Recapping some of my personal highlights from the recent GOTO London conference, together with a few thoughts of my own and some additional interesting papers...
benefits ◦ busting some myths ◦ can we explain the disparity? ◦ fighting rigidity • Leanness ◦ the two flavours of lean ◦ value streams ◦ traffic jams • Ruggedness ◦ Rugged Software ◦ Continuous Security
of n steps • Let the quality of process step i be: q i = α.%C&A i + β . world-class lead time i [ α + β = 1] lead-time i • Fix N = 100 E(p) = 100 . ᴨ i=1 q i n
proficiency compound to significant differences in output • You need to be good (or great!) across the board - one or two weak links make an outsized impact • Proficiency levels tend to normalise across tasks within an org More on today’s #themorningpaper… (http://blog.acolyer.org)
starting to rival in complexity the components its connects, then either the interface needs to be rethought or the decomposition of the system needs redoing.”
will be attacked by talented and persistent adversaries who threaten our physical, economic and national security. I recognize these things – and I choose to be rugged. I am rugged because I refuse to be a source of vulnerability or weakness…” https://www.ruggedsoftware.org/
Delivery -> (Traditional) Security Fail! • Need to integrate security: Rugged DevOps / DevSecOps / … Pro tips from James: 1. Automate security tooling to run in testing 2. Put security testing in your CI system 3. Add application security telemetry to dev and ops 4. Add hardening and audit using config management hardening.io guantlt
benefits ◦ busting some myths ◦ can we explain the disparity? ◦ fighting rigidity • Leanness ◦ the two flavours of lean ◦ value streams ◦ traffic jams • Ruggedness ◦ Rugged Software ◦ Continuous Security