Software BoM at the time of DevOps (and DevSecOps .. and VSM ...)

The BoM is not necessarily anymore only "the knowledge needed to recreate a particular release”.
Or, at least, in the world of DevOps, it has become something like "all of the environment information, tools, and specific branch and version of the software built, typically stored in an escrow account”.
But also, in the connected world of DevSecOps, shouldn't the BoM include the results, at a certain moment (the moment of the release), of all security results matching the state of the art?
We will discuss these aspects, and others like the purpose of the BoM, in this session open to questions, discussions and contributions.

Digital transformation towards microservices on multi-cloud: how to remove the anxiety

Companies are transforming. Transforming towards … ? Sometimes the answer is “towards complexity, towards anxiety … because we do not know exactly towards *what* we are going. In this anxiety, one can put: managing a growing number of micro services and containers, realizing more frequently, manage multi clouds, …
We will discuss about these topics and how the anxiety can be removed with the adequate principles and tools.

Target delivery: digital transformation leaders and doers
First delivery: DoX by Linux Recruit, on Aug. 2020

Gitops and CDevents to achieve automated compliance? Really??

using Gitops and CDevents in DevSecOps release orchestration pipeline, to make sure that Every Software Released Automatically Complies with Control Standards:
Especially for banks, releasing controlled software is not only a must, but a business priority. In this session we will present and discuss: - Implementing DevOps processes - made possible through a set of tools - to ensure that every piece of software released into production complies to the required level of control - How this level of control is defined not by the projects, but by transverse teams who make sure all controls are compliant with the state of the art - How these controls become company-wide best practices, so that these transverse groups are meant to disappear after the Culture and Best Practices are disseminated within the organization

using Gitops and CDevents in DevSecOps release orchestration pipeline, to make sure that Every Software Released Automatically Complies with Control Standards:
Especially for banks, releasing controlled software is not only a must, but a business priority. Through a real-life example, Manuel will show how DevSecOps practices have been made part of the delivery process, seamlessly, in a way they HELP software delivery supply chain.