In this talk, Cristian will demo how to host a containerized application with cross-data-center redundancy using Kubernetes, Rook / Ceph, Calico, and WireGuard.

Session Keywords

In this session, we explain how software containers, kubernetes and Cloud IDEs form an instrumental mechanism to deliver such a globally accessible DevOps process that keeps the organization’s source code, data and credentials secure even when the corporate IT perimeter ceases to exist.

Session Keywords

Adobe Commerce Cloud will migrate thousands from Platform.sh to Adobe Cloud running Kubernetes and AWS natives services. How do you plan and execute this at scale?

Session Keywords

This talk covers how good architecture diagrams can help with:
– communication with stakeholders
– improving security-posture
– cost optimization
– performance optimization & solving scalability issues
– spreading domain knowledge within the team
– spreading DevOps culture within the team

Session Keywords

In this talk, we will focus on four critical security controls that will be integrated as part of the CI/CD pipeline: static application security (SAST), dependency check (SCA), infrastructure as code (IaC) and dynamic application security (DAST). Anything from your Terraform deletes to code vulnerabilities, infrastructure misconfigurations and more can be operationalized and enforced through OPA and ArgoCD or even other GitOps methods and CI tools like Github Actions. Code examples will be showcased as part of this session.

Session Keywords

In this session, Kim will discuss the problems that PurpleTeam solves, such as training the Build User with advice and tips on security defects as you fix the defects that PurpleTeam highlights.

As well as the huge cost savings of finding and fixing your application and infrastructure security defects early (as you’re introducing them) as opposed to late (weeks or months later with external penetration testing) or not at all.

Session Keywords

In this talk, we will summarize the insights we gathered, and in particular, will review the most obvious DON’Ts and some less obvious ones, that may help you prevent your next production outage by learning from others’ real world (horror) stories.

Session Keywords

In this talk, Jeroen will present OWASP WrongSecrets: a project with which he shows how to not store secrets with a purposefully vulnerable application.

Session Keywords

During this presentation Katarzyna will describe the problems with getting logs not available on STDOUT and will show how Tailing Sidecar Operator helps in getting them, leveraging benefits of using mutating admission webhooks to inject tailing sidecar container to Pod.

Session Keywords

When Linus designed Git, one of his famous quotes was “branching is not the problem, merging is”. Properly merging database schema changes along with code is even harder – especially if many teams and terabytes of data get involved. Lilli will tell how those challenges got addressed at GitHub and how the same tooling found its way into PlanetScale’s database branching and merging workflow.

Session Keywords

Johannes Nicolai

PlanetScale, Germany

This talk is focused on how one team at Cisco has leveraged this model and what a powerful impact it has had. We will discuss the goals of the team, what problems they had before implementing this model, then the framework of what they implemented and the operational model. Digital transformation through GitOps and Infrastructure as Code has been successful.

Session Keywords