Turbocharge Your Cloud Native CI/CD Using GitHub

Building, testing, scanning, packaging and releasing cloud-native applications can be challenging. Ensuring that you have the right controls in place without impeding developer velocity and experience is a delicate act!

With GitHub, you can build, test, package and release cloud-native applications with Actions and IssueOps and secure your apps with GitHub Advanced Security to ensure that you can go fast and decrease risk.

In this session, Colin shows how you can automatically build, test, scan and publish containerized cloud-native apps ready to deploy to Kubernetes. Then see how you can use IssueOps to release to a k8s cluster securely without even having to manage secrets.

This session requires some prior knowledge of and experience with Kubernetes as well as GitHub Actions. This is an advanced session!

Security at the Speed of GitHub

Application security is still a challenge for every enterprise. GitHub takes a fundamentally different, community-driven approach to application security by natively integrating security into the daily developer workflow. This developer-driven security is revolutionizing the industry.

In this session, we cover why GitHub entered into the application security arena in the first place with a brief history of Code Security. We then dive into the core features of GitHub Advanced Security: code, dependency and secret scanning. Finally, we'll look at how to scale security to your entire enterprise so you can drive greater risk reduction without impeding velocity, allowing your developers to deploy fast - and safe.

Scaling AppSec through Cultural Change and Developer Experience

Application Security (AppSec) remains one of the biggest challenges facing organizations today, and the security professional to developer ratio of 1:570 isn't helping. Most organizations have looked to tooling and traditional security teams and processes to try to meet this challenge: the brutal truth is that this is failing.

In this session, we look at a brief history of AppSec. We then look at how Team Topologies by Matthew Skelton and Manuel Pais can help organizations scale scarce security expertise through cultural change. Finally, we look at how GitHub Advanced Security and a focus on Developer Experience can practically drive cultural change and make organizations successful at modern AppSec.

Target Audience: CISOs, AppSec Managers, DevExperience Leads

Making your Cloud Native development Cloud Native with GitHub!

Ever had to follow a long README just to get started with a project? Ever been blocked from development because your Docker desktop fell over or got into a weird state? Ever wonder why you're still using your laptop to develop Cloud Native apps?

Using CodeSpaces, you can set up full end-to-end environments for developing Cloud Native apps in the cloud. Codify your dev environment so that onboarding is a snap and your can go from zero to running in seconds - all from a browser. As a bonus, you'll see how CoPilot - your AI pair programmer - can make you even more productive.

In this session Colin shows you how to set up a full Kubernetes development environment for developing cloud native containerized applications including running and debugging your app so that you can make your "inner loop" experience fully Cloud Native.

I, for one, welcome our new AI Overlords

The breathtaking success of ChatGPT and Large Language Models (LLMs) is undisputed. GitHub Copilot X, built on this technology, presents a seminal moment in history for DevSecOps. But, like any AI, it must be used responsibly. What should organizations be considering as they evaluate these technologies and what impact will there be to developers?

In this session, Colin talks about some considerations of AI-powered DevSecOps. He will also demo how GitHub Copilot X, embedded throughout the development lifecycle, can increase developer productivity, enhance security and accelerate business outcomes.

The Hero’s Journey: a guide to scaling Copilot in the Enterprise

The Hero's Journey is a storytelling pattern that has been used for centuries in literature and mythology. This framework is seen in almost every successful story - from the Odyssey to Lord of the Rings and even Harry Potter.
GitHub Copilot is the world's most successful AI pair programmer, boosting individual productivity at the task level. However, rolling out GitHub Copilot at scale in the Enterprise can be challenging. How do successful organizations realize enterprise gains with GitHub Copilot?
In this session, Colin covers what the Hero's Journey is and how we can use this journey to create a framework for rolling out GitHub Copilot at scale.

AppSec at Scale: What's new with GitHub Advanced Security

Application Security (AppSec) programs continue to be a challenge for most Enterprises. Developers and security professionals don't often see eye-to-eye and often use different tools and platforms, further isolating teams from one another.
In this session, Colin covers how GitHub Advanced Security is the only developer centric AppSec platform that both developers and security professionals love. We explore some of the newest features that allow AppSec programs to scale - from org-wide "instant-on" capabilities to AI-enhanced fixes.