Co-hosted with the Vienna DevOps Meetup. Go check them out!

What to expect:

🗣️ Two or Three speakers

👥 Meet old and new friends from the community

🍕 Free food

🎉 Open-end and free drinks afterwards

✔️ Just RSVP!

Agenda:

17:30 - Doors open

18:00 - Welcome

18:05 - 🗣️ Daniel Drack - DevOps Basics: RBAC done right

18:45 - Break

18:50 - 🗣️ Jakob Durstberger - AI-Powered Cloud Native Lean B|T|DDDevSecOps for Beginners

19:25 - 🗣️ Dejan Bosanac - The foundations of modern software supply chain security

20:10 - 🎉 Open-end

🧑‍💻 Speakers:

Daniel Drack - Senior DevOps Engineer @ FullStackS GmbH | Community & KCD Organizer

Daniel started his IT carreer as an administrator for ETL and BI tools. He then worked some time in a data warehousing team before diving into all topics devops and cloud native. In his current role he is a DevOps and cloud-native consultant with FullStackS GmbH. Daniel holds a BSc in Industrial Engineering, a MA in Innovation Management and an MBA.

He lives in Graz with his girlfriend and his tomcat Manfred.

Daniel's session

In today’s fast-paced cloud native environments, ensuring the right people have the right access to the right resources is critical. Role-Based Access Control (RBAC) is a powerful tool that helps streamline access management, reduce security risks, and maintain compliance. But how do you implement RBAC effectively across different stages and systems in your environment?

Join me for an informative and hopefully somewhat fun session where we’ll demystify RBAC and provide you with a clear understanding of its core principles. We’ll cover essential terminology, explore the key concepts, and discuss how to apply RBAC consistently across various stages of your development lifecycle. Additionally, you’ll learn about best practices to ensure your RBAC implementation is robust, scalable, and adaptable to your organization’s needs.

Whether you're just getting started with DevOps or looking to refine your existing RBAC strategy, this talk will equip you with the knowledge and tools to do RBAC right.

--

Jakob Durstberger is a polyglot programmer and founder of Ursa Agilis Consulting.

With over a decade of experience, Jakob has worked on a plethora of software systems in Austria and the UK in industries like public transportation, TV broadcasting, e-commerce, health tech, aviation and many more.-

Jakob is also active in the software engineering community, organising multiple meetups and co-organising SoCraTes UK Unconference.

Jakob's session:

Building software systems is easier than ever before, or is it?

Software engineers find themselves confronted with an ever-growing list of required skills. The 'T' of the famous T-shaped developer seems to be getting flatter and wider.

Can one person still know enough to help build great systems?

When will it become too much?

And how can we mentor people who have just stepped into this, at times overwhelming, career?

--

Dejan Bosanac is a Software Engineer at Red Hat with an interest in open source and integrating systems. Over the years He has been involved in various open source communities tackling problems like: Software supply chain security, IoT cloud platforms and Edge computing, Enterprise messaging and integration

Dejan's session:

Software supply chain security (SSCS) is a hot topic these days, and for a good reason. We are all using and developing software that depend on a large number of other software artifacts. Most organizations don't have tools today that will show them if they have exposable vulnerabilities in their software projects.

To support developers building secure software, new standards and tools keep emerging. Signing software, creating SBOMs, exchanging vulnerabilities (VEX) are slowly getting into development workflows. But even having these documents produced will only get us a half-way through. We need ways to store and analyze potentially a large number of documents to become aware of our vulnerabilities.

In this session we will start with the basics, explaining the foundational standards used today. Next, we'll discuss using those standards in practice for creating documents like SBOMs and using different sources of vulnerability information. Finally, we'll showcase some new efforts in this area with projects like Guac and Trustification, that allow us to store and analyze SSCS data.

---

Location:

SQUER Solutions, Marxergasse 17/1/33, 1030 Wien

------------

Got something to say? 📢

Are you a seasoned speaker, or is this the first time you hit the stage?

Want to give a talk at one of our next events? We would like to have you.

Our formats:

• Full talks (~30 to 45 min.)

• Short talks (~15 min.)