DevOps Security Cloud Architecture Agile Leadership Coaching Application Lifecycle Management (ALM) Product Development Inner Source Open Source Automation & CI/CD Advanced Engineering
London, England, United Kingdom
Matteo Emili is a Group Manager and DevOps Coach at Avanade UK and Ireland, leading the DevOps talent in Software Engineering and always looking at new ways of applying technology to solve business problems.
He is a passionate Agile advocate and a technologist at heart, a Cloud Architect who is always driven by using technology as a vehicle for change and continuous improvement.
A Microsoft MVP since 2010 (currently in the Azure DevOps and GitHub category), he enjoys sharing back as much as he can with the worldwide technical communities – especially about Agile and DevOps.
He founded several User Groups around Europe and he is a regular speaker at meetups and conferences.
We've all seen it at some point - suddenly Agile and DevOps are brandished as silver bullets within an organisation, usually coupled with some innovative technology like Kubernetes, at the ready to solve every possible problem.
What's really unfortunate is what happens next: usually failure. DevOps used as a tool is not effective, and it can be extremely dangerous.
Where DevOps really shines is as a foundation for people's empowerment - let's see how this can be put into practice.
So many know the drill - a centre of excellence is stood up, some code and recommendations come out of it, nobody really uses it, back to the usual in a year or so. It happens very often in large enterprises trying to reinvent the engineering function
With this session though I am not here to complain or talk about failed attempts - I want to talk about an actual success story which absorbed over a year of my life (and it's still ongoing!), which led to a well-oiled Inner Source product in a large enterprise as well as a number of examples of collaborative development in a non-IT organisation.
It's been a journey, long and with mistakes, however successful in the end! Let's see how.
We live in a fast-paced industry. Today we get a brilliant new feature for Azure DevOps, the day after a new GitHub Actions enhancement comes out. Why two platforms? What’s the need?
Is it confusing? Perhaps, however it shouldn't be – however I have been in several situations where I had to deal with both, let’s try to shed some light on how to get the best of these two!
DevOps is disruptive and cloud adoption is often billed as easy: sign-up to your favourite provider, adopt CI/CD and Infrastructure as Code, deploy with your favourite stack, done.
Is it really the case? Not so much - enterprise-grade Cloud and DevOps adoption is a degree of magnitude more complex, more nuanced and with way more moving pieces than a simple 'sign-up and go'.
Have you ever heard of a Landing Zone? Did you consider self-service automation? Are your processes ready for it, or do you have a laggard to care for? How about FinOps? Is Kubernetes going to be the solution for everything? And security?
There are patterns at play, frameworks to choose from and tried-and-tested approaches that can be successfully be re-used to make sure a cloud journey is successful. Let's take a look at these!
Everyone talks about DevOps practices - from CI/CD to release rings and feature flags. However, there is a world of difference between "talking" and "doing". A typical example is blue/green deployments: how many times people believe they are doing it, while still introducing sizeable downtime?
These practices can be applied like patterns without reinventing the wheel all the time - customised, yet standardised. Let's take a look at a few examples in this session with some real world implementation.
It's fair to say that the coronavirus pandemic changed the way we work for good. In all of that, how did DevOps fare?
We talk all the time about 'the new normal' and how IT was ahead of the curve when it comes to remote working, but there is definitely more to that. Not all teams are equal, and changes happened regardless.
This session showcases real world, first-hand examples of how DevOps practices within different organisations evolved and matured, as well as which changes emerged (or didn't) as beneficial in the new way of working.
It’s all about labels these days – AI, Containers, DevSecOps. Many people claim to ‘do it’, very few *actually* do. And unfortunately, organisations suffer about this label-driven development.
Take DevSecOps for example: on face value it’s about adding Security practices to DevOps. But how do you measure the value derived from it? And also – how do you make sure you are not disrupting your team in the process? And if you already have an established DevOps practice, what's going to change?
In this session we will see why you don’t need a label to add these practices, and how to introduce sustainable solutions to implement in your build and release pipelines in order to achieve a higher security standard across your projects without hampering your teams.
We think too often about 'secure code' being only about our code. Dependencies are the most common vehicle for attacks in enterprise systems, however it doesn't end there...there is so much more that we consume, and we usually just trust without questions!
Let's take a look at how we can secure our software supply chain, and prevent what could easily turn into disaster.