List of videos

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Antoinette_Hodes_iot_devices_saving_toasters Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 1:36 the first cyber attack... 2:34 why zero tolerance? 4:57 threat landscape 2023 8:35 resilience security strategies 10:19 mandating zero tolerance 11:38 iot device manufacturing - device and market challenges 12:37 global regulations - safeguarduing the iot revolution 12:50 regulations and standards 13:25 uncovering astounding facts 14:48 zero tolerance architecture 15:34 the future of iot 16:11 conclusion, thank you

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Ixchel_Ruiz_Melissa_McKay_addressing_security_concerns Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:47 background - melissa mckay 1:47 jfrog & nginx series 2:32 security through obfuscation 6:26 moveit transfer vulnerability (progress) 8:38 owasp joke essay 13:13 coding safely: developer education 13:54 software dependencies 15:34 synopsis 2023 ossra report (cyrc findings from 2022) 19:13 supply-chain levels for software artifacts 20:07 dependency confusion attack - package mining 22:44 managing open source dependencies 23:09 the left-pad incident 26:08 container development 30:27 is there any hope??? 30:40 what else can we do? 31:27 owasp resources (cheat sheets) 32:01 openssf trio of free courses 32:27 what can we do??? 35:50 questions?

Read the abstract ➤https://www.conf42.com/DevOps_2024_Kyle_Kelly_minefield_opensource_software Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:47 about kyle 1:16 agenda 1:38 software dependencies 2:05 open source software (oss) 3:48 oss vulnerabilities 7:14 an uncomfortable prioritization exercise 8:10 semgrep supply chain (ssc) 9:40 software composition analysis (sca) 11:34 one of a few ways: reachability 13:30 now what? remediation 14:23 easy wins with semantic versioning (semver) 16:01 manifest file (dependency versions) 17:37 example 18:31 transitive vulnerabilities 20:49 key takeaways 21:48 resources

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Arshan_Dabirsiaghi_army_of_robots Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:45 hi, i'm arshan 1:22 the army of robots is coming 5:36 llms write insecure code and then devs believe it isn't 7:49 can't the models just generate secure code? 12:25 secure software processes are very manual 17:15 limitations of our security programs today 22:11 what can scale with the robots? solution: 22:34 - paved roads 28:05 - better runtime protection (with rasp) 33:55 - security tool copilot 36:36 codemodder: a modern, oss codemod library 41:55 thank you!

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Adam_Furmanek_observability_postgresql_mysql Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 1:16 where we used to be... 3:30 where we are now 5:25 conway's law 8:17 communication 9:40 shift left 11:05 self service 12:56 dashboards what breaks in the current world? 14:03 problems with databases 15:55 slow queries 21:42 incompatible changes in schema 23:39 missing indexes 24:38 too many indexes orm challenges 25:49 - n+1 selects 27:07 - joins 27:25 - lack of visibility 27:55 - migrations 28:55 test - do they work? 29:30 load testing? 31:22 nonoptimal configuration solution - detabase guardrails 34:04 know the context to find the root cause 36:14 monitoring and observability what to observe? 37:14 executing the query 37:43 anatomy of an sql query how to observe? 39:10 observability 45:44 database guardrails 46:29 be proactive and push to the left! 46:54 metis demo 49:16 about metis 49:49 summary 50:57 thank you!

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Alejandro_Duarte_mariadb_fork_mysql Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:48 who is this guy? 1:16 agenda the history of relational databases 1:48 early databases 2:34 edgar codd 3:47 first implementation 4:39 structured query language 6:53 open source 8:06 first free sql database mysql 8:39 michael widenius 9:41 mysql gains popularity 10:31 oracle buys sun microsystems mariadb 12:13 mariadb as a fork of mysql 13:20 mariadb gains popularity storage engines 15:05 many, many storage engines 16:31 cross-engine sql queries 17:48 different workloads: https://youtu.be/xYaYG-SuPsQ?si=h474LUas0J2OLwpu mariadb enterprise 17:59 enterprise subscription 19:53 intelligent database proxy 20:47 nosql protocol 21:35 sql and nosql in mariadb: https://youtu.be/MyZhH4SX458?si=3HqZEg9i1EfFe-hV 22:03 change data capture 22:53 read-write splitting 24:27 topology isolation 24:57 automatic failover present and future 26:16 deployment and other features 27:32 sql compatibility modes who uses mariadb? 28:03 usage around the world 28:19 notable distributions 28:32 notable users 29:06 fortune 500 29:14 downloads conclusion 29:20 the mariadb evolution 30:17 thank you!

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Alexey_Ozeritskiy_distributed_sql_database_optimization Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:51 about me 1:16 outline 1:51 yql: distributed sql database engine 3:35 massive data handling 4:28 yql architecture overview 5:48 example 6:08 execution plan 7:03 bechmark-driven approach 8:28 tpc-h benchmark 9:02 data generation 10:26 continuous integration (ci) 12:38 run distributed engine in one process 13:35 run distributed engine in multi-process configuration 15:15 unixbench's style measures 15:54 tpc--h 100: target values 17:10 hardware investigations 18:12 linus performance tools 20:00 more linux performance tools 21:58 slow join 25:04 perf top 25:42 stackcount 26:12 memory allocator 28:41 results containerization and performance 29:19 user code isolation 31:07 execution plan 31:47 executions pipeline with unix pipe 32:48 slow results 33:08 linux ipc performance 33:36 pipe performance 36:14 results: dq @pipe+ pipe 36:49 what's next? 37:49 thanks you

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Natalie_Lunbeck_e2e_test_merge Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 0:57 what we'll discuss 1:18 standard automated testing 2:15 ci: a principle and a pipeline 2:42 the "default" e2e testing workflow 4:11 q: why e2e test before merge? 4:43 the ideal e2e testing workflow 6:03 the solution? pr environments 7:16 demo: using cypress and shipyard to run e2e tests on every commit in a github actions workflow 15:56 thank you

Read the abstract ➤ https://www.conf42.com/DevOps_2024_Harsh_Mishra_shift_left_chaos_testing Other sessions at this event ➤ https://www.conf42.com/devops2024 Join Discord ➤ https://discord.gg/DnyHgrC7jC Chapters 0:00 intro 0:38 preamble 1:07 agenda 1:57 why shift left chaos testing? 3:10 why chaos testing? 5:35 what tools are out there? 6:37 but what about cloud chaos testing? 7:45 why use cloud emulators? 8:34 leveraging open-source cloud emulators 8:45 testability of cloud app deployments 9:29 mocking 10:20 service emulators 11:21 cloud emulation with localstack 11:53 chaos testing with localstack 12:57 demos 26:08 conclusion 26:20 pick your battles 27:22 establish key scenarios 28:04 cloud emulators to the rescue 29:31 thank you!