering code or creating a prototype and definitely our job description is NOT attending meetings all day. We believe there are skills and mindset as Product Manager to accelerate the team to be successful in building modern applications. In this talk, I will share why we need product management skills to increase the success in your Application Modernization journey.
Observability is about more than building a reactionary response to latency and outages. Whether or not you focus on it today, at the core of your team is an “Engineering Flywheel”. Keeping talented engineers engaged, maintaining a cadence of feature releases, measuring the impact of new tech - these improve when you tighten the feedback loop on the one thing they all focus on, the service itself.
In this session, we'll cover the new challenges microservices architectures have presented us all with and explain how to create an effective Observability strategy that can accelerate your Engineering Flywheel.
Since the emergence of Kubernetes, we hoped that developers will adopt it. That did not happen, and it will likely never happen. Developers do not need Kubernetes. They need to write code, and they need an easy way to build, test, and deploy their applications. It is unrealistic to expect developers to spend years learning Kubernetes.
On the other hand, operators and sysadmins need Kubernetes. It gives them all they need to run systems at scale. Nevertheless, operators also need to empower developers to deploy their own applications. They need to enable developers by providing services rather than doing actual deployments.
So, we have conflicting needs. Kubernetes is necessary to some and a burden to others. Can we satisfy all? Can we have a system that is based on Kubernetes yet easy to operate? Can we make Kubernetes disappear and become an implementation detail running in the background?
Let's discuss where Kubernetes is going and how it might look like in the future.
We describe a way of the established on-prem ISV re-inventing itself as a SaaS provider, incidentally breaking enterprise content management industry standards in scalability in the process, and returning to on-prem customers in a hybrid scenario, thus completing a full circle. We will share the tools we built and used, DOs and DON'Ts and postulate a trend: it is still users that matter the most at the end.
Women around the world have been directly affected by the pandemic in more ways than one, especially women in technology. Lack of Representation; Lack of Supplier Diversity Allocation; Lack of Access to Investment; and Increased displacement of women-held jobs are all constituting a global crisis. Well, what does one do then? The answer begins with Fortune 1000 companies. Systematic change requires collective action by organizations large enough to influence and maintain change. An attempt to change the norm requires Fortune 1000 companies to come together to acknowledge the problem and consciously take steps towards change.
In this session, I will highlight the gaps in the technology industry that is disabling women to succeed and create an economic; furthermore the session will also focus on ways to bridge that gap through collaboration and collective action.