AgileConnection | Agile Software Development Q&A and How-to Advice

Conference Presentations

	QADevSecOps: Leading a Quality-Driven DevOps Transformation Slideshow Have you wondered where QA professionals fit into a DevSecOps transformation? Stacy Kirk thinks they should champion the transformation. Regardless of where your company is on its journey to DevSecOps, quality must be at the forefront for optimal effectiveness and customer value. This means promoting feedback loops that use monitoring and reporting tools effectively, and most importantly, it means creating a culture of collaborative communication and continuous improvement. The role of the QADevSecOps practitioner must evolve from ensuring the quality of software to assessing the effectiveness of the company’s security and development processes using retrospectives as the new defect tracking system. Discover how Stacy’s experiences with innovative techniques have infused quality into every aspect of an agile transformation, from development to security to operations.	Stacy Kirk
	What Japanese Shinkansen Trains Can Teach Us about Agile Slideshow Have you ever been to Japan and noticed that their railway system is incredibly efficient? As places like Tokyo continue to expand and the cost of living rises, more and more people rely on trains that start hours away from the city to arrive on time.	Matthew Weinstock
	Security Partners or Security Police? Slideshow It’s often said that with great power comes great responsibility. As technology becomes more powerful, security becomes a great responsibility.	Janna Loeffler
	Visual Regression Testing: A Critical Part of a Mobile Testing Strategy Slideshow There are many types of testing that companies need to perform in order to have confidence in their product: security testing, integration testing, system testing, performance testing, and more.	Dmitry Vinnik
	Serverless Security: Overcome Architectural Security Challenges Slideshow Serverless architectures take the idea of microservices to the extreme. To implement secure serverless architectures, you have to understand how to compartmentalize programs at the function level. You also need to factor in security practices: Serverless architectures are susceptible to traditional attacks such as SQL injection and command injection, along with a wide variety of privilege escalation and sensitive data disclosure attacks. Developers must consider what would happen if an attacker attempted to invoke each of their functions directly. What if one of those functions were to become nonresponsive? Designing, implementing, and maintaining serverless architectures dramatically increases the complexity of security. Join Eric Sheridan as he discusses how to implement distributed, secure identity management and entitlement enforcement across 250+ functions.	Eric Sheridan
	DevSecOps in the Age of Containers Slideshow As IT shops look to move their workloads into containers and the cloud, their initial concerns often center around the security implications. Containers do force us to change how we think about securing our application, but they also offer exciting new opportunities. Curtis Yanko will explore the security concerns that come along with containers and take a deep dive into container composability and how modern tooling makes it possible to automate security and compliance concerns across the entire application stack. Curtis will share a project via GitHub that has a reference Jenkins pipeline demonstrating how to automate security and compliance at build time. You will take home ideas for minimizing attack surface, avoiding known bad libraries and frameworks, validating your configuration, and using machine learning to model application behavior.	Curtis Yanko
	Combatting Threats to Payment Processing in the Era of Connected Ecosystems Slideshow In an increasingly connected world, protection from security vulnerabilities and threats is essential. Yet providing that protection can be complex to understand, especially with changes in digital technology, consumer demands, and how social media influences consumer shopping and payment...	Elizabeth Koumpan
	A Definition of Done for DevSecOps Slideshow [video:https://youtu.be/oQE8ysEvzaQ width:300 height:200 align:right]	Gene Gotimer
	Automated Security Scanning for Your Delivery Pipeline Slideshow [video:https://youtu.be/CwZ-F4TUsig width:300 height:200 align:right]	Matthew Grasberger
	The T-Shaped Scrum Team: Get in Shape for Your Future Slideshow Today, agile teams are being asked to do more than ever before. The notion of a T-shaped person, created by Tim Brown (CEO of IDEO) in the 1990s, describes a new breed of worker—one who goes beyond the standard, assigned role. Mary Thorn believes that the roles of team members can stretch...	Mary Thorn

Pages

Recommended Web Seminars

May 16	Test Ahead of the Curve: Insights for Developing a Superior Test Coverage
May 23	How Generative AI Boosts Speed and Quality in Software Testing
On Demand	Building Confidence in Your Automation
On Demand	Leveraging Open Source Tools for DevSecOps
On Demand	Five Reasons Why Agile Isn't Working

Featured Resources

Introduction to Containers eGuide | TechWell

Scrum Master Essentials eGuide | TechWell

The Total Economic Impact of Keysight Eggplant Test Automation Software | Keysight

Test Automation eGuide | TechWell

Build vs. Buy: The Hidden Costs of In-House Software Test Automation | Keysight

Visit Our Other Communities

Where configuration management and development professionals go for answers on SCM, ALM, change management, DevOps, tools and more.

The home for software testing and QA professionals—practical advice on test automation, test management, test techniques, and more.

AgileConnection is a TechWell community.

Through conferences, training, consulting, and online resources, TechWell helps you develop and deliver great software every day.