As the market changes, so does our joint conference. DevOps Conf & TechLead Conf 2022. We launched an additional Call for Paper, collected applications and selected the hottest anti-crisis reports. There will be no platitudes that are easy to google or read in the documentation. Conference participants, as usual, will share their own experience and fresh ideas.
Together with the speakers and thanks to them, you too will be able to quickly change following the market, anticipating and staying ahead of emerging threats. I’ll tell you what reports we added to program.
New risks and new security
Security in general and devsecops in particular are always relevant, but in the new paradigm, all bottlenecks need to be re-designated and learn how to work with them. For example, this year we got to know open source software from a new angle – in the form of the term protestware. When malicious code or protest slogans are embedded in open components. And it turned out (!) that the problem is not new, and there are many means of preventing vulnerable packages. Performance Alexey Smirnov on the topic “Protestware, how much is in this word ”- about the new risks of using open source» will be about that.
On the same topic will technical talk from NSPK. The guys will talk about how they check external dependencies before using openssource on their own. See more about it in schedule.
Against the backdrop of a lot of events about hacker attacks on information systems, security requirements have become tougher in companies, which can slow down the delivery to the prod. In addition, in product development, Security Review is often treated as a set of pieces of paper and fierce bureaucracy. But you can do everything the other way around – the security review does not delay delivery, the risks are adequately assessed, and the team helps in this process. Information Security will tell about such a culture Anton Bulavin (Semrush) in his speech “How to build a security review that is useful and does not slow down development“.
OpenSource or own development?
Opensource has another dark side – it is a rather risky solution for the enterprise. But something must be done, and at the round table “Open Source and Enterprise – two sides of the same coin?» we will discuss how OpenSource-, OpenCore- and Enterprise-solutions can be used in the conditions of sanctions. And how to train and motivate teams to work with new products and technologies. On the stage will Pavel Meshcheryakov and Karapet Manasyan from MOEX Group, as well as Daniel Podolsky.
It is no secret that some foreign companies have blocked access to online services in Russia. Even those that are used in development fell under the sanctions. Many are already tired of constant questions without an answer. What else will stop working? How to secure your teams? How much will it cost the business? One of the solutions is its own development. And Grigory Zaripov I’m ready now introduce at the conference opensource solution Yandex.Toloka. It is useful both for quickly delivering Frontend to the end user and for speeding up testing.
The multiple growth of customers who switch to Russian counterparts from foreign services is another challenge of the new time. In a system with a large number of users, load testing is an integral part of the QA process. Of course, there are many tools for testing. Only some solve only relatively narrow tasks, and more complex complexes are paid and proprietary, and this imposes its own limitations.
Nevertheless, Miro uses both manual launch of scripts and a whole complex of third-party and proprietary components with integration into CI / CD. Dmitry Vinokurov will tell how to build a QA process in terms of performance – expensive, high quality and … not fast. A separate challenge for the team was a parallel move from a monolith to microservices.
If you remember about the servers, it would also be good to understand how many of them will be needed in the future. And without big analyzers, you can quickly understand how much and how the servers are loaded now. And for this you need to figure out what metrics are needed, where and how they are collected. How are they aggregated and how many of them can there be at all. Where the metrics are collected and how much space they take up are also interesting questions. About all this – how to analyze and predict – in one report collected Evgeny Sudarchikov from Ozone.
Almost all tech leads and IT managers in companies solve problems at the intersection of engineering processes, testing and operation. So this year DevOps Conf & TechLead Conf 2022 is a multi-format conference about support, operation, engineering practices and processes in IT. Date and place of deployment – June 13-14, Moscow, Skolkovo campus.
Tickets are already on sale! One ticket entitles you to attend both conferences. You no longer need to tear yourself up and choose which conference you want to attend. Become part of the largest community of senior engineers and see you on June 13 and 14!