Agile + DevOps East 2019 - Test Automation Engineer

Imagine this … As soon as any developed functionality is submitted into the code repository, it is automatically subjected to the appropriate battery of tests and then released straight into production. Setting up the pipeline capable of doing just that is becoming more and more common and something you need to know about. But most organizations hit the same stumbling block—just what IS the appropriate battery of tests? Automated build architectures don't always lend themselves well to the traditional stages of testing. In this hands-on tutorial, Melissa Benua introduces you to key...

DevOps is about creating alignment across the value stream for an application, service, or product. DevSecOps integrates security into this process, making the entire team responsible for delivering secure code that works and can be deployed and used securely. But how do you actually do that? What tools do you add to your DevOps pipeline to help make your software secure and provide your stakeholders with a high level of confidence that the software meets all security requirements & standards? In this tutorial Tom Stiehm will explore what security tools you can add to your DevOps...

Organizations today can no longer afford to deliver new features to their respective markets once a year or even once a quarter. In the attempt to catch up with the competition, they jump onto DevOps journey starting with the "How" and losing the sight of "Why" and "What". Join this gamified simulation tutorial to gain a solid understanding of foundational principles of the DevOps culture. Experience the benefits of DevOps transformation even before initiating one in your enterprise! This tutorial is ideally designed for organizations that are evaluating their approach to DevOps...

The ability of DevSecOps to produce secure code requires the merging of two very different cultures: AppSec and DevOps. While AppSec lives in a black-and-white world of secure or not secure that would cause “Hello World” to take six months to release, DevOps knows that the reality of software development is actually shades of gray, especially as demands are increasingly placed on development teams to produce more, faster. Brittany Greenfield will teach you how to apply the Japanese concept of wabi-sabi, which accepts imperfections in the things that we create, to DevSecOps, allowing you to...

Come get your questions answered by an agile expert! We won't have an actual fireside, but Linda Rising will be on hand to answer your questions and discuss the topics that are most important to you. Linda is an internationally known presenter on topics related to agile development, patterns, retrospectives, the change process, and the connection between the latest neuroscience and software development. And she wants to discuss whatever interests you. Bring your questions and be ready for a lively, interactive discussion.

Serverless cloud applications are rapidly moving into the mainstream. In this model, teams focus on developing and deploying code on a known technology stack and runtime, with fixed interfaces for application, database, and network. It offers the advantage of lower costs, faster development, and elastic growth. But testing serverless applications also brings significant challenges to testers. Because the stack is maintained by the cloud provider, it is updated with new versions and security patches on a regular basis. Testers have to continuously test the stack interfaces to make sure that...

Software testing lags behind the pace of features development and digital innovation. Despite recent advancements, testing remains one of the biggest challenges in DevOps. Research shows that DevOps teams have an average of less than 60 percent test automation coverage—and that’s a problem. To scale DevOps and agile and realign the entire software release cycle, Eran Kinsbruner believes there needs to be a better solution. To increase test automation coverage, teams need to match software testing deliveries with the right testing tools, skill sets, and personas. Eran will explain...

The ultimate objective of a DevOps approach is to deliver quality products to your customers as efficiently as possible. DevOps shops that achieved this state point to continuous testing as a key contributor to their success. However, QA and testing have become forgotten along the DevOps journey of many organizations. For groups that have incorporated testing, many have a release cadence that resembles something more like waterfall. The culprit is often the inability to incorporate stable automation into their testing practices. Lee Barnes will discuss how organizations can address...

Many organizations ignore culture and overfocus on picking and implementing the right tools. However, these tools have underlying cultural assumptions. If the current culture does not support these assumptions, then automation will only have limited success, or even fail altogether. So how do you address this problem? By recognizing that overfocusing on tools is a problem in the first place. Start by understanding the cultural assumptions supporting the optimum use of the tools, as well as how your organization measures up in relation to high-performing organizations. Finally,...

These days everyone wants to containerize their application, but not everyone understands the best way to go about it. You need a tool to manage your containers, you need tools for image security scanning, you need to completely rethink how your application fits into its deployment environment, and most importantly you need to make sure you’re following good DevSecOps practices. Join Ryan Kenney as he discusses how he has addressed these concerns, among others, for various clients. Ryan will discuss options for container orchestration tools like Kubernetes and its competitors. Then, he...

Most teams that do agile development start with Scrum. And why not? Scrum is a proven method for focusing your team, ensuring that work adds value, and minimizing the risk with release. Then, after awhile, Scrum becomes stagnant. There are no more speed increases, and the team focuses more on ceremonies than delivery. At this point, Extreme Programming (XP), and Lean XP in particular, is the next step in agile maturity. Lean XP means developing software at the last possible moment ("just-in-time development") using one-week sprints, test driven development, pairing at all levels,...

DevSecOps is so much more than forcing developers to use legacy scanning tools. In this talk, we will discuss a continuous, effective, and scalable DevSecOps pipeline using free cutting-edge tools. We'll discuss and show IAST (Interactive Application Security Testing) to accurately pinpoint vulnerabilities in both custom code and libraries in real time without scanning. We'll discuss and show RASP (Runtime Application Self-Protection) in production to gain visbility into application attaches and to prevent vulnerabilities from being exploited. And we'll discuss how to integrate the results...