Loading…
deliver:Agile 2018 has ended

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

OPEN CALL FOR SESSIONS: SUBMIT A PROPOSAL [clear filter]
Tuesday, May 1
 

13:30

Bryan & Bill’s Three-Ring Design Circus (Bill Wake, Bryan Beecham)

Abstract:
Come one, come all - the circus is in town! Join us for the Greatest Software Show on Earth!
Witness our three experts in refactoring and test-driven development, working in three rings simultaneously. They will juggle various refactoring and test-driven development challenges, explaining what they do and taking questions as they perform.
Attendees: Stay with one ring, move between rings, or watch the main screen and get glimpses of all of them. Sit back, ask questions, or jump in and pair with the experts! The perfect show for kids of all ages!
We’ll challenge all three performers with the same problem, and pause to review their breathtaking feats of keyboard acrobatics.
No animals will be harmed in this session.

Learning Outcomes:
  • Participate in small mob or pairing sessions
  • Learn how to refactor in small, safe steps, and discover new refactorings along the way
  • Identify multiple ways to break down a problem when doing TDD
  • Compare the designs that result from various decisions

Attachments:

Speakers
avatar for Bryan Beecham

Bryan Beecham

Sr. Agile Consultant, Iceberg Ideas Inc
Bryan Beecham is known for providing passionate and innovative software development guidance. As a consultant with companies ranging from small startups to large Fortune 500 companies, he matches his advice to their needs and capabilities. He has a particular interest in helping individuals... Read More →
avatar for Bill Wake

Bill Wake

Sr. Consultant, Industrial Logic, Inc.
Bill Wake (www.xp123.com) is a consultant with Industrial Logic, Inc. (http://industriallogic.com). Before that, he was an independent consultant from 2001 to 2007, then spent two years managing software development at Gene Codes Forensics. Bill has worked with teams in a variety... Read More →


Tuesday May 1, 2018 13:30 - 15:00
Lone Star E

15:20

Enable your Agile Team with Continuous Delivery Pipelines (Esteban Garcia)

Abstract:
As your Agile team looks to shorten the cycle time from idea to production, it is important to give them the tools that will enable continuous feedback, collaboration with stakeholders, and most importantly, a way to get the product in front of the customer and enable a feedback loop.

This session will teach you how to create an effective release pipeline that incorporates Continuous Integration, automated testing, cloud deployment with Infrastructure as Code, Instrumentation, load testing, and more.

We will go from zero to Production in less than an hour and you will go back to work on Monday ready to deploy!

Learning Outcomes:
  • Continuous Integration
  • Continuous Deployment
  • Automation

Attachments:

Speakers

Tuesday May 1, 2018 15:20 - 16:50
Lone Star F/G
 
Wednesday, May 2
 

10:30

How to fit threat modelling into agile development: slice it up (Irene Michlin)

Abstract:
Agile is focused on the creation and building of great software, we all agree on that. Can you claim a great software if this software is not secure? Would customers accept a feature, no matter how attractive and useful, if they suspect it puts their data at risk?
Security is therefore essential to all the software we build. As with many other software properties, security cannot be "bolted on". The earlier in the lifecycle you pay attention to security, the better are the outcomes.
Threat modelling is one of the best techniques for improving the security of your software. It is a structured method for identifying weaknesses on design level.
However, people who want to introduce it into their work on existing codebase often face time pressure and very rarely can a company afford “security push”, where all new development stops for a while in order to focus on security.
Incremental threat modelling that concentrates on current additions and modifications can be time-boxed to fit the tightest of agile life-cycles and still deliver security benefits.
Full disclosure is necessary at this point – threat modelling is not the same as adding tests to the ball of mud codebase and eventually getting decent test coverage. You will not be able to get away with doing just incremental modelling, without tackling the whole picture at some point.
But the good news are you will approach this point with more mature skills from getting the practice, and you will get a better overall model with less time spent than if you tried to build it upfront.
We will cover the technique of incremental threat modelling, and then the workshop will split into several teams, each one modelling an addition of a new feature to a realistic architecture. The participants will learn how to find the threats relevant to the feature while keeping the activity focused (i.e. not trying to boil an ocean).
This session targets mainly developers, qa engineers, and architects, but will be also beneficial for scrum masters and product owners.

Learning Outcomes:
  • Learn the technique for applying threat modelling in time-boxed sessions within each iteration. You will increase your confidence in delivering secure software to your customers.

Attachments:

Speakers
avatar for Irene Michlin

Irene Michlin

Senior Managing Consultant & Europe Appsec Lead, IBM
Introducing security into software development lifecycle, threat modelling, security for Agile and Lean. @IreneMichlin


Wednesday May 2, 2018 10:30 - 12:00
Lone Star D