Rob Bos

Information & Communications Technology

Azure Azure DevOps Visual Studio / .NET .net core Entity Framework GitHub GitHub Actions GitHub Advanced Security

's-Hertogenbosch, North Brabant, Netherlands

Rob Bos

DevOps Consultant @ Xpirit

Rob has a strong focus on ALM and DevOps, automating manual tasks and helping teams deliver value to the end-user faster, using Continuous Integration / Continuous Delivery and other DevOps techniques. This is applied on anything Rob comes across, whether it’s an application, infrastructure, serverless or Data Science environments. Additionally, Rob focusses on the management of production environments, including dashboarding, usage statistics for product owners and stakeholders, but also as part of the feedback loop to the developers.

Current sessions

Protect yourself against supply chain attacks

Attacks against your pipelines is more and more common these days. We'll go over the attack vectors you need to be aware of and how someone could potentially misuse a simple setting to hijack you environment, with very large consequences.

From breaking out of your shell scripts in the CI/CD pipeline, misusing typo's in third party packages or even squatting your internal package names on a public repository: there are lots of ways to get into your pipeline!

Protect your code with GitHub security features

Creating modern software has a lot of moving parts. We all build on top of the shoulders of giants by leveraging closed/open source packages or containers that other people have shared. That makes securing our software a lot more complex as well!

In this session you'll learn what possible attack vectors you need to look for, how to protect yourself against them and how to leverage GitHub's features to make your life easier!

- Signed Commits
- Dependabot updates
- Dependency scanning for known vulnerabilities
- Secret scanning (and revoking) out of the box
- Using CodeQL

How to use GitHub Actions with security in mind

When working in the real world with continuous integration / continuous deployment, you have to take care of your pipelines and the things they have access to.

- Who can push code into to an environment?
- Who could read and change the connection strings to the database?
- Who can create new resources in your cloud environment?
- Do you trust your third party extensions?
- What part of the network does your pipeline have access to?

I'll go over each of these aspects of your GitHub Actions Workflows and show you what to look for and how to improve your security stance without locking every DevOps engineer out.

Target audience: DevOps engineers on GitHub

Azure DevOps/Azure scaling story from the trenches: automating 1400 applications for a global event

We want to tell you our real world experience about a global event that reached 10.000 participants, involved 1.400 websites and databases, raised 8 disruptions on those websites and even caused Azure DevOps outages in the process.

In which we reached the limits of the cloud and still were able to spend only half of the budget. We will tell you how we automated all the infrastructure for the event: from CI/CD pipelines to deploy the Azure infrastructure, to the actual event day automation.

What did we run into, what did we use, what have we learned and how you can use this in your day-to-day work?

Level 200 session, preferred duration 45 - 60 minutes

Past and future events

Techorama 2021 Spring Edition

16 May - 18 May 2021
Antwerpen, Flanders, Belgium

NDC London 2021

25 Jan - 29 Jan 2021
London, England, United Kingdom

DevOps Pro Europe 2020

Workshop: Building an End-to-End CI/CD Pipeline in Azure DevOps (Full day)
Session: How to Run a Global, Cloud Scale Event for 10.000 People
24 Mar - 26 Mar 2020
Vilnius, Lithuania

DevOps Fest 2020

Session: How to run a global, cloud scale event for 10.000 people
20 Mar - 21 Mar 2020
Kyiv, Kyiv City, Ukraine

Evolve Conference 2019

20 Oct 2019
Birmingham, England, United Kingdom

DevNetNoord - Meetup (130 attendees)

This year was the third edition of the Global DevOps Bootcamp. 92 venues, 35 countries and 1200 teams participated in this global hackathon. Since Global DevOps Bootcamp is an event out of the box, we, as global organizer, provisioned all infrastructure on both Azure and Azure DevOps, so participants could get a kickstart and focus on the real value.

Behind the scenes this means a lot of things. 1200 WebApps, 4 AKS clusters, load balanced websites for the challenges, 1500 AAD users and a Global Scoreboard. On Azure DevOps teams had their own Team Project, prepopulated with Repos, pipelines and service connections.

In this talk I will walk through all the the architecture, design choices and automation we created to run this Global Event.
19 Sep 2019
Groningen, Netherlands