List of videos

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Muralidhar_Basani_simplifying_kafka_governance Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 2:09 apache kafka in brief 3:38 what is governance ? 4:07 kafka environment & challenges 5:33 questions arise 6:30 how to manage kafka ? 7:29 what is klaw ? 9:25 klaw architecture 10:57 request / approval 11:23 demo : a simple user journey 13:02 demo of consumer acl 15:29 demo of schema request 17:31 demo of topic promotion 19:58 demo of synchronize topics 22:02 does klaw fit in your project ? 22:34 project links 22:50 thanks!

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Robert_Hodges_monitoring_open_source_analytics_visualization Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 2:07 about robert 3:21 monitoring is for answering questions 3:55 what's the best way to answer these questions? 4:36 off-the-shelf solutions? perhaps not for you... 5:23 let's build a monitoring system with open source 6:06 pick an opne source analytic database 7:22 a short list of reasons why clickhouse is popular 8:50 clickhouse optimizes for fast response on large datasets 10:35 ...and supports [many] dozens of input formats 11:16 it also has great support for time-ordered data 12:30 grafana pairs well with clickhouse for observability apps 14:00 sooo... how do we ingest vmstat data and display it? 14:23 step 1: generate vmstat data 15:12 here's the output 15:38 step 2: design a clickhouse table to hold data 17:28 step 3: load data into clickhouse 18:23 step 4: build a grafana dashboard to show results 19:26 step 5: go crazy! 20:12 demo 26:38 more software to build monitoring on clickhouse 27:51 where can i find out more? 28:54 thank you and have fun!

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Romano_Roth_architect_continuous_delivery Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 1:51 about romano 3:41 today's challenges 5:55 where do these challenges come from? 6:48 it's about products! 8:07 devops is here to help 8:36 who is devops 10:01 why is this important for you? 10:45 example? 13:14 the 24 key capabilities that drive improvements in software delivery performance 17:21 the science behind devops 18:09 the benefits of the devops 19:00 product development 21:32 built-in quality 22:22 test fast for continuous feedback 24:57 the right balance of tests 26:16 continuous testing 27:51 built-in security 28:17 the continuous delivery pipeline 28:57 what the platform vendors promise... 30:59 continuous security 32:09 built for operability 33:34 evolution of monitoring 35:46 we need to architect for operability 37:20 build a platform 38:18 you need to take care about the full stack 39:35 think about that on scale... 40:41 platform engineering enables devops in product teams 42:57 platform engineering scales the platform to multiple product teams 44:11 summary 45:54 we are entering the age of industrialization of software development

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Chester_Santos_instant_memory_training Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 talk

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Roni_Dover_opentelemetry_code_prod Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Contact Roni ➤ roni.dover@gmail.com Chapters 0:00 intro 1:43 preamble 2:10 about roni 2:54 coding practices are changing 3:38 how i wrote code yesterday 5:37 technology is allowing us to leverage more data 6:40 what you know about your code? 8:33 here be dragons 9:20 instead... 10:28 those who don't know, troubleshoot 11:35 fact or fiction? 14:25 the would be 10x developer 14:52 where feedback is missing 17:33 back to the source 20:21 why is otel so important? 23:35 what is tracing? 25:32 what a trace looks like? 26:03 automatic vs. manual instrumentation 26:45 how to use otel when developing 27:56 demo 54:08 reach roni

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Siddhartha_Khare_opentelemetry_path_observability Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 1:58 whoami 2:17 agenda 2:33 how many tools companies use to collect telemetry data? 2:51 monitoring vs observability 4:03 why observability 5:10 opentelemetry 7:11 second most active cncf project 7:26 core concepts opentelemetry 8:36 - instumentation 9:40 - collector 14:06 - sampling config 15:30 way to export 16:18 industry adoption 18:27 recap and highlights 19:11 reach out, thanks!

Read the abstract ➤https://www.conf42.com/DevSecOps_2023_Daniel_OatesLee_git_secrets_repos Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 2:25 whoami 4:08 whoarewe 4:45 content 5:32 what is the problem? 12:48 what can go wrong? 18:36 how do we defend? 27:53 secretmagpie? 34:18 questions? 34:32 thanks

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Alex_Soto_kubernetes_secrets_secret Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 2:29 about alex 2:51 what is a secret 3:36 it's about layers 5:14 what is devops and gitops? 7:51 what is gitops? 10:23 gitops application delivery model 16:05 protecting secrets stored in git 16:48 sealerd secrets 20:27 external secrets 24:00 demo 32:54 encryption data at rest 34:37 encrypt etcd data 36:16 possible solutions 38:25 how we indect etcd secrets into deployments 41:02 hashicorp vault 42:28 the good, the bad and the ugly 45:34 demo 50:46 secrets lifecycle 51:23 conclusions 53:20 thank you 53:38 resources

Read the abstract ➤ https://www.conf42.com/DevSecOps_2023_Brian_Contos_hacking_demos_secrets_asset_intelligence Other sessions at this event ➤ https://www.conf42.com/devsecops2023 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 1:43 preamble 1:58 asset intelligence 4:12 dirty secrets: xiot 6:08 internet-accessible xiot 8:13 research stats 10:46 dangerous lies - common xiot attack types 11:18 rsocks common xiot attack types 12:55 - physical 13:15 - fronton 14:09 - oem attacks 14:19 - illegal xiot devices 16:08 - pivot attacks 16:19 - quietexit 20:27 demo 1 - industrial camera 25:34 demo 2 - hacking industrial robots 34:38 remediation, visibility with an asset intelligence platform 36:45 try it. a free poc only takes 60 minutes 37:18 thanks