Unlock the potential of your product roadmap with DevOps. Enhance planning, streamline development, and accelerate delivery for a more efficient and agile workflow.

What a great talk, thanks for sharing!

Ты токсик

What IDE iss thisguy using

nice tips! why do your filepaths use backslashes? it doesnt look like you are on windows?

Reaching 30% of the talk and I hear her speaking about quite basic and obvious security things. And now I m reflecting on her special number 100:10:1 sort of complaining that 1 security is not enough and a daunting role to work alone with the other 10 and 100 devs. I find it a little bit pretentious, if not insulting, to assume that only her, as a security role, would only be concerned let alone be able to apply the best practices of security. Isn't it what a good developer should and probably taking into considerations in his/her everyday work?

Ist das der Bruder von Kaya Yanar?

Xi o cafezinho tava no centro de um pedido de casamento da vida da gente se fala alguma novidade sobre o cafezinho tava no centro da cidademesmo e um beijo no rosto de um pedido para mim também se eu tô

C BB GG GG e GG GG GG e GG GG GG e GG GG e GG e GG e GG e GG e GG GG GG

Vc quiser vir amanhã de manhã e o carro para mim ir no mercado e o carro para todos vcs vão vir embora e um beijo e um pouco de um pedido para todos

C a gente vê se ele pode ser no sábado de manhã e o carro para mim também se eu tô aqui no hospital de manhã

Ch SP e um beijo e um beijo no rosto e o carro para mim ir lá no grupo de manhã r viu o jogo de um beijo no coração de um beijo e

X brasil ao vivo no RU-vid de manhã e a tarde te falo ok obrigado pela atenção e o cafezinho da tarde para todos vcs estão no centro da igreja e um beijo e um pouco para todos vcs estão fazendo

I'm a bit confused as to why we should not stop continuous integration on security issues. I thought DevSecOps was about involving everyone in security. Isnt breaking the build the best way to involve devs? If the tools cause too much noise, isn't the problem with the tools? I guess it all depends on the team size. I can see in a 100:10:1 organization, you wouldn't want to stop CI on security checks. But in a 10:2:2 organization, it seems reasonable to fail builds.

Hashicorp sounds like a futuristic crime org that grows illegal superorgans. I love it.

What if a JWT expires though a process? e.g. is valid for one service but by the time it is passed to another it becomes invalid?

The actual keynote starts around 22:00 in the video.

WASM isn't good alternative to Docker since it is rather limited VM, e.g. there is no support for multithreading.

The same exact case at 10:07 happens to us right now, we have around 30 versions of a service and it's nearly impossible to understand which one to use. In fact, we are stuck in a version (let's say 7) when the 12 is available but the subsequent versions have degradation of performance in some cases, or break too many things or it changes the way of querying causing a ripple effect on too many things.

binary thinking is your my friend or enemy. your a saint or a sinner. your with the facts of with fake news. in reality there the big elephant in the room that is that gray era of uncertainty. this uncertainty is where we derive our facts from but rely on hard evidence that need to be scrutinized trough uncertainty to find truth. without the fringe of ideas there will never be any hard facts but biases instead based on fight or flight friend of foe saint or sinner or fact and fake news. recreating a primitive war mentality is to think in binary. science is not fact or fiction. science is a progress of finding truth or at least agree upon things. its not truth here and lies over there. science is being demolished by binary thinking echo chambers and reinforced bias.

This is cool. I wonder when there will be networking support.

So... corporate...

Every time she said "DevOps" I heard the "Devils" which are not that far apart really

Just watched the way through, great presentation. Will go back an take more notes soon. This info was very helpful. Thanks again.

"How many of you have SUCCESSFULLY implemented DevOps?" @ 3:56. ....hilarious. Good vid.

I am working in a whole infrastructure automated via Lambda. Nightmare to maintain at scale.

seems to very similar presentation i have seen in youtube

disappointing :( there was no mastery nor was there any NINJA If that buggy code was a pull request to me , I would reject that

While this talk places a lot of emphasis on the security to go shift-left in the software development cycle, there's no major mention of protection/security of data within those applications. PII data, for example. What're the best practices to ensure security of something as sensitive as the customer's addresses, phone numbers etc?

The funny thing is, I had this problem, in principle, solved over a decade ago.. or at the very least greatly reduce version conflict issues. I even publish some ideas and library code based on those principles several years before this video was posted. But since I'm a nobody and the code was on a personal nobody server instead of some well known site, like github or wordpress, I expect few, if anyone ever took notice of my work. And since I'm not much of a self-promoter, it never not any real momentum.

@12:49 - But you can have multiple versions of classes loaded, IF you use compartmentalized class loaders. As long as multiple versions can run side by side and not interfere with each other (e.g. they don't open a static named temp file which can't be used by more than one version, or instance, at the same time). And also as long as the libraries using different versions keep them hidden, thus incompatible sub-libraries can never directly interact by being exposed to each other.

This is great intro talk to modular monolith, which is probably the most suitable choice for the vast majority of companies out there. Microservices are great but if you have team of 30, 40 developers, it is still an overkill in most cases.

Really good talk. Thanks for posting.

What's interesting is there is an emphasis on a safe product. This would require a 'DevSafeSecOps' process to be implemented to consider safety properties of a system and safety analysis to be carefully considered as part of an agile process, especially for a safety related product or service.

lovely chart and movement of tasks around pipeline. thanks for being openminded to share and educate. regards from Singapore!

This is very useful. Thanks Nic!

at 22:25 a "return command" is missing, otherwise "echo false" always gets executed

Talking about mastering and you use single [ test and $(...), no coproc, poor.

OMG as a cloud security person this is the story of my life!!

First of all, nice prez! Although, I'd like to ask a question :) I don't seem to find the answer anywhere (it gotta be somewhere, I'm still looking) Anyway, I saw there are two ways implementation of security: 1- Authentication first, you get the token, and then you make requests reroutes through the gateway 2- Everything goes through the gateway, including authentication (it's considered as another microservice) So yeah, everyone shows the 1st implementation, where 2nd is also used but not very common, and I wanna ask why? I mean, if we're in a microservices architecture, why don't I have authentication behind the gateway as well? Is it more complicated (yeah, you'd have to reroute every authorization & authentication endpoints to retrieve the token), but would that be the only reason? Doesn't make sense to me ... Any thoughts?

Just cracked an interview of Devops with just your explanation and keywords. Victoria you are great <3

Brilliant thanks

Such a comprehensive overview of the issues and solutions for logging, much appreciated.

Good information

Do u think NX could be a good solutions to the issues that was mention in the video?

Thanks for sharing the knowledge

Nic, amazing presentation!

human error is never the root cause, I love it

Documentation. Actually answer the “why” and “how” in your docs. If critical thinking is our job, then strive to provide the tools to allow people to critically think. Document why you have the dependencies you have. That way the person there while you’re on vacation have an actual source to refer to as to why things exist as they do. It blows my mind how little documentation exists in a way to do anything more than provide a basic “just do this and it works!” Example. Make your docs in a fashion that would make you understand how it was written without you having any prior knowledge. I get the demand, but even comments all throughout code can making everyone’s lives better

Thank you for the presentation. Many interesting and valuable lessons.