SlideShare uma empresa Scribd logo

Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed

S
SeniorStoryteller

DevOps Connect: DevSecOps Edition at RSAC 2017

Tecnologia
1 de 55
Baixar para ler offline
R E L E A S E E N G I N E E R I N G & R U G G E D D E V O P S : A N I N T E R S E C T I O N ? J . PA U L R E E D R E L E A S E E N G I N E E R I N G A P P R O A C H E S
Wait, this looks familiar… @jpaulreed #RuggedDevOps
@jpaulreed #RuggedDevOps
R E L E A S E E N G I N E E R I N G & R U G G E D D E V O P S : A N I N T E R S E C T I O N ! J . PA U L R E E D R E L E A S E E N G I N E E R I N G A P P R O A C H E S D E V O P S C O N N E C T AT R S A C O N F E R E N C E ( 2 . 0 )
J . PA U L R E E D • @jpaulreed on • Managing Partner, Release Engineering Approaches • 15+ years build/release engineering experience • Alum of The Ship Show podcast • Today: “A DevOps Consultant™” • Master of Science candidate in Human Factors and Systems Safety @jpaulreed #RuggedDevOps
H O W D O T H E Y I N T E R S E C T ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
R E L E A S E E N G I N E E R I N G / S E C U R I T Y O P E R AT I O N S S I M I L A R I T Y C H E C K L I S T • We look… “a little off” to developers & the business™. • We both can often be found shoveling DevOps Unicorn poop. @jpaulreed #RuggedDevOps
@petecheslock DevOps Sec @hijinksensue(via @petecheslock)@jpaulreed #RuggedDevOps
R E L E A S E E N G I N E E R I N G / S E C U R I T Y O P E R AT I O N S S I M I L A R I T Y C H E C K L I S T • We look… “a little off” to developers & the business™. • We both can often be found shoveling DevOps Unicorn poop. • Including our work in project plans/scoping/requirements: maybe? • But when “it” breaks, suddenly: all eyes on us. Really angry eyes. • We have a reputation for “No.” • The nature of our roles is undergoing a fundamental shift. • The industry is starting to “get it.” @jpaulreed #RuggedDevOps
How does Release Engineering impact/ relate to/ converge with Security? @jpaulreed #RuggedDevOps
R E L E A S E E N G I N E E R I N G ’ S I M PA C T T O / R E L AT I O N W I T H S E C U R I T Y O P S • Software Supply Chains @jpaulreed #RuggedDevOps
One vulnerable library in your product is a security problem. Multiple versions of a vulnerable library in your product is a release engineering problem. — @jpaulreed @jpaulreed #RuggedDevOps
R E L E A S E E N G I N E E R I N G ’ S I M PA C T T O / R E L AT I O N W I T H S E C U R I T Y O P S • Software Supply Chains • “Old-fashioned” software delivery mechanisms • Artifact management • The bold new world of containers • Every versioning bikeshed ever @jpaulreed #RuggedDevOps
What Did We Find Out? @jpaulreed #RuggedDevOps
1. The ways in which we consume software continue to be problematic. @jpaulreed #RuggedDevOps
1. The ways in which we consume software continue to be problematic. 2. The ways in which we produce software continue to be problematic. @jpaulreed #RuggedDevOps
1. The ways in which we consume software continue to be problematic 2. The ways in which we produce software continue to be problematic 3. In many cases, we ignoring heuristics that can help us @jpaulreed #RuggedDevOps
Problematic Consumption @jpaulreed #RuggedDevOps
We are stitching our software together from more places than ever!
Your software supply chain may have more actors involved than you think! @jpaulreed #RuggedDevOps
Knowing exactly what you’re getting can be difficult… @jpaulreed #RuggedDevOps
Making sense of what you have can be difficult. @jpaulreed #RuggedDevOps
The good news: this problem has been solved for about 20 years @jpaulreed #RuggedDevOps
https://github.com/preed/git-vendor-mirror @jpaulreed #RuggedDevOps
C V S V E N D O R B R A N C H E S , G I T S T Y L E • Creates a copy of artifacts, so they’re under your control • Supports a standardized version format (but you can use your own because bike shedding!) • Custom-patch to your heart’s content (and be able to track them!) • Supports developer interaction with “standard forks.” @jpaulreed #RuggedDevOps
@jpaulreed #RuggedDevOps
Much easier to just understand what’s going on @jpaulreed #RuggedDevOps
Records information you care about, automatically @jpaulreed #RuggedDevOps
Problematic Production @jpaulreed #RuggedDevOps
A L L A B O A R D T H E S S D O C K E R ! @jpaulreed #RuggedDevOps
S O W H AT ’ S I N A C O N TA I N E R , A N Y WAY ? You don’t know.@jpaulreed #RuggedDevOps
“The majority of people using Docker are using images containing an entire operating system filesystem.” Presentation: https://speakerdeck.com/garethr/whats-inside- that-container @jpaulreed #RuggedDevOps
Vine’s source code, leaked via Docker images.@jpaulreed #RuggedDevOps
@jpaulreed #RuggedDevOps
More continuous integration, continuous delivery, and orchestration tools than ever!
More attack surface than ever!
We’re all applying speed and scale to our CD pipelines. And they may need to have a little more security… and a little less speed and scale. — Security researcher @jpaulreed #RuggedDevOps
Missed Heuristics @jpaulreed #RuggedDevOps
U S E F U L H E U R I S T I C S W E C A N M I S S Build Processes Taking A Lot of Time @jpaulreed #RuggedDevOps
U S E F U L H E U R I S T I C S W E C A N M I S S Build Processes You Can’t Do On a Train @jpaulreed #RuggedDevOps
U S E F U L H E U R I S T I C S W E C A N M I S S Build Artifacts You Shipped, But Can’t Find Later @jpaulreed #RuggedDevOps
Think of it as housecleaning. Software bugs are like cockroaches: they hide in the darkest, messiest parts of your code. To get rid of cockroaches, you wouldn’t hunt them down one-by-one. Instead, you’d clean up the house and get rid of their hiding places. Do the same in your code. — My undergrad CS professor @jpaulreed #RuggedDevOps
Where to Go
 Now? @jpaulreed #RuggedDevOps
Introduce Your Release & Security Engineers @jpaulreed #RuggedDevOps
Task the Two Groups to Research Your Software Supply Chain @jpaulreed #RuggedDevOps
Start a project that engages other teams with these practices @jpaulreed #RuggedDevOps
H O W D O T H E Y I N T E R S E C T ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
H O W C A N W E E N G A G E A N D H E L P E A C H O T H E R M O R E ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
Let’s Find Out! @jpaulreed #RuggedDevOps
Finally, Remember: Who Owns Your Software Supply Chain? @jpaulreed #RuggedDevOps
For a handy reminder: http://WhoOwnsMySoftwareSupplyChain.com@jpaulreed #RuggedDevOps
J . PA U L R E E D W W W. J PA U L R E E D . C O M @ J PA U L R E E D W W W. R E L E A S E - A P P R O A C H E S . C O M S I M P LY S H I P. E V E RY T I M E .
Get  my  slides  immediately   community@alldaydevops.com
Our  sponsors  speak  your  language…  DevOps.

Recomendados

Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?SeniorStoryteller
 
Tackling Python: What is it and how can it help with Technical SEO?
Tackling Python: What is it and how can it help with Technical SEO?Tackling Python: What is it and how can it help with Technical SEO?
Tackling Python: What is it and how can it help with Technical SEO?BristolSEO
 
Test
TestTest
Testnappycadre3778
 
Software Carpentry for the Geophysical Sciences
Software Carpentry for the Geophysical SciencesSoftware Carpentry for the Geophysical Sciences
Software Carpentry for the Geophysical SciencesAron Ahmadia
 
Behavioral Analytics to Foster Long Term Changes
Behavioral Analytics to Foster Long Term ChangesBehavioral Analytics to Foster Long Term Changes
Behavioral Analytics to Foster Long Term ChangesAbelardo Pardo
 
Implementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ SchleenImplementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ SchleenSeniorStoryteller
 
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybMaking Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybSeniorStoryteller
 
Building Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh RaghavanBuilding Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh RaghavanSeniorStoryteller
 

Recomendados

Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?Release Engineering and Rugged DevOps: An Intersection?
Release Engineering and Rugged DevOps: An Intersection?SeniorStoryteller
 
Tackling Python: What is it and how can it help with Technical SEO?
Tackling Python: What is it and how can it help with Technical SEO?Tackling Python: What is it and how can it help with Technical SEO?
Tackling Python: What is it and how can it help with Technical SEO?BristolSEO
 
Test
TestTest
Testnappycadre3778
 
Software Carpentry for the Geophysical Sciences
Software Carpentry for the Geophysical SciencesSoftware Carpentry for the Geophysical Sciences
Software Carpentry for the Geophysical SciencesAron Ahmadia
 
Behavioral Analytics to Foster Long Term Changes
Behavioral Analytics to Foster Long Term ChangesBehavioral Analytics to Foster Long Term Changes
Behavioral Analytics to Foster Long Term ChangesAbelardo Pardo
 
Implementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ SchleenImplementing DevOps in a Regulated Environment - DJ Schleen
Implementing DevOps in a Regulated Environment - DJ SchleenSeniorStoryteller
 
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybMaking Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybSeniorStoryteller
 
Building Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh RaghavanBuilding Security In - A Tale of Two Stories - Laksh Raghavan
Building Security In - A Tale of Two Stories - Laksh RaghavanSeniorStoryteller
 
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...SeniorStoryteller
 
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...SeniorStoryteller
 
Breaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John WillisBreaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John WillisSeniorStoryteller
 
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionScaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionSeniorStoryteller
 
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon EdwardsOps Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon EdwardsSeniorStoryteller
 
DevOps and IT security
DevOps and IT securityDevOps and IT security
DevOps and IT securitych.osme
 
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)Arjun Comar
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecureSecurity & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecurePuppet
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Stefan Streichsbier
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareSeniorStoryteller
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua CormanWhere Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua CormanSeniorStoryteller
 
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...SeniorStoryteller
 
Intercept X - Sophos Endpoint
Intercept X - Sophos EndpointIntercept X - Sophos Endpoint
Intercept X - Sophos EndpointDeServ - Tecnologia e Servços
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgDevSecOpsSg
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOpsSeniorStoryteller
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 
The Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps WorldThe Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps WorldPerforce
 
Tools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOpsTools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOpsJ. Paul Reed
 

Mais conteúdo relacionado

Destaque

What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...SeniorStoryteller
 
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...SeniorStoryteller
 
Breaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John WillisBreaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John WillisSeniorStoryteller
 
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionScaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionSeniorStoryteller
 
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon EdwardsOps Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon EdwardsSeniorStoryteller
 
DevOps and IT security
DevOps and IT securityDevOps and IT security
DevOps and IT securitych.osme
 
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)Arjun Comar
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecureSecurity & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecurePuppet
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsIBM Security
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Stefan Streichsbier
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareSeniorStoryteller
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and SecurityStijn Muylle
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012Nick Galbreath
 
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua CormanWhere Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua CormanSeniorStoryteller
 
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...SeniorStoryteller
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgDevSecOpsSg
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Benelux
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
 

Destaque (20)

What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
What We Learned from Four Years of Sciencing the Crap Out of DevOps - Nicole ...
 
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
Requirements Gathering for a Successful Rugged DevOps Implementation - Hasan ...
 
Breaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John WillisBreaking Bad Equilibruim - John Willis
Breaking Bad Equilibruim - John Willis
 
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel DiscussionScaling Rugged DevOps to Thousands of Applications - Panel Discussion
Scaling Rugged DevOps to Thousands of Applications - Panel Discussion
 
Ops Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon EdwardsOps Happens: DevOps Beyond Deployment - Damon Edwards
Ops Happens: DevOps Beyond Deployment - Damon Edwards
 
DevOps and IT security
DevOps and IT securityDevOps and IT security
DevOps and IT security
 
DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)DevOps in a Regulated and Embedded Environment (AgileDC)
DevOps in a Regulated and Embedded Environment (AgileDC)
 
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are SecureSecurity & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
Security & DevOps- Ways To Make Sure Your Apps & Infrastructure Are Secure
 
Empowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOpsEmpowering Application Security Protection in the World of DevOps
Empowering Application Security Protection in the World of DevOps
 
Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016Application Security at DevOps Speed - DevOpsDays Singapore 2016
Application Security at DevOps Speed - DevOpsDays Singapore 2016
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged Software
 
Integrating DevOps and Security
Integrating DevOps and SecurityIntegrating DevOps and Security
Integrating DevOps and Security
 
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
DevOpsSec: Appling DevOps Principles to Security, DevOpsDays Austin 2012
 
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua CormanWhere Bits & Bytes Meet Flesh and Blood - Joshua Corman
Where Bits & Bytes Meet Flesh and Blood - Joshua Corman
 
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
Culture Hacker: How to Herd CATTs and Inspire Rebels to Change the World! - S...
 
Intercept X - Sophos Endpoint
Intercept X - Sophos EndpointIntercept X - Sophos Endpoint
Intercept X - Sophos Endpoint
 
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSgThe Rise of DevSecOps - Fabian Lim - DevSecOpsSg
The Rise of DevSecOps - Fabian Lim - DevSecOpsSg
 
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
Sophos Day Belgium - This is Next-Gen IT Security (Sophos Intercept X)
 
The Journey to DevSecOps
The Journey to DevSecOpsThe Journey to DevSecOps
The Journey to DevSecOps
 
DevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to SecurityDevSecOps: Taking a DevOps Approach to Security
DevSecOps: Taking a DevOps Approach to Security
 

Semelhante a Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed

The Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps WorldThe Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps WorldPerforce
 
Tools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOpsTools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOpsJ. Paul Reed
 
Gain Maximum Visibility into Your Applications
Gain Maximum Visibility into Your Applications Gain Maximum Visibility into Your Applications
Gain Maximum Visibility into Your Applications Amazon Web Services
 
AllDayDevOps: Crossing the CD Chasm
AllDayDevOps: Crossing the CD ChasmAllDayDevOps: Crossing the CD Chasm
AllDayDevOps: Crossing the CD ChasmJ. Paul Reed
 
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS Summit
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS SummitGain Maximum Visibility into Your Applications - DEM03 - Chicago AWS Summit
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS SummitAmazon Web Services
 
Angular server side rendering with NodeJS - In Pursuit Of Speed
Angular server side rendering with NodeJS - In Pursuit Of SpeedAngular server side rendering with NodeJS - In Pursuit Of Speed
Angular server side rendering with NodeJS - In Pursuit Of SpeedIlia Idakiev
 
High quality Front-End
High quality Front-EndHigh quality Front-End
High quality Front-EndDavid Simons
 
Faster! Faster! Accelerate your business with blazing prototypes
Faster! Faster! Accelerate your business with blazing prototypesFaster! Faster! Accelerate your business with blazing prototypes
Faster! Faster! Accelerate your business with blazing prototypesOSCON Byrum
 
From Content Strategy to Drupal Site Building - Connecting the dots
From Content Strategy to Drupal Site Building - Connecting the dotsFrom Content Strategy to Drupal Site Building - Connecting the dots
From Content Strategy to Drupal Site Building - Connecting the dotsRonald Ashri
 
From Content Strategy to Drupal Site Building - Connecting the Dots
From Content Strategy to Drupal Site Building - Connecting the DotsFrom Content Strategy to Drupal Site Building - Connecting the Dots
From Content Strategy to Drupal Site Building - Connecting the DotsRonald Ashri
 
Data Modelling at Scale
Data Modelling at ScaleData Modelling at Scale
Data Modelling at ScaleDavid Simons
 
You Created a Plugin. Now What? WordCamp Orange County
You Created a Plugin. Now What? WordCamp Orange CountyYou Created a Plugin. Now What? WordCamp Orange County
You Created a Plugin. Now What? WordCamp Orange CountyAdam W. Warner
 
The net is dark and full of terrors - James Bennett
The net is dark and full of terrors - James BennettThe net is dark and full of terrors - James Bennett
The net is dark and full of terrors - James BennettLeo Zhou
 
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS Summit
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS SummitCanary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS Summit
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS SummitAmazon Web Services
 
You Created a Plugin. Now What?
You Created a Plugin. Now What?You Created a Plugin. Now What?
You Created a Plugin. Now What?Adam W. Warner
 
100% Visibility - Jason Yee - Codemotion Amsterdam 2018
100% Visibility - Jason Yee - Codemotion Amsterdam 2018100% Visibility - Jason Yee - Codemotion Amsterdam 2018
100% Visibility - Jason Yee - Codemotion Amsterdam 2018Codemotion
 
A practical look at your first laravel angular js app
A practical look at your first laravel angular js appA practical look at your first laravel angular js app
A practical look at your first laravel angular js appJohn Fischelli
 
You Created a Plugin. Now What? WordCamp Sacramento
You Created a Plugin. Now What? WordCamp SacramentoYou Created a Plugin. Now What? WordCamp Sacramento
You Created a Plugin. Now What? WordCamp SacramentoAdam W. Warner
 
Switching horses midstream - From Waterfall to Agile
Switching horses midstream - From Waterfall to AgileSwitching horses midstream - From Waterfall to Agile
Switching horses midstream - From Waterfall to AgileDoc Norton
 

Semelhante a Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed (20)

The Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps WorldThe Changing Role of Release Engineering in a DevOps World
The Changing Role of Release Engineering in a DevOps World
 
Tools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOpsTools, Culture, and Aesthetics: The Art of DevOps
Tools, Culture, and Aesthetics: The Art of DevOps
 
Gain Maximum Visibility into Your Applications
Gain Maximum Visibility into Your Applications Gain Maximum Visibility into Your Applications
Gain Maximum Visibility into Your Applications
 
AllDayDevOps: Crossing the CD Chasm
AllDayDevOps: Crossing the CD ChasmAllDayDevOps: Crossing the CD Chasm
AllDayDevOps: Crossing the CD Chasm
 
New Android Languages
New Android LanguagesNew Android Languages
New Android Languages
 
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS Summit
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS SummitGain Maximum Visibility into Your Applications - DEM03 - Chicago AWS Summit
Gain Maximum Visibility into Your Applications - DEM03 - Chicago AWS Summit
 
Angular server side rendering with NodeJS - In Pursuit Of Speed
Angular server side rendering with NodeJS - In Pursuit Of SpeedAngular server side rendering with NodeJS - In Pursuit Of Speed
Angular server side rendering with NodeJS - In Pursuit Of Speed
 
High quality Front-End
High quality Front-EndHigh quality Front-End
High quality Front-End
 
Faster! Faster! Accelerate your business with blazing prototypes
Faster! Faster! Accelerate your business with blazing prototypesFaster! Faster! Accelerate your business with blazing prototypes
Faster! Faster! Accelerate your business with blazing prototypes
 
From Content Strategy to Drupal Site Building - Connecting the dots
From Content Strategy to Drupal Site Building - Connecting the dotsFrom Content Strategy to Drupal Site Building - Connecting the dots
From Content Strategy to Drupal Site Building - Connecting the dots
 
From Content Strategy to Drupal Site Building - Connecting the Dots
From Content Strategy to Drupal Site Building - Connecting the DotsFrom Content Strategy to Drupal Site Building - Connecting the Dots
From Content Strategy to Drupal Site Building - Connecting the Dots
 
Data Modelling at Scale
Data Modelling at ScaleData Modelling at Scale
Data Modelling at Scale
 
You Created a Plugin. Now What? WordCamp Orange County
You Created a Plugin. Now What? WordCamp Orange CountyYou Created a Plugin. Now What? WordCamp Orange County
You Created a Plugin. Now What? WordCamp Orange County
 
The net is dark and full of terrors - James Bennett
The net is dark and full of terrors - James BennettThe net is dark and full of terrors - James Bennett
The net is dark and full of terrors - James Bennett
 
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS Summit
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS SummitCanary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS Summit
Canary Deployments on Amazon EKS with Istio - SRV305 - Chicago AWS Summit
 
You Created a Plugin. Now What?
You Created a Plugin. Now What?You Created a Plugin. Now What?
You Created a Plugin. Now What?
 
100% Visibility - Jason Yee - Codemotion Amsterdam 2018
100% Visibility - Jason Yee - Codemotion Amsterdam 2018100% Visibility - Jason Yee - Codemotion Amsterdam 2018
100% Visibility - Jason Yee - Codemotion Amsterdam 2018
 
A practical look at your first laravel angular js app
A practical look at your first laravel angular js appA practical look at your first laravel angular js app
A practical look at your first laravel angular js app
 
You Created a Plugin. Now What? WordCamp Sacramento
You Created a Plugin. Now What? WordCamp SacramentoYou Created a Plugin. Now What? WordCamp Sacramento
You Created a Plugin. Now What? WordCamp Sacramento
 
Switching horses midstream - From Waterfall to Agile
Switching horses midstream - From Waterfall to AgileSwitching horses midstream - From Waterfall to Agile
Switching horses midstream - From Waterfall to Agile
 

Mais de SeniorStoryteller

NuGet Package Management Done Right
NuGet Package Management Done RightNuGet Package Management Done Right
NuGet Package Management Done RightSeniorStoryteller
 
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and DockerHero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and DockerSeniorStoryteller
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzSeniorStoryteller
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySeniorStoryteller
 
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSoftware Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSeniorStoryteller
 
Heroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps TransformationsHeroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps TransformationsSeniorStoryteller
 
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessRugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessSeniorStoryteller
 
Create Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply ChainCreate Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply ChainSeniorStoryteller
 
Aligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for SuccessAligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for SuccessSeniorStoryteller
 
Leveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOpsLeveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOpsSeniorStoryteller
 
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and DockerThe DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and DockerSeniorStoryteller
 
Guns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh CormanGuns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh CormanSeniorStoryteller
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsSeniorStoryteller
 
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WayOps Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WaySeniorStoryteller
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsSeniorStoryteller
 
Building Security Controls around Attack Models
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack ModelsSeniorStoryteller
 

Mais de SeniorStoryteller (17)

NuGet Package Management Done Right
NuGet Package Management Done RightNuGet Package Management Done Right
NuGet Package Management Done Right
 
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and DockerHero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
Hero's Tookit: Start Your Rugged DevOps Journey with Nexus, Jenkins and Docker
 
The End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon LietzThe End of Security as We Know It - Shannon Lietz
The End of Security as We Know It - Shannon Lietz
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
 
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSoftware Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
 
Heroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps TransformationsHeroes’ Journey: Learning from Successful DevOps Transformations
Heroes’ Journey: Learning from Successful DevOps Transformations
 
Rugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for SuccessRugged DevOps: Aligning Your Team and Your Powers for Success
Rugged DevOps: Aligning Your Team and Your Powers for Success
 
Create Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply ChainCreate Rugged Applications: Managing Your Software Supply Chain
Create Rugged Applications: Managing Your Software Supply Chain
 
Aligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for SuccessAligning Your Team and Your Powers for Success
Aligning Your Team and Your Powers for Success
 
Leveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOpsLeveraging Nexus Repository Manager at the Heart of DevOps
Leveraging Nexus Repository Manager at the Heart of DevOps
 
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and DockerThe DevOps Hero Toolkit: Nexus, Jenkins and Docker
The DevOps Hero Toolkit: Nexus, Jenkins and Docker
 
Guns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh CormanGuns, Germs and Microservices w/ John Willis and Josh Corman
Guns, Germs and Microservices w/ John Willis and Josh Corman
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
 
Ops Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the WayOps Happen: Improve Security Without Getting in the Way
Ops Happen: Improve Security Without Getting in the Way
 
What We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOpsWhat We Learned from Three Years of Sciencing the Crap Out of DevOps
What We Learned from Three Years of Sciencing the Crap Out of DevOps
 
The R.O.A.D to DevOps
The R.O.A.D to DevOpsThe R.O.A.D to DevOps
The R.O.A.D to DevOps
 
Building Security Controls around Attack Models
Building Security Controls around Attack ModelsBuilding Security Controls around Attack Models
Building Security Controls around Attack Models
 

Último

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxfnnc6jmgwh
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfAarwolf Industries LLC
 

Último (20)

Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptxGenerative AI - Gitex v1Generative AI - Gitex v1.pptx
Generative AI - Gitex v1Generative AI - Gitex v1.pptx
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Landscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdfLandscape Catalogue 2024 Australia-1.pdf
Landscape Catalogue 2024 Australia-1.pdf
 

Release Engineering & Rugged DevOps: An Intersection - J. Paul Reed

  • 1. R E L E A S E E N G I N E E R I N G & R U G G E D D E V O P S : A N I N T E R S E C T I O N ? J . PA U L R E E D R E L E A S E E N G I N E E R I N G A P P R O A C H E S
  • 4. R E L E A S E E N G I N E E R I N G & R U G G E D D E V O P S : A N I N T E R S E C T I O N ! J . PA U L R E E D R E L E A S E E N G I N E E R I N G A P P R O A C H E S D E V O P S C O N N E C T AT R S A C O N F E R E N C E ( 2 . 0 )
  • 5. J . PA U L R E E D • @jpaulreed on • Managing Partner, Release Engineering Approaches • 15+ years build/release engineering experience • Alum of The Ship Show podcast • Today: “A DevOps Consultant™” • Master of Science candidate in Human Factors and Systems Safety @jpaulreed #RuggedDevOps
  • 6. H O W D O T H E Y I N T E R S E C T ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
  • 7. R E L E A S E E N G I N E E R I N G / S E C U R I T Y O P E R AT I O N S S I M I L A R I T Y C H E C K L I S T • We look… “a little off” to developers & the business™. • We both can often be found shoveling DevOps Unicorn poop. @jpaulreed #RuggedDevOps
  • 9. R E L E A S E E N G I N E E R I N G / S E C U R I T Y O P E R AT I O N S S I M I L A R I T Y C H E C K L I S T • We look… “a little off” to developers & the business™. • We both can often be found shoveling DevOps Unicorn poop. • Including our work in project plans/scoping/requirements: maybe? • But when “it” breaks, suddenly: all eyes on us. Really angry eyes. • We have a reputation for “No.” • The nature of our roles is undergoing a fundamental shift. • The industry is starting to “get it.” @jpaulreed #RuggedDevOps
  • 10. How does Release Engineering impact/ relate to/ converge with Security? @jpaulreed #RuggedDevOps
  • 11. R E L E A S E E N G I N E E R I N G ’ S I M PA C T T O / R E L AT I O N W I T H S E C U R I T Y O P S • Software Supply Chains @jpaulreed #RuggedDevOps
  • 12. One vulnerable library in your product is a security problem. Multiple versions of a vulnerable library in your product is a release engineering problem. — @jpaulreed @jpaulreed #RuggedDevOps
  • 13. R E L E A S E E N G I N E E R I N G ’ S I M PA C T T O / R E L AT I O N W I T H S E C U R I T Y O P S • Software Supply Chains • “Old-fashioned” software delivery mechanisms • Artifact management • The bold new world of containers • Every versioning bikeshed ever @jpaulreed #RuggedDevOps
  • 15. 1. The ways in which we consume software continue to be problematic. @jpaulreed #RuggedDevOps
  • 16. 1. The ways in which we consume software continue to be problematic. 2. The ways in which we produce software continue to be problematic. @jpaulreed #RuggedDevOps
  • 17. 1. The ways in which we consume software continue to be problematic 2. The ways in which we produce software continue to be problematic 3. In many cases, we ignoring heuristics that can help us @jpaulreed #RuggedDevOps
  • 19. We are stitching our software together from more places than ever!
  • 20. Your software supply chain may have more actors involved than you think! @jpaulreed #RuggedDevOps
  • 21. Knowing exactly what you’re getting can be difficult… @jpaulreed #RuggedDevOps
  • 22. Making sense of what you have can be difficult. @jpaulreed #RuggedDevOps
  • 23. The good news: this problem has been solved for about 20 years @jpaulreed #RuggedDevOps
  • 25. C V S V E N D O R B R A N C H E S , G I T S T Y L E • Creates a copy of artifacts, so they’re under your control • Supports a standardized version format (but you can use your own because bike shedding!) • Custom-patch to your heart’s content (and be able to track them!) • Supports developer interaction with “standard forks.” @jpaulreed #RuggedDevOps
  • 27. Much easier to just understand what’s going on @jpaulreed #RuggedDevOps
  • 28. Records information you care about, automatically @jpaulreed #RuggedDevOps
  • 30. A L L A B O A R D T H E S S D O C K E R ! @jpaulreed #RuggedDevOps
  • 31. S O W H AT ’ S I N A C O N TA I N E R , A N Y WAY ? You don’t know.@jpaulreed #RuggedDevOps
  • 32. “The majority of people using Docker are using images containing an entire operating system filesystem.” Presentation: https://speakerdeck.com/garethr/whats-inside- that-container @jpaulreed #RuggedDevOps
  • 33. Vine’s source code, leaked via Docker images.@jpaulreed #RuggedDevOps
  • 35. More continuous integration, continuous delivery, and orchestration tools than ever!
  • 37. We’re all applying speed and scale to our CD pipelines. And they may need to have a little more security… and a little less speed and scale. — Security researcher @jpaulreed #RuggedDevOps
  • 39. U S E F U L H E U R I S T I C S W E C A N M I S S Build Processes Taking A Lot of Time @jpaulreed #RuggedDevOps
  • 40. U S E F U L H E U R I S T I C S W E C A N M I S S Build Processes You Can’t Do On a Train @jpaulreed #RuggedDevOps
  • 41. U S E F U L H E U R I S T I C S W E C A N M I S S Build Artifacts You Shipped, But Can’t Find Later @jpaulreed #RuggedDevOps
  • 42. Think of it as housecleaning. Software bugs are like cockroaches: they hide in the darkest, messiest parts of your code. To get rid of cockroaches, you wouldn’t hunt them down one-by-one. Instead, you’d clean up the house and get rid of their hiding places. Do the same in your code. — My undergrad CS professor @jpaulreed #RuggedDevOps
  • 45. Task the Two Groups to Research Your Software Supply Chain @jpaulreed #RuggedDevOps
  • 46. Start a project that engages other teams with these practices @jpaulreed #RuggedDevOps
  • 47. H O W D O T H E Y I N T E R S E C T ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
  • 48. H O W C A N W E E N G A G E A N D H E L P E A C H O T H E R M O R E ? R E L E A S E E N G I N E E R I N G A N D R U G G E D D E V O P S : @jpaulreed #RuggedDevOps
  • 50. Finally, Remember: Who Owns Your Software Supply Chain? @jpaulreed #RuggedDevOps
  • 51. For a handy reminder: http://WhoOwnsMySoftwareSupplyChain.com@jpaulreed #RuggedDevOps
  • 52. J . PA U L R E E D W W W. J PA U L R E E D . C O M @ J PA U L R E E D W W W. R E L E A S E - A P P R O A C H E S . C O M S I M P LY S H I P. E V E RY T I M E .
  • 53. Get  my  slides  immediately   community@alldaydevops.com
  • 54.
  • 55. Our  sponsors  speak  your  language…  DevOps.