How do heavy metal songs teach us to be better programmers?

In most conferences, you see all the remarkable frameworks and the latest improvements that make your life easier. To be a better developer, you need more skills apart from pure technical ones.

This session challenges you to discover what else is needed from your side to become a better professional. It doesn't matter whether you work remotely, in an office, or part of a small startup or a huge company. Those skills are the same.

I am reviewing some heavy metal classics and sharing my view of what they can teach you.

Do you have an identity crisis at work? What does Arch Enemy have to say?
Do you need help with a problem? Pantera has the answer.
Do you want to go out of your comfort zone? Judas Priest has something to offer.
Do you need support with all the processes and automation? Black Sabbath to the rescue.

You will learn to be resilient, react to a change, fight for yourself, get back on your path when you lose it, and focus on things that make you happy at work!

We usually ignore the (soft) skills you need to help you work better with others. When you need them, it is too late. Come with me on the journey to listen to some heavy metal music, sing songs (if you feel like it), and be serious about your me(n)tal health.

Being an open source fan, I also have a section that focuses on the fact that sometimes contributing to a free (as in free beer) project helps you enrich your personality!

The talk contains a lot of heavy metal music, and it's interactive. You will learn a new skill that you could apply the next day. Being a heavy metal fan is not required!

The talk is based on my previous talk about Heavy Metal and Fun. https://vimeo.com/showcase/10782746

Where did all the fun go?

Elevator Pitch

After three days at a metal festival, I realized something sad. In the software world, we don’t have fun at work anymore. I am not talking about the HR-inspired fun; I am talking about the joy that comes from the inside. I want to change that and challenge you to bring back our fun.

(not so ) Abstract

My career in IT started as a servant to programmers: fixing a line or two in the code, and now I am a director in a vast international privacy company. If I look back, it was different. Oh gosh, we had so much fun in the past.

Do you remember the chair rowing? Do you remember how amazed we were to crash a keyboard or two on each other backs? Do you remember us singing songs about Java while writing fake protocols?

What happened to us?

I don't know when it happened, but it seems that at some point recently, most of the world decided that IT is an elite profession that needs to produce only value no matter what.

This is a great tragedy, and it must be rectified. Why do we have feelings, emotions, and personalities if we no longer have fun?

In this talk, I will take you on a retrospective journey through the years to what went wrong and how we fix it together. It's more like an art provocation than talk, so please keep your mind open to learn something new.

I will cover the epoch of the world before Agile to the era of the Artificial Immigrant (AI), who is here to take your jobs away.

Ideally, the talk comes with a lot of metal music, if the organizers are so good to allow that. I am not representing my current company but myself in this mission.

Waste? How to remove (or recycle) the B.S from your software delivery system

Looking at my career on Linkedin, you will see that I started working in IT 22 years ago. You also would notice that I was working in almost every role within the software delivery system: From a webmaster, through an analyst role, release manager to my current position as director of program management. I am not writing this to brag but to show you that I have a lot of experience dealing with waste in the system.

My initials are B.S., and I want to help you remove the B.S. from your system. This talk focuses on the following:

0) How to build a holistic view of your software delivery system.
1) How to identify waste and plan what to do with it.
1.1) What part of the waste can you recycle and make it work for you?
1.2) IDentify what you need to throw away immediately.
2) Tackling the top problems I see in my software world.

Top Problems

The one source of truth
Working with multiple stakeholder groups is always a challenge. Often we needed to catch up on all of the document sources. How to build one trustworthy source to rule them all, and do we need it?

The tools we use
Everyone hates Jira. Everyone Loves Jira. How are the tools helping us reduce waste, and why do we use them? What antipatterns might you see, and how to break the vicious cycle?

Feedback
Change is a team sport. After identifying the gaps and where the B.S. lives, you will want to fix this. You can't fix this alone. I'll show you some powerful techniques to engage with your stakeholders to start the change.

There is always more.
Of course, there is always more waste lurking behind the corner. That's why I'd like to spend the last minutes of the discussion on a problem from the audience. Come prepared, and let's get this started.

I'll share success and failure stories for every topic so that I challenge your smart brain to think. This talk is the first step for you on your mission to remove the waste of your Software delivery system. Let's take it together.

We are doing it wrong: Threat Modeling.

Threat modeling is one of the most critical activities if you release any software to the web. There are numerous tools, books (one of each is mine), and tutorials on making it suitable. My talk has a different intent - it walks you through bad practices. How the modeling is wrong, and how bad actors can exploit that.

Here is an example:
Only one person in the company does Threat modeling. On the surface, the "hero" approach might be a good use of someone's time, but in the end, the thread modeling attendees' diversity matters. I'll give you some statistics from an exercise where the group put their heads together to protect a beer tap and a dog.

I'll also focus on actual use cases like this:
We do it once a year as a "team building exercise."
We need to know a threat model before we use all the automated/helping tools.
We know everything, and our model is the best.

I've survived two breaches, and we could have prevented them using proper threat modeling.

The talk is interactive, full of fun stories and a bit of metal music. This talk aims to engage with anyone in the Secure Software development chain and encourage you to adapt your processes to secure your software by knowing and refusing those evil practices.