SlideShare une entreprise Scribd logo

Automated Governance

John Willis
John Willis

DevOps, DevSecOps Automated Governance Overview

Technologie
1  sur  45
Télécharger pour lire hors ligne
An Overview Automated Governance John WIllis Global Transformation Office 1
2 Outline ● Global Transformation Overview ● DevSecOps ● Automated Governance
GTO
● Strategy review ● Industry trends ● Progress monitoring ● Leadership 4 GTO Guiding Coalition Platform - Coalition Jabe Bloom Sr Dir, Global Transformation CSTO, CTO SocioTechnical Systems | Speaker Critical Irritant | Transition Designer Andrew Clay Shafer VP, Global Transformation Founder: Puppet, DevOpsDays, Author Web Operations IT Optimizer | Change Agent Founder | Organizer Kevin Behr Sr Dir, Global Transformation Author, Phoenix Project, Visible Ops CIO, CTO IT Strategist | Speaker Enterprise CXO Advisor John Willis Sr Dir, Global Transformation Author, DevOps Handbook, Beyond the Phoenix Project CIO, CTO IT Strategist | Founder Speaker | Author @littleidea @kevinbehr @botchagalupe @cyetain
● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 5 Automated Goverance Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Audit and Control
6 DevSecOps Dojo ● Increase collaboration and innovation ● Shared Responsibility Model ● Cloud/Platform Enablement ● Templates, Models, and Pipelines ● Automated Governance ● Outcome Based Metrics ● Chaos Engineering ● Skills Liquidity Enablement Platform - Adopt
● Common Devops Metrics ○ Lead Time ○ Deploys ○ MTTR ○ Change Success ● Advanced Devops Metrics ○ Flow Metrics ○ Change failure rate by team ○ Change failure rate by work type7 Delivery Metrics Platform - Adopt
8 Economic Impact Analysis ● Consistency ● Toil ● Risk ● Testing ● Automation
9 Economic Impact ● Waste: ○ Possibly >30% (on a 450m budget) $135M wasted on general processing. ● Consistency: ○ Another 10% to 15% on lost opportunity cost (low or no automation) $45m to $67M ● Risk: ○ Negative Risk ROI.
DevSecOps
● DevOps Automated Governance ● Automated Cloud Governance 11 Industry Working Groups
Minimum Viable Security Posture
Changing Subjective attestation into Objective attestation
The Trusted Software Supply Chain 15 TRUSTED CODE REPOS CCB RAPID ATO OPENSHIFT SOFTWARE FACTORY • Che • Github • Cucumber • Junit • Sonarqube • Fortify • AtomicScan • Anchore • Twistlock AUTOMATED QUALITY REQ • Jira DEV UNIT TEST CODE QUAL SEC SCAN INT TEST QA UAT PROD • Sysdig • EFK CM CS Service Mesh
● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 16 Objective Evidence and Closed Feedback Loops Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Audit and Control
Automated Governance
2015 2018 2019
• Universal artifact metadata • Metadata API • Strong access controls • Rich query-ability Audit and Govern the Software Supply Chain
● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 22 DevOps Automated Governance Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Safe Cloud Usage
Devops automated Governance Reference Architecture Development Non Prod Deploy PackageBuild Prod Deploy Dependency Mgmt Artifact Repo Common Control 1. Access Control 2. Audit Train/log 3. Everything source control 4. Usage policies Common Actors 1. Auditor, Risk/Compliance Office 2. (system) 3. Tools Admin
Source Code Repository Stage
Build Stage
Dependency Management Stage
Package Stage
Artifact Stage
Prod Stage
Stage Control Example Control Source Integration Elements Source Code Repo Pull Request GitHub Webhook pull_request repository Source Code Repo Peer Review GitHub Webhook actor pull_request repository Source Code Repo Unit Test SonarQube Pipeline new_coverage Source Code Repo Clean Dependency Artifactory Pipeline dependency source Source Code Repo Information Leakage GitHub Webhook (custom) Source Code Repo Static Code Analysis Muse Webhook pull_request repository
Stage Control Example Control Source Integration Elements Build Build Definition Jenkins & GitHub Pipeline Peer Review Checkout Build Immutable Build Jenkins Pipeline TBD Build Upstream Approved Dependency Artifactory Jenkins TBD Build Unit Test SonarQube Jenkins TBD Build Linting SonarQube Jenkins TBD Build Static Security Analysis Checkmarx Jenkins TBD
Stage Control Example Control Source Integration Elements Package Trusted Dependency Store Artifactory Jenkins TBD Package License Check Artifactory Jenkins TBD Package Vulnerability Scan Aqua Jenkins TBD Package Trusted Authority Artifactory Jenkins TBD Package Versioning Artifactory Jenkins TBD Package Usage Policy Artifactory Jenkins TBD
Stage Control Example Control Source Integration Elements Production Deploy Trusted Sources Artifactory Jenkins TBD Production Deploy Trusted Configurations GitHub Jenkins TBD Production Deploy Intrusion Detection TBD Jenkins TBD Production Deploy Monitoring & Alerting Elastic, PagerDuty Jenkins TBD Production Deploy Change Management ServiceNow Jenkins TBD Production Deploy Secrets Management Vault Jenkins TBD Production Deploy Unauthorized Change Detection Jenkins Jenkins TBD Production Deploy Production Access Control Vault Jenkins TBD Production Deploy Deployment Strategy Jenkins, Helm Jenkins TBD
Policy as Code • Human Readable (YAML) • Machine Interpreted • Version Controlled • Models Attestations and Enforcement
Policy As Code
Event Driven Architecture
Automated Data Pipeline with Objective Compliance Platform is a Secure and Auditable Control Point Inspection based on policy Enforcement by Policy Attestation Datastore Policy as Code Subjective to Objective
Cloud Automated Governance
Cloud Automated Governance
linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHat Thank you jwillis@redhat.com @botchagalupe 45

Recommandé

Chaos Engineering
Chaos EngineeringChaos Engineering
Chaos EngineeringAmazon Web Services
 
DevOps vs. Site Reliability Engineering (SRE) in Age of Kubernetes
DevOps vs. Site Reliability Engineering (SRE) in Age of KubernetesDevOps vs. Site Reliability Engineering (SRE) in Age of Kubernetes
DevOps vs. Site Reliability Engineering (SRE) in Age of KubernetesDevOps.com
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesQAware GmbH
 
intro to DevOps
intro to DevOpsintro to DevOps
intro to DevOpsMujahed Al-Tahle
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 
DevOps a pratical approach
DevOps a pratical approachDevOps a pratical approach
DevOps a pratical approachSiderlan Santos
 
The Developer Experience
The Developer ExperienceThe Developer Experience
The Developer ExperiencePamela Fox
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationamscanne
 

Recommandé

Chaos Engineering
Chaos EngineeringChaos Engineering
Chaos EngineeringAmazon Web Services
 
DevOps vs. Site Reliability Engineering (SRE) in Age of Kubernetes
DevOps vs. Site Reliability Engineering (SRE) in Age of KubernetesDevOps vs. Site Reliability Engineering (SRE) in Age of Kubernetes
DevOps vs. Site Reliability Engineering (SRE) in Age of KubernetesDevOps.com
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesQAware GmbH
 
intro to DevOps
intro to DevOpsintro to DevOps
intro to DevOpsMujahed Al-Tahle
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with BackstageOpsta
 
DevOps a pratical approach
DevOps a pratical approachDevOps a pratical approach
DevOps a pratical approachSiderlan Santos
 
The Developer Experience
The Developer ExperienceThe Developer Experience
The Developer ExperiencePamela Fox
 
Continuous integration
Continuous integrationContinuous integration
Continuous integrationamscanne
 
The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at NetflixDianne Marsh
 
SRE-iously! Reliability!
SRE-iously! Reliability!SRE-iously! Reliability!
SRE-iously! Reliability!New Relic
 
DevOps
DevOpsDevOps
DevOpsMatthew Jones
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon Web Services
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxRaneesh Ramesan
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineRobert McDermott
 
Terraform
TerraformTerraform
TerraformPathum Fernando ☁
 
Automated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdfAutomated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdfVishwas N
 
Overview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practicesOverview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practicesAshutosh Agarwal
 
Monitoring using Prometheus and Grafana
Monitoring using Prometheus and GrafanaMonitoring using Prometheus and Grafana
Monitoring using Prometheus and GrafanaArvind Kumar G.S
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 
DevOps and Tools
DevOps and ToolsDevOps and Tools
DevOps and ToolsMohammed Fazuluddin
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | EdurekaEdureka!
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes IstioAraf Karsh Hamid
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Devops
DevopsDevops
DevopsSun Technlogies
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at FrosconKris Buytaert
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Vietnam Open Infrastructure User Group
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesCollabNet
 

Contenu connexe

Tendances

The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at NetflixDianne Marsh
 
SRE-iously! Reliability!
SRE-iously! Reliability!SRE-iously! Reliability!
SRE-iously! Reliability!New Relic
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon Web Services
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxRaneesh Ramesan
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudAmazon Web Services
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineRobert McDermott
 
Automated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdfAutomated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdfVishwas N
 
Overview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practicesOverview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practicesAshutosh Agarwal
 
Monitoring using Prometheus and Grafana
Monitoring using Prometheus and GrafanaMonitoring using Prometheus and Grafana
Monitoring using Prometheus and GrafanaArvind Kumar G.S
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with KongNebulaworks
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | EdurekaEdureka!
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Ryan Jarvinen
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at FrosconKris Buytaert
 

Tendances (20)

The Paved Road at Netflix
The Paved Road at NetflixThe Paved Road at Netflix
The Paved Road at Netflix
 
SRE-iously! Reliability!
SRE-iously! Reliability!SRE-iously! Reliability!
SRE-iously! Reliability!
 
DevOps
DevOpsDevOps
DevOps
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
 
Amazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for KubernetesAmazon EKS - Elastic Container Service for Kubernetes
Amazon EKS - Elastic Container Service for Kubernetes
 
AWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptxAWS VS AZURE VS GCP.pptx
AWS VS AZURE VS GCP.pptx
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
 
Successfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the CloudSuccessfully Implementing DEV-SEC-OPS in the Cloud
Successfully Implementing DEV-SEC-OPS in the Cloud
 
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) PipelineAnatomy of a Continuous Integration and Delivery (CICD) Pipeline
Anatomy of a Continuous Integration and Delivery (CICD) Pipeline
 
Terraform
TerraformTerraform
Terraform
 
Automated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdfAutomated Governance for the DevOps Institutions.pdf
Automated Governance for the DevOps Institutions.pdf
 
Overview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practicesOverview of Site Reliability Engineering (SRE) & best practices
Overview of Site Reliability Engineering (SRE) & best practices
 
Monitoring using Prometheus and Grafana
Monitoring using Prometheus and GrafanaMonitoring using Prometheus and Grafana
Monitoring using Prometheus and Grafana
 
Kuberntes Ingress with Kong
Kuberntes Ingress with KongKuberntes Ingress with Kong
Kuberntes Ingress with Kong
 
DevOps and Tools
DevOps and ToolsDevOps and Tools
DevOps and Tools
 
Introduction to DevOps | Edureka
Introduction to DevOps | EdurekaIntroduction to DevOps | Edureka
Introduction to DevOps | Edureka
 
Docker Kubernetes Istio
Docker Kubernetes IstioDocker Kubernetes Istio
Docker Kubernetes Istio
 
Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17Hands-On Introduction to Kubernetes at LISA17
Hands-On Introduction to Kubernetes at LISA17
 
Devops
DevopsDevops
Devops
 
Devops Devops Devops, at Froscon
Devops Devops Devops, at FrosconDevops Devops Devops, at Froscon
Devops Devops Devops, at Froscon
 

Similaire à Automated Governance

Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Vietnam Open Infrastructure User Group
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesCollabNet
 
Training Bootcamp - MainframeDevOps.pptx
Training Bootcamp - MainframeDevOps.pptxTraining Bootcamp - MainframeDevOps.pptx
Training Bootcamp - MainframeDevOps.pptxNashet Ali
 
SplunkLive! London 2016 Splunk for Devops
SplunkLive! London 2016 Splunk for DevopsSplunkLive! London 2016 Splunk for Devops
SplunkLive! London 2016 Splunk for DevopsSplunk
 
GitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachGitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachEliran Mesika
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfssuser31375f
 
Measure and Accelerate Your Software Delivery
Measure and Accelerate Your Software DeliveryMeasure and Accelerate Your Software Delivery
Measure and Accelerate Your Software DeliveryAnand Chauhan
 
A Roadmap to Enterprise Quality
A Roadmap to Enterprise QualityA Roadmap to Enterprise Quality
A Roadmap to Enterprise QualityJeff Bramwell
 
SanDiego_DevOps_Meetup_9212016
SanDiego_DevOps_Meetup_9212016SanDiego_DevOps_Meetup_9212016
SanDiego_DevOps_Meetup_9212016w2fong
 
SanDiego_DevOps_Meetup_9212016-v8
SanDiego_DevOps_Meetup_9212016-v8SanDiego_DevOps_Meetup_9212016-v8
SanDiego_DevOps_Meetup_9212016-v8Rajwinder Singh
 
DevOps Powered by Splunk
DevOps Powered by SplunkDevOps Powered by Splunk
DevOps Powered by SplunkSplunk
 
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CDDevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CDDevOps_Fest
 
DevOps in Practice
DevOps in PracticeDevOps in Practice
DevOps in PracticeDerek Chen
 
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015Vimal Suba
 
The Era of Intelligent Testing
The Era of Intelligent TestingThe Era of Intelligent Testing
The Era of Intelligent Testingmabl
 
Change management in hybrid landscapes
Change management in hybrid landscapesChange management in hybrid landscapes
Change management in hybrid landscapesChris Kernaghan
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentOpsta
 
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...Kellton Tech Solutions Ltd
 
Infrastructure as Code for Network
Infrastructure as Code for NetworkInfrastructure as Code for Network
Infrastructure as Code for NetworkDamien Garros
 
ALM with TFS: From the Drawing Board to the Cloud
ALM with TFS: From the Drawing Board to the CloudALM with TFS: From the Drawing Board to the Cloud
ALM with TFS: From the Drawing Board to the CloudJeremy Likness
 

Similaire à Automated Governance (20)

Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
 
Modernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering PracticesModernize Development with Agile Engineering Practices
Modernize Development with Agile Engineering Practices
 
Training Bootcamp - MainframeDevOps.pptx
Training Bootcamp - MainframeDevOps.pptxTraining Bootcamp - MainframeDevOps.pptx
Training Bootcamp - MainframeDevOps.pptx
 
SplunkLive! London 2016 Splunk for Devops
SplunkLive! London 2016 Splunk for DevopsSplunkLive! London 2016 Splunk for Devops
SplunkLive! London 2016 Splunk for Devops
 
GitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & ApproachGitLab's Acquisition Strategy & Approach
GitLab's Acquisition Strategy & Approach
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
 
Measure and Accelerate Your Software Delivery
Measure and Accelerate Your Software DeliveryMeasure and Accelerate Your Software Delivery
Measure and Accelerate Your Software Delivery
 
A Roadmap to Enterprise Quality
A Roadmap to Enterprise QualityA Roadmap to Enterprise Quality
A Roadmap to Enterprise Quality
 
SanDiego_DevOps_Meetup_9212016
SanDiego_DevOps_Meetup_9212016SanDiego_DevOps_Meetup_9212016
SanDiego_DevOps_Meetup_9212016
 
SanDiego_DevOps_Meetup_9212016-v8
SanDiego_DevOps_Meetup_9212016-v8SanDiego_DevOps_Meetup_9212016-v8
SanDiego_DevOps_Meetup_9212016-v8
 
DevOps Powered by Splunk
DevOps Powered by SplunkDevOps Powered by Splunk
DevOps Powered by Splunk
 
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CDDevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD
DevOps Fest 2020. Kohsuke Kawaguchi. GitOps, Jenkins X & the Future of CI/CD
 
DevOps in Practice
DevOps in PracticeDevOps in Practice
DevOps in Practice
 
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
Cloud and Network Transformation using DevOps methodology : Cisco Live 2015
 
The Era of Intelligent Testing
The Era of Intelligent TestingThe Era of Intelligent Testing
The Era of Intelligent Testing
 
Change management in hybrid landscapes
Change management in hybrid landscapesChange management in hybrid landscapes
Change management in hybrid landscapes
 
DevOps: The Future of Software Development
DevOps: The Future of Software DevelopmentDevOps: The Future of Software Development
DevOps: The Future of Software Development
 
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...
DevOps Automation and Maturity using FlexDeploy, webMethods demo: Kellton Web...
 
Infrastructure as Code for Network
Infrastructure as Code for NetworkInfrastructure as Code for Network
Infrastructure as Code for Network
 
ALM with TFS: From the Drawing Board to the Cloud
ALM with TFS: From the Drawing Board to the CloudALM with TFS: From the Drawing Board to the Cloud
ALM with TFS: From the Drawing Board to the Cloud
 

Plus de John Willis

Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip John Willis
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemJohn Willis
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019John Willis
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018John Willis
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityJohn Willis
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018John Willis
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenJohn Willis
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenJohn Willis
 
You build it - Cyber Chicago Keynote
You build it - Cyber Chicago KeynoteYou build it - Cyber Chicago Keynote
You build it - Cyber Chicago KeynoteJohn Willis
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 John Willis
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change John Willis
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 John Willis
 
Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security John Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source John Willis
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseJohn Willis
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACJohn Willis
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LAJohn Willis
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...John Willis
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalJohn Willis
 

Plus de John Willis (20)

Devops Long Strange Trip
Devops Long Strange Trip Devops Long Strange Trip
Devops Long Strange Trip
 
I Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of ThemI Got 99 Problems and a Bash DSL Ain't One of Them
I Got 99 Problems and a Bash DSL Ain't One of Them
 
Math is cool
Math is coolMath is cool
Math is cool
 
The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019The 7 deadly diseases of DevOps 2019
The 7 deadly diseases of DevOps 2019
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018Next Generation Infrastructure - Devops Enterprise Summit 2018
Next Generation Infrastructure - Devops Enterprise Summit 2018
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber SecurityswampUP - 2018 - The Divine and Felonious Nature of Cyber Security
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
 
Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018Divine and felonios cyber security devopsdays austin 2018
Divine and felonios cyber security devopsdays austin 2018
 
Devops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's BeenDevops - A Long Strange Trip It's Been
Devops - A Long Strange Trip It's Been
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's BeenDevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
 
You build it - Cyber Chicago Keynote
You build it - Cyber Chicago KeynoteYou build it - Cyber Chicago Keynote
You build it - Cyber Chicago Keynote
 
Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017 Art of the Possible - Serverless Conference NYC 2017
Art of the Possible - Serverless Conference NYC 2017
 
Why Executives Can't Change
Why Executives Can't Change Why Executives Can't Change
Why Executives Can't Change
 
Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017 Devops Kaizen - DevopsDays Dallas 2017
Devops Kaizen - DevopsDays Dallas 2017
 
Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security
 
Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source Alibaba Cloud Conference 2016 - Docker Open Source
Alibaba Cloud Conference 2016 - Docker Open Source
 
Alibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker EnterpriseAlibaba Cloud Conference 2016 - Docker Enterprise
Alibaba Cloud Conference 2016 - Docker Enterprise
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSACBreaking Bad Equilibrium - Devops Connect 2017 RSAC
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LABreaking Bad Equilibrium - Devops Connect 2016 LA
Breaking Bad Equilibrium - Devops Connect 2016 LA
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...All daydevops 2016 - Turning Human Capital into High Performance Organizati...
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
 
Turning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational CapitalTurning Human Capital into High Performance Organizational Capital
Turning Human Capital into High Performance Organizational Capital
 

Dernier

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 

Dernier (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 

Automated Governance

  • 1. An Overview Automated Governance John WIllis Global Transformation Office 1
  • 2. 2 Outline ● Global Transformation Overview ● DevSecOps ● Automated Governance
  • 3. GTO
  • 4. ● Strategy review ● Industry trends ● Progress monitoring ● Leadership 4 GTO Guiding Coalition Platform - Coalition Jabe Bloom Sr Dir, Global Transformation CSTO, CTO SocioTechnical Systems | Speaker Critical Irritant | Transition Designer Andrew Clay Shafer VP, Global Transformation Founder: Puppet, DevOpsDays, Author Web Operations IT Optimizer | Change Agent Founder | Organizer Kevin Behr Sr Dir, Global Transformation Author, Phoenix Project, Visible Ops CIO, CTO IT Strategist | Speaker Enterprise CXO Advisor John Willis Sr Dir, Global Transformation Author, DevOps Handbook, Beyond the Phoenix Project CIO, CTO IT Strategist | Founder Speaker | Author @littleidea @kevinbehr @botchagalupe @cyetain
  • 5. ● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 5 Automated Goverance Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Audit and Control
  • 6. 6 DevSecOps Dojo ● Increase collaboration and innovation ● Shared Responsibility Model ● Cloud/Platform Enablement ● Templates, Models, and Pipelines ● Automated Governance ● Outcome Based Metrics ● Chaos Engineering ● Skills Liquidity Enablement Platform - Adopt
  • 7. ● Common Devops Metrics ○ Lead Time ○ Deploys ○ MTTR ○ Change Success ● Advanced Devops Metrics ○ Flow Metrics ○ Change failure rate by team ○ Change failure rate by work type7 Delivery Metrics Platform - Adopt
  • 8. 8 Economic Impact Analysis ● Consistency ● Toil ● Risk ● Testing ● Automation
  • 9. 9 Economic Impact ● Waste: ○ Possibly >30% (on a 450m budget) $135M wasted on general processing. ● Consistency: ○ Another 10% to 15% on lost opportunity cost (low or no automation) $45m to $67M ● Risk: ○ Negative Risk ROI.
  • 11. ● DevOps Automated Governance ● Automated Cloud Governance 11 Industry Working Groups
  • 13.
  • 14. Changing Subjective attestation into Objective attestation
  • 15. The Trusted Software Supply Chain 15 TRUSTED CODE REPOS CCB RAPID ATO OPENSHIFT SOFTWARE FACTORY • Che • Github • Cucumber • Junit • Sonarqube • Fortify • AtomicScan • Anchore • Twistlock AUTOMATED QUALITY REQ • Jira DEV UNIT TEST CODE QUAL SEC SCAN INT TEST QA UAT PROD • Sysdig • EFK CM CS Service Mesh
  • 16. ● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 16 Objective Evidence and Closed Feedback Loops Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Audit and Control
  • 19.
  • 20. • Universal artifact metadata • Metadata API • Strong access controls • Rich query-ability Audit and Govern the Software Supply Chain
  • 21.
  • 22. ● Reduce Audit Time ● Increase Audit Efficacy ● Shorten Feedback Loops ● Local Authority ● Minimize Handoffs ● Enable Trust 22 DevOps Automated Governance Enforce and Audit Policy Block critical vulnerabilities Block misconfigured infrastructure Safe Cloud Usage
  • 23. Devops automated Governance Reference Architecture Development Non Prod Deploy PackageBuild Prod Deploy Dependency Mgmt Artifact Repo Common Control 1. Access Control 2. Audit Train/log 3. Everything source control 4. Usage policies Common Actors 1. Auditor, Risk/Compliance Office 2. (system) 3. Tools Admin
  • 30. Stage Control Example Control Source Integration Elements Source Code Repo Pull Request GitHub Webhook pull_request repository Source Code Repo Peer Review GitHub Webhook actor pull_request repository Source Code Repo Unit Test SonarQube Pipeline new_coverage Source Code Repo Clean Dependency Artifactory Pipeline dependency source Source Code Repo Information Leakage GitHub Webhook (custom) Source Code Repo Static Code Analysis Muse Webhook pull_request repository
  • 31. Stage Control Example Control Source Integration Elements Build Build Definition Jenkins & GitHub Pipeline Peer Review Checkout Build Immutable Build Jenkins Pipeline TBD Build Upstream Approved Dependency Artifactory Jenkins TBD Build Unit Test SonarQube Jenkins TBD Build Linting SonarQube Jenkins TBD Build Static Security Analysis Checkmarx Jenkins TBD
  • 32. Stage Control Example Control Source Integration Elements Package Trusted Dependency Store Artifactory Jenkins TBD Package License Check Artifactory Jenkins TBD Package Vulnerability Scan Aqua Jenkins TBD Package Trusted Authority Artifactory Jenkins TBD Package Versioning Artifactory Jenkins TBD Package Usage Policy Artifactory Jenkins TBD
  • 33. Stage Control Example Control Source Integration Elements Production Deploy Trusted Sources Artifactory Jenkins TBD Production Deploy Trusted Configurations GitHub Jenkins TBD Production Deploy Intrusion Detection TBD Jenkins TBD Production Deploy Monitoring & Alerting Elastic, PagerDuty Jenkins TBD Production Deploy Change Management ServiceNow Jenkins TBD Production Deploy Secrets Management Vault Jenkins TBD Production Deploy Unauthorized Change Detection Jenkins Jenkins TBD Production Deploy Production Access Control Vault Jenkins TBD Production Deploy Deployment Strategy Jenkins, Helm Jenkins TBD
  • 34.
  • 35. Policy as Code • Human Readable (YAML) • Machine Interpreted • Version Controlled • Models Attestations and Enforcement
  • 38.
  • 39. Automated Data Pipeline with Objective Compliance Platform is a Secure and Auditable Control Point Inspection based on policy Enforcement by Policy Attestation Datastore Policy as Code Subjective to Objective
  • 42.
  • 43.
  • 44.