Build Systems that Drive Business
June 11–12, 2018: Training
June 12–14, 2018: Tutorials & Conference
San Jose, CA
All
Production Engineering, SRE, and DevOps
Jessica DeVita (Microsoft)
Jessica DeVita tells the story of how a team at Microsoft challenged themselves to retrospect their retrospectives and shares what they learned about applying human factors ideas to software development.
Monitoring, Observability, and Performance
Morgan McLean (Google), Jaana Burcu Dogan (Google)
Morgan McLean and Jaana Burcu Dogan detail how to quickly instrument your distributed services and gain visibility into their operation with OpenCensus.
Sponsored
Mark Prichard (AppDynamics)
Mark Prichard reviews available metrics from infrastructure, Kubernetes, containers, and application code and shares options for viewing them holistically, thus providing a complete picture of how your applications are behaving and how users are experiencing them.
Will Gallego (Etsy)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Will Gallego walks you through the structure of postmortems used at large tech companies with real-world examples of failure scenarios and debunks myths regularly attributed to failures. You'll learn how to incorporate open dialogue within and between teams to bridge these gaps in understanding.
Michael Brunton-Spall (Bruntonspall Ltd)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Traditional security approaches to threat and risk management are highly optimized to work within a traditional software development lifecycle. Michael Brunton-Spall shares a new approach to reviewing systems along with real-life examples to help you prioritize where to focus security efforts and what sorts of security threats you should worry about.
Sponsored
Laurent Gil (Zenedge)
Bots now make up over 50 percent of website traffic, and have become the primary source of malicious application attacks, from DDoS to sophisticated intrusions. The ability of bad actors to disguise bot traffic as legitimate via simulated human behavior presents a challenge: organizations need to allow “good” bot and human traffic, while blocking the “bad” traffic.
Containers, Continuous Delivery
Qingyang Chen (Google), Appu Goundan (Google)
Qingyang Chen and Appu Goundan demonstrate how to speed up container-based development by building container images with Jib, a Google image build tool for Java applications.
Continuous Delivery, Kubernetes
Jason Yee (Datadog)
Jason Yee shows how you can more easily test code in production while isolating the effect of potential issues using container orchestration and services meshes.
Michael Hausenblas (Red Hat)
1-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
In this hands-on training, Michael Hausenblas teaches you everything you need to be successful with networking in a containerized setup, no matter if you’re a developer or an admin. You'll start with a simple case of Docker containers running on a single machine and move on to advanced networking with Kubernetes.
Containers
Abby Fuller (Amazon Web Services)
There are many conference sessions on "how to get started with X." But once you've gotten up and running, there isn't always a lot of guidance on how to solve harder issues. Abby Fuller takes you beyond getting started with containers on AWS, covering advanced topics like hybrid clusters, bringing your own AMI, working with Docker settings not supported in the UI, and debugging load balancers.
Serverless
Mike Roberts (Symphonia)
Mike Roberts leads warts-and-all journey through some of the limitations of a serverless approach and shares a practical set of techniques of how to deal with these concerns.
Keynote
Bryan Liles (Heptio)
Declarative application management enables developers and operators to simplify their configurations while deploying into increasingly complex environments. Bryan Liles explains how to evaluate and integrate these new practices into existing continuous integration pipelines.
Building Secure Systems
Matt Freels (Fauna)
The complexity of distributed databases makes building tools for their declarative automation a daunting engineering challenge. Drawing from his experience of developing multiple configuration automation systems for databases, Matt Freels explores patterns that generally apply to building declarative management tooling for distributed stateful systems.
Building Secure Systems
Scott Wimer (Smartsheet)
Scott Wimer explains how to support the GDPR’s Right to be Forgotten through targeted, secure data destruction.
Building Secure Systems, Continuous Delivery
Luis Eduardo Colon (Amazon Web Services)
Many fundamental security practices and controls apply to serverless applications, including implementing proper monitoring and logging of all requests and events. Luis Eduardo Colon explores recommendations published by the Center for Internet Security (CIS), explains how to automate the deployment of some of these controls, and outlines considerations relevant to serverless functions.
Building Secure Systems
Serena Chen (BNZ Digital)
What insights do we gain if we apply user experience design to information security? Serena Chen shares four strategies that apply design thinking to security problems, pinpointing which practices work and which are detrimental. Serena then walks you through some common flows and dissects how design decisions affect your personal security.
Sponsored
Ben Amaba (IBM)
The digital world has produced efficiencies, new products, and closer customer relationships. Yet as systems continue to gain complexity through emerging technology, the failure rates in budgets, schedules or quality goals continue to become unmanageable. This presentation will discuss how to effectively use frameworks and methods to create business models that are intelligent and resilient.
Distributed Data
Alena Hall (Microsoft), Natallia Dzenisenka (Independent Contractor)
Data is generated at an ever-increasing rate, so your architecture for ingesting these incoming influxes of data needs to be flexible, scalable, fast, and resilient. Alena Hall and Natallia Dzenisenka walk you through using distributed systems like Apache Kafka and Spark Streaming to process data coming from multiple sources in real time, do processing, and perform machine learning tasks.
Sean Kane (New Relic)
2-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Drawing on his book Docker: Up and Running, Sean Kane walks you through everything that you need to know to start using Docker successfully, from installing Docker and designing and building Docker images to deploying and managing Docker containers. You'll leave with a firm understanding of how containers can help you optimize your workflow.
Keynote, Sponsored
Dave Andrews (Verizon Digital Media Services)
Change is inevitable, but the aftereffects can be either good or bad. Having the right tools is one way to meet this challenge. Dave Andrews explains how to wield the power of a global 50 Tbps application delivery network, featuring 125+ points of presence, to ensure maximum availability during and after a change.
Ben Hartshorne (Honeycomb), Christine Yen (Honeycomb)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Ben Hartshorne and Christine Yen explore what it means for a system to be “up” by discussing end-to-end (e2e) checks (what makes a good one and what techniques are valuable when thinking about them). Along the way, you'll learn how to write and evolve an e2e check against a common API.
Leadership
Donovan Brown (Microsoft)
“That would never work here.” You’ve likely heard this sentiment (or maybe you’ve even said it yourself). Good news: change is possible. Donovan Brown explains how Microsoft's Visual Studio Team Services (VSTS) went from a three-year waterfall delivery cycle to three-week iterations and open sourced the VSTS task library and the Git Virtual File System.
Leadership
Kathleen Vignos (Twitter)
Engineering teams want technically competent managers, but they also often want managers to keep their hands off their code. So how can managers keep their technical skills relevant in order to add the most value? Kathleen Vignos shares creative strategies for developing and maintaining technical skills—some through the act of managing itself.
Systems Engineering & Architecture
Bing Wei (Slack)
In 2016, Slack faced a problem: the load on its backend servers had increased by 1,000x. Bing Wei explains how rearchitecting the system with lazy loading, a publish/subscribe model, and an edge cache service overcame the problem with zero downtime, improved latency, and gains in reliability and availability.
Serverless
Soam Vasani (Platform9 Systems), Timirah James (Platform9 Systems)
FaaS functions are great for small functionality but not for complex real-world applications. Soam Vasani and Timirah James explore four available options for composing functions, along with a deep dive into workflows.
Monitoring, Observability, and Performance
Christian Saide explains how NS1 was able to reduce infrastructure, maintenance, and operational costs while simultaneously increasing throughput and visibility of key metrics by leveraging Elasticsearch as a time series database.
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Francesc Campoy Flores walks you through the tools that make Go a great programming language, from the well-known go tool to lesser-known tools that allow you to profile, debug, and understand the performance of your programs. Along the way, you'll learn how to tune Visual Studio Code as a Go editor, although you are welcome to use any other editor—most provide great integration with Go.
Ian Henry (Chef), Nathen Harvey (Chef)
1-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Habitat is a simple, flexible way to build, deploy, and manage applications of any flavor in any operational environment, from bare metal to containers. It provides consistent, repeatable, auditable applications that lower operational complexity and simplify development workflows. Ian Henry and Nathen Harvey walk you through using Habitat to build and deploy applications.
Sponsored
Martin Woodward (Microsoft)
Expanding on the concepts from his keynote, Martin Woodward digs in behind the data and gives a technical summary of the steps Microsoft has taken in its journey to DevOps. Join in to discover what Microsoft has learned so far and the next areas it will focus on.
Kubernetes
David Calavera (Netlify)
Netlify recently moved a production system to Kubernetes, but the story isn't so simple. David Calavera shares the lessons Netlify learned during the migration that made the company roll the migration back and explains how they rolled it again—all without affecting production availability.
Tammy Butow (Gremlin)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
High-severity incident management is the practice of recording, triaging, tracking, and assigning business value to problems that impact critical systems in order to enhance the customer experience by improving your infrastructure reliability and upskilling your team. Tammy Butow walks you through establishing a high-severity incident management program and measuring its success.
Monitoring, Observability, and Performance
Baron Schwartz (VividCortex)
Baron Schwartz demonstrates how to monitor a database by understanding the difference between workload and resource monitoring—and the golden signals for each.
Containers
Cynthia Thomas (Cilium)
Modern microservices architectures (like those run on Kubernetes) need modern security solutions to provide least-privilege security. Cynthia Thomas outlines traditional firewall methods and details the evolution of the distributed security model to enforce least privilege for microservices.
Distributed Data, Hardware, Storage, and Datacenters
Miro Cupak (DNAstack)
The Beacon Network is the largest search and discovery engine of human genomic data in the world. Miro Cupak details the architecture and technologies behind the system with focus on the technical decisions that allow it to scale and disrupt the perception of genetic data.
Containers
David Cheney (Heptio)
David Cheney shares real-world advice on how to extend the capabilities of a Kubernetes cluster, using the development of the open source Contour ingress controller as a case study.
Distributed Systems
Kyle Kingsbury (Jepsen)
Kyle Kingsbury offers an overview of Tesser, a Clojure library for writing commutative, parallel folds that can be chained and composed into complex single-pass reductions that are dramatically faster on multicore systems and can be transparently distributed over Hadoop.
Seth Vargo (Google)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Kubernetes is a popular application scheduler and orchestration tool, but its built-in secret storage does not provide the robustness many organizations require. In this interactive workshop, Seth Vargo demonstrates how to connect applications and services running under Kubernetes to HashiCorp Vault.
Jared Lander (Lander Analytics)
2-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
In this two-day course, Jared Lander walks you through using R to create a data operations workflow to make use of your data. You'll start with the basics of the language then cover data manipulation, plotting, and workflow documentation, enabling you to automate and document your workflow, reports, and visualizations.
Ryan Schneider (Heptio)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Using a combination of lecture and hands-on exercises, Ryan Schneider walks you through deploying Kubernetes and containers to build out a microservices architecture.
Nathen Harvey (Chef)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Join Nathen Harvey to learn how to easily integrate automated tests that check for adherence to policy into any stage of your deployment pipeline, using InSpec for compliance and Chef for remediation.
Keynote
JavaScript engines are frequently targeted by malicious attackers, and dozens of vulnerabilities are reported in them every year. Most of these occur due to errors made while implementing well-specified features. Natalie Silvanovich discusses the link between feature complexity, developer error, and security vulnerabilities and the importance of considering implementation difficulty in design.
Keynote
Kyle Kingsbury (Jepsen)
Details to come.
Sponsored
Jeff Williams (Contrast Security)
In this talk we'll focus on layering security tools on a CI/CD pipeline without disrupting it. We'll demonstrate a fast, effective, scalable DevSecOps pipeline using free tools.
Keynote
Kris Nova (Heptio)
Details to come.
Keynote
Susan Fowler (Stripe)
Details to come.
Keynote
Details to come.
Keynote, Sponsored
Nick Tran (Akamai)
Details to come.
Bridget Kromhout (Microsoft)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
In this hands-on Kubernetes workshop, Bridget Kromhout walks you through launching clusters and details all the moving parts you need to know about to use Kubernetes in production.
Kubernetes
Ian Lewis (Google)
Ian Lewis shares the easiest and best ways to improve the security of your Kubernetes clusters
Brian Ketelsen (Microsoft), Erik St. Martin (Microsoft)
2-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Brian Ketelsen and Erik St. Martin guide you through key concepts and practices for deploying and maintaining applications using Kubernetes.
Leadership
Sunil Sadasivan compares the work environments of startups to those of bureaucracies and shares lessons for maintaining an optimal engineering work culture learned at the US Department of Veterans Affairs.
Sponsored
Matt Torrisi (Oracle+Dyn)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Matt Torrisi demonstrates how to build domain traffic easily by enabling multiplatform DNS, covers the important criteria in assessing DNS network compatibility, and walks you through using DNS as a traffic-steering platform.
Sponsored
Tim Koopmans (Tricentis)
Tim Koopmans explains how load testing is being reinvented for DevOps, covering where traditional load testing approaches fall short for Agile and DevOps, what’s needed to rapidly expose performance issues before they impact users, and new approaches to making load testing faster, simpler, and more realistic.
Mike Roberts (Symphonia)
2-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Serverless applications have moved from interesting oddity to the mainstream. But how do teams take the raw ideas of serverless and apply them in a continuous deployment context, operate serverless applications with confidence, and scale them to handle whatever the world can throw at them? Mike Roberts guides you through the answers to these questions and more, in this in-depth master class.
Monitoring, Observability, and Performance
Gwen Shapira (Confluent), Xavier Léauté (Confluent)
Experienced Kafka admins don’t just collect metrics; they go the extra mile and use additional tools to validate availability and performance on both the Kafka cluster and their entire data pipelines. Gwen Shapira and Xavier Léauté share best practices for monitoring Apache Kafka, covering critical metrics, common mistakes, what metrics don’t tell you, and how to cover these essential gaps.
Kubernetes
Jeff Poole (Vivint Smart Home)
Networking with Docker and Kubernetes is a lot more complex than with traditional servers and virtual machines. Jeff Poole offers an overview of the concepts involved and explains what tuning may be required to use Kubernetes successfully.
Kubernetes
Kris Nova (Heptio)
Kris Nova leads a deep dive into the world of migrating a monolithic Java application to running in Kubernetes.
Tomas Lin (Netflix), Emily Burns (Netflix)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Tomas Lin and Emily Burns walk you through building continuous delivery pipelines for deploying and promoting code across cloud virtual machines and containers using Netflix's Spinnaker continuous delivery platform.
Distributed Data, Hardware, Storage, and Datacenters
Victoria Nguyen (Fastly)
Victoria Nguyen explains how Fastly overhauled the monitoring and data collection of its globally distributed network without its caches noticing.
Keynote
Renee Orser (NS1)
Engineering managers build the strongest teams by listening to their engineers, continuously calibrating their own alerts, and driving change management based on the feedback sourced from within their engineering organization. Renee Orser explains how to monitor the human networks within your engineering teams using models similar to your distributed technology systems.
Distributed Systems
Alex Petrov (DataStax)
There are many ways to reach agreement in distributed systems: multiphase commits in transactions, topic pointers in streaming systems, proof of stake in cryptocurrencies, leader election in databases, the list goes on. Alex Petrov shares best practices for reaching agreement, helping you develop intuition and navigate distributed systems vocabulary and basic concepts.
Production Engineering, SRE, and DevOps
Alex Jaimes (Acesio)
Machine learning (ML) is becoming a critical skill for developers and businesses alike. Applying ML successfully in real-world scenarios, however, remains challenging. Alex Jaimes discusses how to find opportunities to apply ML, the pitfalls in applying it, and the steps required to succeed—from data to metrics to testing to other critical factors.
Distributed Systems
Sean T Allen (Wallaroo Labs)
In 2007, Pat Helland published "Life Beyond Distributed Transactions: An Apostate’s Opinion," in which he conducts a thought experiment on how to design a distributed database that can scale almost infinitely. While the paper explicitly addresses distributed database design, Sean Allen shows that the ideas are far more widely applicable, particularly in scaling stateful applications.
Distributed Systems
Performance debugging is a crucial part of ensuring code is production ready, particularly as a company and its products grow. However, bottlenecks that hold these services back can be hard to identify. Christian Grabowski shares his experience debugging bottlenecks in distributed systems, at both a macro (metrics, distributed tracing) and a micro (user space and kernel space profiling) level.
Monitoring, Observability, and Performance
Jamie Wilkinson (Google)
Jamie Wilkinson offers an overview of SLOs and the concept of the error budget, a study of the motivation to move away from cause- to symtom-based alerting, and demonstrates how to implement it in your own projects.
Hardware, Storage, and Datacenters, Systems Engineering & Architecture
Brodie Kurczynski (Las Cumbres Observatory)
Brodie Kurczynski shares how Las Cumbres Observatory developed a stateless interface to take real-time observations on a private global telescope network over the internet using a nonprofit budget.
Continuous Delivery, Systems Engineering & Architecture
Rewriting the key software component of your platform from scratch is always intimidating, especially when you guarantee 100% uptime, your platform is in the critical application delivery path, and your environment is highly distributed. Shannon Weyrick discusses NS1's recent DNS server rewrite and the steps the company took to roll it out across its globally distributed network with no downtime.
Distributed Data
Jon Tirsen (Square)
Jon Tirsen explains how Square scaled out the backend for its Cash app using Vitess, a database middleware for MySQL built at YouTube.
Keynote
Julia Grace (Slack)
When Julia Grace joined Slack two-and-a-half years ago, the company had fewer than 100 engineers. It's now at more than 350, and her team grew from 10 to 50 people in 18 months. Julia shares tips and stories from the leadership front lines as she learned how to rapidly scale herself and her leadership team during a period when her job was substantially changing every six months.
Leadership
Julia Grace (Slack)
When Julia Grace joined Slack two-and-a-half years ago, the company had fewer than 100 engineers. It's now at more than 350, and her team grew from 10 to 50 people in 18 months. Julia shares tips and stories from the leadership front lines as she transitioned from line manager to managing managers.
Preetha Appan (HashiCorp), Alex Dadgar (HashiCorp)
1-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Scheduler frameworks enable reliable and repeatable application deploys. Preetha Appan and Alex Dadgar demonstrate how to use Nomad to build a multiregion, self-healing production environment that runs a diverse set of workloads. You'll get hands-on experience writing and submitting job specifications, interacting with the API, and using multiple deployment strategies.
Keynote
Nicole Forsgren shares results and stories from four years of research to uncover the secrets and surprises of what really makes high-performing technology-driven teams and organizations.
Bill Boulden (ClearView Social)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Serverless architectures remove load from web servers and scale flawlessly to handle any volume while keeping you from paying for an instant of wasted idle time. Bill Boulden walks you through creating a functioning serverless API that coexists alongside conventionally served web pages using AWS Lambda and API Gateway.
Serverless
Lynn Langit (Lynn Langit Consulting)
Serverless data access (via SQL and other data query/processing languages such as Spark) is fast becoming the norm. Lynn Langit compares the state of public cloud serverless SQL via AWS Athena, Google Big Query, and others and explores architectural patterns and examples of services for emerging serverless and data lake cloud pipelines.
Production Engineering, SRE, and DevOps
Seth Vargo (Google)
Local service discovery and availability is easy, but how do you discover services in other data centers or other cloud providers? Seth Vargo explains how HashiCorp Consul can provide service discovery, monitoring, and failover across many regions and multiple public and private cloud providers.
Production Engineering, SRE, and DevOps
Laine Campbell (Fastly)
Laine Campbell leads a deep dive into the development, monitoring, and iteration of service level objectives while inventorying and taking into account risks inherent in your constantly evolving service.
Hardware, Storage, and Datacenters, Systems Engineering & Architecture
Marcel Flores (Verizon Digital Media Services)
Marcel Flores explores the design and implementation of Heteractis, the traffic management system Verizon Digital Media Services uses to turn network telemetry data into automated decisions in an automated fashion.
Tamao Nakahara (Weaveworks)
1-Day Training Please note: to attend, you must be registered for a Platinum or Training pass.
Prometheus—an open source monitoring system and time series database—features a multidimensional data model and a flexible query language and integrates monitoring aspects from client-side instrumentation to alerting. Tamao Nakahara offers an overview of Prometheus architecture and concepts and walks you through using Prometheus and PromQL.
Sponsored
Jon Hodgson (Riverbed)
Much of the monitoring data we rely on is fundamentally flawed, lacking the resolution and accuracy needed to effectively detect and diagnose many issues. Digital signal processing science has overcome similar challenges for audio. Using sound as an example, Jon Hodgson explains how these principles are leveraged by organizations to improve the fidelity of their performance monitoring.
Distributed Systems
Manish Mehta (Netflix), Torin Sandall (Open Policy Agent Project)
Manish Mehta and Torin Sandall lead a deep dive into how Netflix enforces authorization policies (“who can do what”) at scale in its microservices ecosystem in a public cloud without introducing unreasonable latency in the request path.
Keynote, Sponsored
Kyle York (Oracle Dyn)
When the Internet's not bombarding your DNS with bogus requests, it’s trying to execute malicious SQL queries and crawling your site with bots (some good, some bad). Learn how to take action.
Serverless
Erica Windisch (IOpipe)
Serverless and other stateless applications still manipulate state—somewhere. Erica Windisch explains why observing this state and knowing where, how, and why that state is manipulated is important for operational security and developer concerns such as debugging.
Continuous Delivery, Production Engineering, SRE, and DevOps
Paul McCallick (Nordstrom)
Paul McCallick discusses how and why Nordstrom has moved to an only-production viewpoint, saving countless engineering cycles and putting effort where it matters.
Distributed Data
John Mumm (Wallaroo Labs)
Coordination is a common source of performance problems when dealing with distributed state. John Mumm shares strategies for avoiding coordination and relying on local knowledge wherever possible along with pros and cons and tips for using in-memory state instead of the typical approach of using external data stores.
Keynote
Nikki McDonald (O’Reilly Media ), Ines Sombra (Fastly), James Turnbull (Empatico)
Program chairs Nikki McDonald, Ines Sombra, and James Turnbull open the second day of keynotes.
Systems Engineering & Architecture
Astrid Atkinson (Google)
Astrid Atkinson shares a microservices-based approach to tackling legacy and heterogeneity at Google.
Continuous Delivery, Serverless
Donna Malayeri (Pulumi)
Tooling is necessary for serverless and service-full applications. Donna Malayeri shares a decision framework for choosing infrastructure deployment tools, based on whether you need flexibility and control or simplicity and ease-of-use. You'll learn how to evaluate several popular cloud automation tools, including AWS SAM, Terraform, Chalice, Serverless Framework, and more.
Sponsored
Jasmin Nakic (Salesforce ), Jackie Chu (Salesforce)
Tutorial Please note: to attend, you must be registered for a Gold or Silver pass.
Jasmin Nakic and Jackie Chu share techniques to identify performance challenges by analyzing production data from Salesforce and other sources and explore the AI models to predict trends, detect anomalies, and troubleshoot performance problems.
Keynote
Nikki McDonald (O’Reilly Media ), James Turnbull (Empatico), Ines Sombra (Fastly)
Program chairs Nikki McDonald, Ines Sombra, and James Turnbull open the first day of keynotes.
Sponsored
Imad Mouline (Everbridge)
During crisis situations when lives are at stake, your critical event management and messaging platform cannot allow even the tiniest performance glitch. Imad Mouline explores technical and compliance challenges for building highly reliable, highly scalable, and highly secure systems that comply with the most demanding clients' needs and the highest levels of international regulations.
Leadership
Sacha Judd (Hoku Group)
Homogenous teams are one proven cause of missteps and flaws in software products and pipelines. Sacha Judd offers a fresh perspective, detailing available tools to improve hiring, promotion, and internal culture.
Containers, Continuous Delivery
Liz Rice (Aqua Security)
Liz Rice leads a dive into what's easy—and what's not—about finding and patching security vulnerabilities in containers.
Keynote, Sponsored
Martin Woodward (Microsoft)
Martin Woodward leads a whistle-stop tour of Microsoft's seven-year DevOps journey, explaining why the company embarked on this transformation and what benefits it has already seen.
Building Secure Systems
Neal Mueller (Google)
Google conducted the first longitudinal study of the underground ecosystem fueling credential theft and identified 12.4 million potential victims of phishing kits. Neal Mueller discusses this data and shares phishing demos and recommendations about the effectiveness of phishing prevention tools, including education, antivirus software, filtering, 2FA, password managers, and security keys.