Modern DevOps Sydney schedule

During this 10-minute networking session, the aim of the game is to go and meet three people you don't already know. Use the questions on the screen to guide your conversation. Have fun! 

Product teams innovate at a rapid pace to stay ahead of the game with their competition. Most often, security is an after-thought while releasing software and that slows down time taken to release software to the end users. In this talk, I will share some best practices for how to create a culture of collaboration between dev and security teams and bring security to the Agile development process early on.

• When is the best time to introduce security!
• Prioritise fixing security issues vs work on product backlog
• Bridging the gap between product teams and Security teams

Redefine your perspective on the future of software development. Explore how the potential of AI extends beyond coding efficiency to improve your overall developer journey. Start building a better developer experience with AI and Atlassian.

Key takeaways:

• Understand the potential benefits and nuanced pitfalls of AI in software development
• Use complementary AI tools to support developers across activities

• Understanding the concept of Platform Engineering and its pivotal role in supporting DevOps practices
• Empowering developers with internal developer platform – enabling self-service, reduce cognitive load, and optimising efficiency
• Understanding the significance of adopting a product-centric approach and treating platforms as products in reshaping DevOps Culture

Moderator:

• Andrew Horton, CTO, Threat Canary

Panellists:

• Jovana Dunisijevic, Software Engineer, Atlassian
• Vinod Bansal, Practice Manager – DevSecOps, QBE Insurance
• Uzair Majid, DevSecOps & Automation Security Lead, Major Australian Telco
• Vijay Jay, Practise Manager - DevSecOps & AI, Toyota Finance Australia
  

• DevOps Data Challenge: Addressing slow data, shift left, breach risks, and compliance needs, while discussing the pitfalls of siloed compliance and synthetic data.
• Rapid, Secure Data Delivery: Defining useful data, creating assets through masking, and discussing data profiling, classification, unified masking, rapid delivery, and self-service capabilities.
• Unlocking AI Potential: Exploring AI's current market position and its data challenges similar to DevOps, emphasising the importance of good data amid security risks.
• Data's Vital Role: Highlighting data as crucial for DevOps and AI, underscoring the need for secure data delivery in the contemporary regulatory and security landscape.
  
  

• Exploring the challenges of AppSec programs and strategies for heightened effectiveness
• Implementing secure CI/CD pipeline and understanding the true power of scalable DevSecOps
• Engineering practices that enable the scalability of DevSecOps processes, accommodating the evolving needs of modern software development

The latest DevSecOps Report defines a vivid image of organizations’ journey to secure their software development pipelines, with intriguing conclusions about challenges, success factors, and risk exposure across industries and maturities. Integrating security controls across the development lifecycle and CI pipelines establishes mechanisms for rapid risk detection, accelerated remediation, and automated security gates. But aligning development, AppSec, and DevOps teams to realize a vision for secure DevOps requires a clear strategy.

Join us as we examine the key findings from the DevSecOps Survey and discuss:

• The state of DevSecOps across roles and technologies
• What a maturing DevSecOps program looks like and which tools and practices foster growth
• Recommendations for how to integrate application security without impeding DevOps

• Redundancy and innovation
• Redefining creativity
• Anticipating the future through design

AI from Cloud to Edge

As the demand for adaptive applications continues to rise, the integration of AI from cloud to edge becomes increasingly crucial. This approach enables real-time data processing and decision-making at the edge devices, enhancing the responsiveness and intelligence of applications. Couchbase stands out as a unique database solution in this landscape, offering seamless scalability, low latency, and robust support for edge computing architectures. Its ability to synchronize data across distributed nodes efficiently makes it an ideal choice for organizations seeking to harness AI capabilities across the entire network, from centralized cloud infrastructure to edge devices, to deliver dynamic and personalized user experiences.

Gautam Rewati, Regional Solutions Engineer, Couchbase

• Enhancing observability with AI-infused monitoring by analysing observability data in real-time, providing insights into root causes and suggesting corrective actions
• Using AI/ML models to predict future workloads, allowing proactive resource planning and allocation
• Adjusting resource allocation based on real-time demand patterns, optimizing performance and minimizing costs by using AI

The AI coding revolution is here. While AI offers exciting possibilities, it also introduces new vulnerabilities. Veracode's fast, accurate scans keep pace with your AI-driven development, empowering you to stay secure. Our responsible AI solutions, Veracode Fix, help you rapidly reduce security debt and build secure applications in this dynamic environment.

Speakers:

• George Vatis, Director ANZ, Veracode
• Vincent Deng, Solution Architect ANZ, Veracode

• People, Process, and Technology (PPT) in container security – how these key elements form the foundation of a robust security-focused environment for cloud-native workloads
• Emphasising the significance of securing by design in container security
• Uncovering the best practices for securing containerised workloads and exploring the tools to effectively safeguard applications

This session will discuss the latest Al Trends for DevSecOps and how you can harness the power of Al to improve testing, security, documentation - streamlining your entire software development and deployment workflow! one workflow to unite your developers, security, and operations teams powered by Al.

We will share real-world examples and insights from his work at GitLab, highlighting how the company is at the forefront of integrating cutting-edge solutions into its platform to support the evolving needs of DevOps professionals.

The software development and application security testing landscapes have changed significantly over the years. Application security, however, has not quite kept up and doing security is still an onerous and frustrating process, with security still slowing development down. Edwin will share a different approach to application security, where we're shifting security further left and focusing on the application's supply chain.

• Importance of CloudOps in the era of multi-cloud
• How it ensures a successful AI strategy (by having an agnostic data platform)
• How it ensures a proper HA/DR strategy (multi-AZs is not enough as we saw recently...)
• How can you navigate cloud economics (one click re-deployment without impacts on connected applications)

• Monitoring risks in DevSecOps (key metrics)
• Practical Vulnerability Management
• Insights for a Product Risk Dashboards
  
  

• Exploring the factors that make cyberwar seemingly inevitable and discussing the urgency for robust defence mechanism
• Drawing parallels between the need for automation in cyber defence today and the significance of the production line
• Reflecting on the historical intertwining of technology, markets, and war, and how this connection persists in 2024