The Evolution of DevOps: Exploring the Digital Revolution @Women in DevOps

JFrog is a Proud Sponsor of Women in DevOps!

May 10, 2023

< 1 min read

Wellness in Tech: Improving Culture and Mental Health @Women in DevOps

Find out what the future holds for one of the world’s most impactful industries. From the rise of microservices architecture to agile security in a tumultuous digital era, learn about the latest and greatest goings on from leading experts in the DevOps space.

We’ll be exploring:

  • The evolution of DevSecOps
  • Automation’s role in business agility and resilience
  • Serverless Computing
  • The power of diversity in DevOps
  • Machine learning and cloud-native micro services
  • Much, much more!


Neophytos Michael

Competitive Intelligence Analyst

Phyto Michael is a driven Competitive Intelligence Analyst at JFrog, deeply committed to exploring how market leaders advance the industry with groundbreaking innovations. With a strong conviction that technology holds the key to progress, he spends his free time traveling and competing in long-distance obstacle courses. Prior to joining JFrog, Phyto spent 15 years working for Open Source Governance and Compliance companies, helping businesses of all sizes successfully integrate Open Source Software (OSS) into their development practices. He brings a wealth of knowledge and expertise to the panel, having witnessed firsthand the evolution of the Open Source movement from its inception to its present-day status as a standard development practice.

Video Transcript

welcome to women in Devils the evolution of devops event um

again thank you for funding Circle honestly very grateful to be here it’s a lovely lovely space and before we kick

off um J frog are our annual sponsors they do really amazing things for us and they

send um people like yourself to events um they help with a whole host of things

Unfortunately they can be here tonight but they are going to give away some lovely giveaways and hopefully some

keeps you encouraged to keep coming super super proud um to be something to be a sponsor tonight’s giveaway is an

Apple homepod mini speaker fresh from the Apple store today

today it was delivered um it’s free to enter there is no catch

it’s just to say thank you for being here and thank you for supporting the community all you’ve got to do is scan this QR code that’s it there really is

no catch and the winner will be revealed um during tonight’s event and you will go home

not only with an extra tote bag to give to your co-worker or your partner tomorrow

but this brand new homepod Mini I don’t know what it does

um it’s like Google Alexa

but Amazon Alexa but better so do make sure

um you put the QR code and you enter

if you have any problems with this we put it up again at the end um also if later thank you

cool second giveaway um is a three minute survey it’s three

minutes of your time um basically to win a Nintendo switch and the winner will be announced first

week of May if you are watching online I’m really sorry you can’t participate either

um so you are the pleasure of your own home but um yes there will be announced first week of May we do have a lovely J frog

speaker here today cool so we love a word cloud

um does anyone not know what a world cloud is it’s about to find out

more QR codes this is QR code I should have put this in the disclaimer must like QR codes

if you now QR code this QR code is going to ask you a question and we’re

going to kick off um so the agenda tonight is the star Lobby panel we’re going to have a q a

and then we’ll break for food and for more networking we do have a code of

conduct we’re really proud of our code of conduct and we like that everyone here

follows this code of conduct as well and the idea behind women in devops is that we participate in authentic in Fair and

Equitable way um we always exercise consideration and respect in your speech and your actions

that is in networking and that’s during the Q a and part of the parasite and PTU

um please do refrain or just do not at all um from any demeaning discriminatory

harassing Behavior or speech and please monitors your surroundings Community this is a community we love all of you

we want every single person to feel super safe on this ring any questions please ask that’s okay

and we are women in devops there’s a lot of new faces in here which I love I’m the founder nice to meet you

um my name is Lauren Landau next week we are six years old

thanks six years old there’s a couple of people in this room who’ve been coming for at

least five years so John Larson had that one um has been an amazing advocate so it’s

an amazing Community that’s done many many things but we strive to advocate for all underrepresented groups from the

tech space with a particular focus on interceptionality in devops um and thanks for being here now I’m not

the star of the show even though I keep talking these four are this is our amazing panel we are very very grateful

to have you tonight I’m going to do click on stocks and introduce yourself

um I should have probably before if you don’t speak into this mic no one at home can hear me so we have zainab from finding Circle hi

wait can you hear hi yeah

hello everyone thank you for coming my name is

the head of developer experience in operational excellence at 10x

um 10x is a banking as a service platform that supports tier one balance and

allows them to service their customers credit card 10 times

I’m Tamara Miner um I’m a strategy consultant currently

or freelancing actually um for a company called pragma platform which does a game engine and platform uh

Services essentially for various different game studios prior to that I was VP of engineering at a company

called disguise which does media entertainment servers yeah

perfect we will come back to YouTube don’t worry okay cool whilst we’re learning about

these um lovely zainab and future we’ll treat you the word cloud now Lucy great

more QR codes people thought we’d love to hear um do you want to tell us a little bit

more about what you do as learning circle and all the great work um yes so I am currently a devx engineer

at funding Circle um we’re basically focusing on making the experience of software developers

like as amazing as possible so that they can deliver as fast as possible whilst keeping our platform as stable as

possible so we really work close with our product Engineers to kind of cater their needs find solutions that

actually make a difference in their day-to-day um and do everything from like infrastructure to like really

understanding applications to provide the best and the infrastructure for them um but is that going down to tons of

details right but that’s basically that’s the view and end all of my role

before we um future go into all the cool stuff you do at jfrog and I love the cool t-shirt by the way

privilege to have one of those um yeah if you just scan this QR code we love a platform called slido here it

means you can participate in the Q a and it doesn’t matter how shy you are your question will still get answered

um we’ll build a word cloud and we’ll come back to this wonderful hi um okay so jfrog um provide an ecosystem

to help organize this organizations money as their software supply chain from starts things pretty much looking

at all sort of different tool sets they’ve got um managing the code base or the ability is licensing

um I’ve been in the devops space for nearly 20 years now I was just living in

this room I think um and uh I’ve seen it Grow from

environment to what it is today um I’ve seen that transition painfully happen

um and now today I’m in domestic intelligence looking at all the vendors in the space you know what they do how they achieve it

um are they bringing new technology to Market um and obviously how we people against that as well

excellent good stuff so we are here to discuss the evolution of devops so what

we want to start off with before we dive into q a and panel is what does the word devops mean to you in 2023

um means something very different in 2016 17 18 19. we want to know what does

it mean to you so panelists you might want to turn around if you can’t say there are televisions up here

but what we’ve got up here we’ve got collaboration magic I like that one philosophy self-service mentoring

engineering experience Security First the norm getting things out there infrastructure fun devex interesting I

want to come back to that Unix Ops like it was in 2010

Sean was like you thriving future I love it we’ll keep

this up for a few more seconds before we um We join but this is good stuff this is interesting we’re gonna delve more

into this and hear from our panelists um shortly we’ll also send this round off the event as well so you can use it

and get your opinions from our teams cool so let’s kick off then

oh I don’t like seeing myself

feel famous accent so let’s talk then I’m sorry if the old

school paper by the way my iPad has no charge um so how can devops teams then

how can devops teams balance the need the speed need to speed is that that wasn’t that

wasn’t planned um never speak with the need for security in today’s evolving fret landscape

so um it’s it’s a small word automation to be honest um that really drives how it is

developers need to understand what they’re developing how safe and secure that is before they start

um platform plus others is it’s uh understanding what the developers have got what they start to develop with and

building upon them um if they find out too late you have to go back it costs money it

costs time it reduces um your development processes it slows down your application probably for

upgradation release um she automated the whole process getting that right though is the

difficult part um you’ve got your lawyers your legal team looking at one of them British secures team they’re doing something

different the architectures we’ve got different opinions um putting those together is is the balance right

uh in a nutshell yeah Sam we’ve spoken about this a lot recently haven’t we because you’re

itching for the mic uh we have yeah and actually since we spoke I um I have a

good friend who’s who’s been in the infosec uh industry for a while

um at various companies that’s really good conversation about that so I wanted to share her uh insights as well as as

my thoughts on this so um Dev set cops is like a big term these

days that you’ll hear being thrown around and I think for for me I’m I’m

always talking with my teams about you know you need to make sure that security is something that’s underlying as a

foundational aspect of your development um and that’s something that you need to

care about just the same as like Incident Management or all of those things that you know any engineer at

your company needs to care about um but it was interesting because my my friend was saying that she hates the

term devsecops and the reason is because it makes it sound like security is just

one and done as soon as you have a devsec Ops rule in place which usually

you know you can integrate it with your CI CD and like there’s a lot of really good tools out there um and they are really beneficial and I

think you should have them because it’s a nice way to automate that and have continuous integration uh and security

as as part of that but it’s not the only thing that you should do um because security is a lot bigger than

that you know you have to think about your environment as as far as you know um perimeter testing and making sure you

don’t have vulnerabilities there making sure you’re doing pen testing which usually means you should get a third party uh to come in and do that so it’s

it’s a lot more than just one thing um and it really does need to be end to

end um yeah I like it I like quality allowances

actually um I agree with them and one thing that we’ve done at 10x is realize

that like you said it’s bigger than just bigger than you know scanning your own

vulnerabilities as part of your build process so we have the concept of what we call security champions where we have

Champions that work within the future teams that get direct training from the

security team security security team being a small function it’s really difficult for them to support the entire

engineering organization so what do security Champions do is they bring that

learning and they take the questions that the engineers have incredible with the Securities what this means is

that we’re thinking about security of an entity process like the United Nations right from when we’re taking in work

when we’re planning as we think about how are we going to implement this is this going to be a new micro service we’re also thinking what are the

security considerations I’m not in your politics that we need to put in place because you know

you can grow very much faster with devops and information but that means come with trust in the ability

to Breaking points are you going faster into you know putting your customer or

your client or whoever is depending on your software then they’re in a situation that they want they don’t want

to experience that has an inherent risk as well so organizations look at risk in very

different ways um some people will take the risk of leaving vulnerabilities in their software because they can afford to find

but it won’t damage the brand or it doesn’t you know so I think it’s one company I can’t mention one company but

specifically they were like so years ago I was working with a client

in the UK very big and they had a spreadsheet and they basically put in risk factors is if this happens what’s

the damage the brand and what’s the damage financially it doesn’t meet this criteria we don’t care we’re going to

release this anyway because we can afford to pay it off it won’t damage our brand if it damage the brand above level

five for example on this spreadsheet that was when they stopped some restricted vulnerabilities some fixing issues with legal compliance whatever

the issue may have been so how they evaluate risk changes with each organization as well

I did that um security has to be a continuous thing that’s always on your mind as part of

your design when you’re testing to release and we shouldn’t divide it from

our kind of day-to-day work so that’s where we can lead to trouble so question

alongside being found a woman devops the last six years been a devil’s recruiter by trade

no one throw anything at me eight years ago over the last six years

but from what I’ve seen both in North America and the UK is always increased

for like devsecops Engineers so if we’re hating the term devsecops right and we’re talking about all of these things

why do you think that’s on the rise I think the immediate thing that comes

to mind is we’re trying to transition into this or I guess organizations are trying to embrace a devops culture and

devops Engineers or device Engineers SRE Engineers but sorry Engineers sres are

um usually advocates for doing the right thing and so I think because we’re already in that consultative role where

you’re trying to like train people to do better and be better it’s almost easier to kind of

add more to scope because they’re probably already thinking about it anyway so it’s almost like maybe a

formalization and more explicit way of being like yeah let’s make this a thing that

you know security is is more at the Forefront because it already is like let’s make it

official I think that’s my like opinion does anyone else have anything else they want to

thank you um I I agree um and I love that that’s a cultural shift that’s happening because I think

that’s really important in addition to that I would say it’s also about legislation because security is so

tightly tied to things like data protection data privacy and with gdpr

and there’s a bunch of other legislation that’s coming out like even California has a very specific data privacy

legislation that’s come out um you need to have those things in

order to be compliant and so depending on your industry um you’re going to need that and those

things are very tightly coupled because usually when a company is asking about data privacy they’re also going to be asking about security

um and one of the things that I’ve been doing recently is actually answering security questionnaires for companies I

never thought I would be asking or answering security questionnaires for

um and you know I’m helping out with that because I’m helping create some of these processes around Incident Management and

um you know how do we do business continuity and Disaster Recovery which includes backups and that sort of thing

as well as observability and monitoring alerting and all of that is tied together um

and all of those end up being answers to questions on security questionnaires when some company is trying to land a

deal with another company you know it’s it’s pain uh not to make any disparaging

marks um but uh but it is kind of the new reality so I think that’s a big reason

why those things are increasing I think as well if you think about not

devops the role but devops the culture the mindset this is just as a

technological Society of people coming to that hospital we realize that we need to bring that

Ops closer together we’re now realizing that security should be in that mix

because like you said you cannot have the same password

I’m showing my age now but I remember developers there was devops and devsecops I think it’s security is

exactly it’s just part of that culture I mean I sell software into organizations 15 years ago where security was just not

even mentioned it was an afterthought and they’ll check it later when it’s the QA and everything else now and the

developers didn’t care 20 years ago either um it wasn’t part of the coach they just wanted to develop software and develop

it well and that was it and whereas now that is always part of that process and part of them sort of thinking of how

they’re doing software so it’s I think it’s just a natural progression a few more years with finding something else in there as well

so let’s talk about natural progression um I love reading I love a news article

love reading forms it makes me feel really intelligent but

Forbes in the last few months have claimed that the next issue illusion is already underway

so where do we think devops no I think it’s pretty apparent them don’t all love

that term anyway um but let’s talk about what the digital Revolution means for devops

um and in particular Dev X because that is something that has been

on my radar for the last six months I know there’s some very passionate people in this panel about devex and actually this is how um

women and devil spanning cycle and debx actually exists today um is because of that so let’s talk

about devex the future of devops within that um scenario I’ll give you the microphone’s

next to you and I know you’re incredibly passionate about this we have a really really but a very very good conversation about this last week

there we go I’ve actually stolen some of your words since

so yes um I’m passionate about developer experience and there’s a reason for it

uh you know zainab and I were talking earlier because she’s a developer experience engineer

and um and

developer experience ultimately I’ve done it it’s a commonly

known term in the room but ultimately your your clients your customers and

Engineers that work within your organization and your job is effectively to make it easier for them to do what

they do very well particularly Etc I like to add in sustainably because for

me that’s what their base is about so with devops devops brought about uh

a different way of thinking about being a software engineer it wasn’t enough to just know how to write a programming

language code with devops you also needed to know how to support your your coding

production know how to run how to maintain you needed to know all of these other things that used to be handled by

a different team by different teams which means that the cognitive load that

an engineer has through explanation and the need for delivery didn’t go down

we didn’t say now we’re expecting Engineers to do all of these things as part of their job so we’re gonna not

deliver to our clients no we didn’t say that we said we want you to do it I know now you’re doing automation we’re going

to do it faster so what developer experience is about is how do we make it possible for engineers

to do those things how do we remove the toil under friction how do we automate the processes how do

we put in the guardrails as much as we all as Engineers most of us want to

think yes we know everything that there is to know about our craft it’s virtually impossible so the role that

developer experience plays is as you know technology advances as we do more

automation as we do more security it’s human beings that we’re expecting

to do all of these things so we need to also be conscious of cognizant of the capabilities that we

give them to be able to do all of these things very well thank you

thank you thank you um literally Echo everything that okay said I think it is about focusing on

those who are delivering the product to our customers if you will

um and generally trying to make their lives easier and not just building devops

tooling because devops think it’s cool and it’s the devops way it’s like how do we actually tailor this so that

there is less friction kind of pushing more like making it

easier for them to do the right thing in a way that’s not going to break stuff and it’s still enabling them to go faster and you don’t really know what

that is unless you’re like on the ground with your whether it’s your product Engineers your feature Engineers your

software developers um really like hearing their pain points and understanding what their issues are now and working with them in like a

iterative agile devops way to make things better for everyone

um I think that is very much key

um and it makes a better work environment and be able to make us be able to make the money at the end of the

day like if everyone’s happier having a better experience um it’s it’s genuinely I think

like humans as we’re able to as humans we’re able to do better and do better that’s a panel in itself that comment we

could talk about that for the next hour so haven’t got anything to add on on devex

hahaha um I mean honestly I would I’ve just

re-emphasize everything that okay and zainab said because I 100 agree with it and

um you know I I remember a few years ago leading a team that was the infrastructure team and

um they kept saying comments here and there about you know oh well we’re not

close the customer so blah blah blah and they would they get a they would make disparaging comments sometimes and I sat

them down I was like look who’s our customer our customer is the developers at the company it doesn’t mean that

they’re less important because they’re not the customer who’s paying us they’re the they’re the customer that’s allowing

us to get paid by building the product and we need to enable them to do their job as best they can as YouTube both

said very eloquently um and um you know I remember at the time there

were five different CI CD tools that we had a company which was a little

redundant uh and not in a redundancy because of failover kind of way

um so we initiated a project to actually combine those and and move forward in a

more effective way and um the reason that that ended up being

effective was the engineer who’s in charge of that project went and sat down with every Dev team uh as part of their

Sprint and actually saw what their workflow was and why they chose one CI

CD tool over the next um and because of that he got a greater understanding of how that developer or

that development team wanted their experience to be and so we were able to choose a tool as they have saying based

on what their needs are so that they were happy with it because otherwise there’s a lot of friction and you want to reduce that so yeah

so was that with that in mind then so we I think we can all agree that security is incredibly important

um how do we how do we therefore make

security like the first first of our system for lack of a better phrase um

with implementing tools and also things about capabilities to support devops

sometimes I have like I’m just going to say again I was like just roll with it roll your flow I mean honestly like what

I love OJ’s idea from earlier because having that kind of security Champion is

a is a way to make sure that it’s instilled in the teams um I’ve not personally implemented that but I love

it we’re going to steal that um and you know otherwise I think one of

the things that that I’ve done with smaller smaller teams is just making sure that that’s that’s part of the

definition of done so when when you’re working on something um you know ideally you have some

success criteria and things like that that should include things like testing um you know and documentation and

security um and if you have those things also included in in your process

automatically then it makes it a bit easier to to do but I’m sure you have more to say on that because

well I was gonna touch on something that you actually mentioned in a previous um response that you gave which is

there is one thing okay we want to do security or we want to do quality or we want to repair programming whatever it

is um and we’re doing devops so we’re gonna have CI cd2 and we’re going to have pipelines

Etc but when some organizations miss the Mark is that they think about this as

separate entities so we are going to do build and that’s just

going to give me an artifact and then we’re going to do deployment and then at some point we’re going to do QA and then

at some point we’re going to do the security part so

when it comes back to developer experience which I love and it’s about how can we do all of these things

and take the pain and the effort of doing it away from the individuals there’s so many things

right and it’s not automating in silos or in isolation it’s not automating the

security task it’s embedding for security as one of the guard rails so

we’d like to give a specific example you pull checking your code into for the

repository the build runs as part of that build you’re going to run some automated tests on your service you may

run some end-to-end tests shared across environments but you can also do your

vulnerability spelling at that point you can also do your container image spelling you can also do

internal dependence system you can also check if the other artifacts that you’re

depending on internally you have been Side by signed already by your security verification there are so many other

things that you can do so that when you get the Deployable artifact at the end of the journey

as a developer who wrote the code they know that they have met that

definition of done if all those things go green without having to be bogged down with oh

who do I contact to do this kind of standing I know what does this feedback and there’s so many things that you can do in between like one of the things

that I’m being involved in recently is we know that we can have tools like

snake that can do your dependency scanning but that comes with an effort which is

if you do find a vulnerability you know dependency you need to upgrade that dependency before you can

well there is another tool called renovate which will do that dependence is coming for you and raise the pr and

so that you as the engineer all you need to do is go yes I’m happy to emerge this PR or what’s your uncle you move on so I

mean I could talk for hours

devops grow faster whilst looking at equivalent element of developer experience

I think there’s a podcast in that we picked up on a podcast

so I don’t want to sit and say Jay frog this and give yourself space people just sort of briefly explain what j4 does in

this instance so as a developer looks for a binary the Jennifer guards Factory will look at it and say Here’s the Bible

you’ve got here’s the security vulnerabilities that exists within it here’s the license is it good to use how

does your security team given it the okay does it violate a policy yes or no

I want to use but use it for example they do they go to the development process they they give the crcd they

create their artifacts at that point we then scan it again but we look at it say does this vulnerability that we know you

we told you was already there is it actually exploitable so we look at the contention element is this is a

vulnerability if you built it this way it’s exploitable if you build it another way it’s not so look at the way you build the software and give you another

report to say actually we knew this vulnerability was there but because you built it in a certain way it’s no longer

values so we give you the tick boxes of course we haven’t got it all covered yet but we’re getting there slowly slowly um but

we sort of if we’re trying to go across every step of the way right the way to the edge known as valves as to is this

vulnerability active is it been included and the developer knows it every step of the way if it was included in the code

or not um there’s more to do there’s always more to do um but I think we’re getting there slowly slowly that’s not a sales

piece that’s not explaining it’s about how tooling is going to help

yeah I guess I guess nothing much but I think

what everyone has very well said and demonstrated is that again stressing

that if we’re going to have a developed culture where everyone has to think about devops and security and all of

this and delivering and like this this cognitive overload that you were saying earlier I think we have to make it as

easy as possible for them to not even to look like they’re not even having to think about security but it is happening

do you know what I mean like you should think about security I’m not saying that but more that is easy to do I think that’s like the

key message right um yes that is the goal that is like the

optimistic end goal and again as within like devops as devops Engineers

Engineers I’m sorry you want to make it like a reality right yeah yeah it’s

gonna take some effort but I think it’s worthwhile in the long run it’s just to throw you all off here

when thinking about AI machine learning is that a potential like threat to all

the good work that you’re doing I think my initial view is like yes

unknown I guess yes in that I guess

we’re able to see like what chat gbt is doing and you can be like oh give me a pipeline that does this this and this

and then it’s producing code so you could argue that oh do we need humans these days but I think

at least from what I understand and from what I’m seeing people are using AI to

make to go faster and make their lives easier I think it’s about adapting with AI and not

kind of staying stagnant and making it easier for everyone to live at the same space that AI is

pushing us at um if we’re kind of inclusive about adopting Ai and making sure that no

one’s Left Behind then it can if anything unlock potential to do more and do different things and be more

Innovative um and so I think as much as it can be seen as a bit maybe scary that oh we’re

being replaced I think if anything we should use it to Advantage to kind of accelerate to 10x

um I don’t know if anyone else I love AI that is brilliant um is it a place is it replacing the tool sensor

though I think some of the vulnerabilities recently that have sort of been been discovered they weren’t bad

coding so it was a case that there was exploited because of a certain method that was used so how AI it’s infinite

possibilities yes would it have found it possibly who knows if it particularly did that algorithm you just don’t know

um and there’s always that element of humans tested stuff hackers are never

going to go away you know that I was going to be here there was going to find things that everyone else misses

um another another tool and tool set that we’re going to need um we’re gonna make things faster yeah a

lot faster I think over time um but I think it’ll bring in itself other issues I think it will highlight

issue we’ve ever thought of so developers will develop something um you know they’ll build something and

they’ll go through QA will go through all the testing and then AI will go what about this and I mean someone would be

completely know what it’s thought of I think they’ll just introduce another problem that we have to look that’s a problem but another issue we have to

find is a solution too um whatever that may be I mean who knows it’s still in synthesis

um I yeah I mean I I agree I think it’s um it’s something that yes and no it

could be it can be really beneficial to be part of the tool sets that that we adopt and uh you know in looking at even

the the differences between chat GPT and GPT 4.0 it’s like huge huge differences

already and it’s like not that much time has passed so um I think it would be really incredible

depending on how we harness it but at the same time there’s also you know there’s a danger there and um you know

how are these data sets being developed and like you know there there are um

some ethical concerns which I don’t know if we’re gonna get into but um that

there’s that um but I know some some folks in in the devops space who have already tried to use chat TPT to

generate some scripts and stuff and like for scripting in some basic things like it saved them tons of time but for some

other things like it’s not actually good right now at writing code so it’s not going to really work very well for you

um and like hearing about students using it to do their homework it’s like well that that might be fine but like if

they’re not learning then what’s the longer term uh cost there

um yeah I don’t know so so yeah in summary yes and no it’s interesting you say that

my sister’s 15 and my forced her to take computer science GCSE and they’ve just had to block it from the computer from

the like the server along with all the like the naughty websites because they were using it for their homework

they were using it in their coding class or python scripting

um I I think this is the conundrum that we faced um I don’t know 15 years ago and I won’t share my age

um I actually have a joke right when I started a developer was someone

that built houses we were called programmers but back to the AI question I think it’s

the same conundrum that we had um about 15 15 17 years ago when

you know pressing their programmers and then there was this new whole thing called software testing and we had

testers and it was all manually for the test Sprints in about five to seven years later it was all about Automation

and then the question was oh my gosh it’s test automation gonna mean we’re not gonna need you know quality analysts

and all of that and in 2023 and we still need policy analysts

um at the very least we’re using the human manual intervention to do

what’s called exploratory testing which wasn’t a problem we’re trying to solve

15 years ago because 15 years ago we’re doing the things that were repetitive on mundane and wrote so this is where I

think AI comes in is AI will do for

the industry what devops is doing for the industry bring in that Automation in

allowing people to move faster but we’re still going to need feelings for the experienced side of it

and I don’t think that’s going to get with you anytime soon we’ll meet again in five years ready yeah that’s zero

we’ll set the date now we’ll be talking about what’s the role

of a human in the devops industry well without this turning into a

full-blown debate right because ethics can be sensitive Topic in a good way in a bad way right

and ethics and AI great themes for a woman in devops event that’s the idea

but let’s talk about ethics because briefly at least because I think it’s important to touch on I think it links

in really nice things you’ve been talking about as I said I like reading recent article from not a

usual website um basically that what they’ve been talking about is that they are arguing the image should be like compulsory for

ethics to be embedded into like agile software development process so we’ve

not said for a very long time um what do you think some of the most pressing ethical considerations are in

software development today obviously we’ve touched on them a little bit there but is there anything else that you think we need to add in regards to what

we should be embedding in regards to ethics

is that too much an in-depth question is that like a panel in itself if you have a break and come back or

it is a big topic it is a big topic we can skip it I think I can see if we can score fit a little bit narrow narrow it

down a bit so we’re talking about AI we’re talking about software engineering we’re talking about ethics

um and when I think about AI specifically so

I’ve been doing some reading and

when we talk about things like training data you know we know that there is bias in training

and as a society we start to get we’ll get you know dependency on AI

you need to be very careful that we don’t overlook that that we don’t overlook that as pretty as a solution

looks under the hood it’s not great yet so whilst I think that yes this is a

deep conversation um probably better after why but

um it’s something that we as technologists should not forget about it shouldn’t be

something that will come to as an afterthought we should remember that inherently there is bias in everything

that we do there’s bias in the software that we write and when we have uh when

we build capabilities that allow us to move at such an accelerated case

they’re also accelerating that bias

Student Center I was just going to say that I think

um one thing that I’ve seen with the rise of AI in the last like I guess the

duration of my career is like ethics Advocates or like ethics experts or

ethics AI person within the business he’s always analyzing okay what is the implications of what we’re doing and how

it’s going to impact um like our end user I think in the same

way that we have a devops champion security Champion devsecops yeah

um I think that’s kind of the way we need to be going very quickly so that we can be

kind of making sure that our patterns have ethics in mind it’s embedded within our like agile

process as we’re kind of during our design and I do ideation as it’s at the Forefront even here at

funding Circle um I have there’s one person that comes to mind like a software engineer

um he was even I guess it’s up to us as Engineers to make a point that if we’re developing

products like is it accessible is it inclusive and pushing those initiatives

um it has to be done like on an almost personal level but also like structural

systemic level has to be built into operating models because we’re seeing

how very quickly things are moving um it’s best to act now before it’s almost too late and I think at least I

think people funding support something that we’re thinking of more and more and hopefully you will like

um Skyrocket the mount power I guess bringing ethics into what we do

um but yeah I think it’s definitely something that definitely needs to be more at the Forefront across the whole text is

um yeah I completely agree I think that the analogy that comes to mind is like

with seat belts and and crash test dummies and there’s a great book that I can’t remember the name of that talks

about all the bias built into like every product because women are never part of the test group

um and so you know airbags and stuff like that and crash zombies there weren’t females size or like female

testing done um and so more women were dying and things like this so so I can’t remember

the name of the book If anyone does technically wrongs I love to read yes and the author is Sarah

the Sarah W okay 78 more likely to die in a

car crash yeah it’s how do you like reading amazing thank you um beautiful okay so um so there’s that and

I think there’s a lot of good examples there where like just bias isn’t everything

um and the other thing I would say is I love the idea of an Ethics Advocate however currently there’s also a lot of

like you know with the people team or like diversity equity and inclusion and

all of those efforts that companies are jumping on the bandwagon there which is great but when you end up looking at

um are those things actually being implemented are the engineering leaders or leaders of the company actually

allowing initiatives that come from those things to be implemented or are they still optimizing for well you know

that’s great we have a Learning and Development budget um but we’re not actually going to give

you the time to utilize it because we need you to develop over time and do it

faster you know so I think with the ethics side of it it’s like if we have that that’s great but it better not just

be a checkbox exercise we need to actually utilize it um yeah I’ll get off my soapbox

rules I think the issue is is time um that football was down 20 years ago no one thought of Life compliance or

obscurities 15 years ago everyone thought license for blinds 10 years ago obscure it was part of it it just it’s

an evolution of time the more things we include slower developers we’re going to take the game right now it’s about speed

so there’s a balance and it should be excluded 100 uh it’ll just

take time so what we’re saying is what we should do is get all get a bottle of wine and

talk about diversity and inclusion as an ethic

right well look we’ve got one more theme left which is the future I imagine everyone’s very hungry I did promise you

all the best Lebanese food in town Italian Circle will not disappoint

um the theme tonight’s QR codes um we want to know

what devops trends do you foresee in 2024 and Beyond

spoiler alert that’s a theme for the next section um yeah want to know what you think

um we’re going to be seeing over the next year whilst our lovely audience are

doing this and jumping the word cloud there’s one or two Word answers what do you think

a foam shaped engineers that was I can’t connect just that I

think we’re all we’re going to be all doing more and I think have more varied skill sets I think the whole point of

devops is that everyone does devops eventually so I think that is the future that comes to mind where we’re thinking

about lots of development or not even just devops but everything and working together to kind

of provide a better future that was not too ready so but yeah there’s a tool in the background I want

to see more more information all sort of cybernetic type stuff as well I think

that’s the way in the future personally I think it will come at some point uh in parts of chip in your hands I think oh

what’s going to come um maybe not our lifestyle our lifetime but I think the advancement is already there they’re going to start to make it

out to Market soon because it always seems to go in Australia to have his um underground thing put into his arm

um which is quite cool you’ve got fine for it we did it anyway

media it’s 2024 I reckon the rise of the platforms

um so internal developer platforms because I’ve worked with teams

um you know what a lot of companies have done is there’s a separate Ops Team yeah separate Dev teams let’s now create a

one team the devops team but as you embed these philosophies into

the ways of working you find that Innovation comes from everywhere not just from the devops team

and one way to enable that Innovation is using internal developer platforms which

allow developers to contribute and to have data and metrics

and capabilities at their fingertips to be able to do the devops and sec

stuff um I mean maybe this is a bit of a cop-out answer but uh I do feel like AI

is going to come into play a lot more especially when they’re talking about like you know making scripting and

things like that move a lot faster and some of those mundane jobs that um folks and devops teams hate doing

like we don’t all want to be yaml Farmers so um that will probably be a thing

um I mean we’re already starting to see more people use it so um that Trend will probably continue

some good answers so what are audience thinks we’ve got yeah turn yourself around we’ve got clouds debx

Devil’s married security getting around 2024 as well just in case no one’s interested

telling anyone that will listen uh distribution system security confusion

platform engineering up there holistic serverless Lambda cybernetics so I pronounce that

correctly integration AI removes devops brought out jobs waving chaos debate

there’s a lot of Trends there but I think some really kind of like similar sort of themes um which is people on the same page that

helps um but yeah but look talking about the future then and again we’ll share this with you all as well and going back to

the office tomorrow and ask your colleagues great water fountain chat if you’re not remote

um but without highlighting anyone’s age assuming you all got LinkedIn

um Tom how long have you been in tech for like almost 20 years run up to 20. okay

um just over 20. yeah so one so we’re on about 60 and then I’ve

nearly 30 years okay it’s 30 plus 20. and that’s 50 70. just just I guess I

guess in Tech almost five years so about 75 years worth of experience here

that’s pretty epic isn’t it that’s a lot of knowledge and lots of amazing stuff

okay what I want to know and what I hope as well that everyone’s learned

something you can take something away but what advice would you give to someone that’s hoping to kick-start

their career in devops and I want you to think about that not just like as a a graduate or someone who’s coming out of

school who’s learning um through other means perhaps they’re a career changer perhaps on a different element of text a holistic sort of

advice um because hopefully we’re all advocates in this room um and to go away and to speak to our

our peers our friends our families our co-workers about getting into this space an exciting theme to 2024 we want to be

here for it so yeah what’s your advice then um it’s got anyone looking to get into devops

I think always be open to learning and like don’t stop learning because I

think the industry is always changing with AI it’s going to make change even faster

um and I guess if you’re just beginning be open to understanding the whole kind of end-to-end experience

full experience is good experience I think because you might start off even just being like

doing testing but it will really open your eyes to kind of The Wider picture and the more you learn the more you can

connect things so kind of um yeah I think open-minded learning and all experience

is good experience yeah so don’t preach the holy souls broaden

the horizons I mean go back to Y2K the year 2000 when the switch over to midnight happened and we had to employ

how many developers in the whole programming languages that nobody else is Born To Learn anymore so obviously

broadly keep your

one language don’t focus on one industry or one product um as much as possible

in addition to that I would say find a community

and find a mentor don’t try to do it by yourself because that can be really hard

all of the above uh and no that won’t be just my answers

um I think two things come to mind in particular one is don’t just look at the

shiny thing like you know kubernetes came out and like Cloud native is great don’t get me wrong but there are time

there’s a time and a place for that new shiny thing and if you don’t understand the reasons behind why you’re gonna put

it in place then it might not be the right choice and I think a lot of organizations especially I

think especially startups tend to be like oh this thing’s really shiny so I’m gonna go work on that

um or if an engineer wants to learn a thing if they want to learn that thing then they’ll Implement that thing even

if that thing is not the right thing to implement so think about the value that

you’re trying to implement and make sure that your solution maps to that value

um and then well you kind of said this already but I would just emphasize networking and you’re doing it because

you’re here um but I I cannot overstate how important networking is

um like it’s got me most of my jobs um and just yeah

yeah choose your company’s carefully don’t

just jump with the dollars um you know someone will pay you a lot of money but then they’re gonna give you no

no environment to work in um you know a lot of companies now have got programs and place their Developers for open

source projects or all sorts of stuff and if you do well in those the pay will come we’ll come back quickly

just to add on that every every everyone was saying for that what you’re getting in my mind I think the importance of understanding the fundamentals I think

if I hadn’t have understood what cloud computing Computing was generally a lot of what I’m doing wouldn’t even make

sense like so I think don’t feel like oh you need to do the shiny thing the new thing

um but stop from the ground up and then expand as you can because it will help secure

you as you kind of progress in your career excellent some good advice there

um I like the shiny thing actually I think that’s just good life advice in general just don’t gravitate towards

anything Shining um excellent well look hopefully we’ve got got time small amount of time for Q

a before we jump to slide on anyone um at home does anyone in the audience have any questions about our lovely

panel there are some questions behind you okay I’m not not regular PE

C thank you um I have so many points but I must be greedy but I’ll begin with the

disclaimer that I’ve been in Computing since 1969.

yeah exactly so on your first question what does

devops mean to you nobody mentioned anything about improving code quality which to me is a fundamental Endeavor

the idea of being fast feedback the developers not fast product production

second internal development platforms yes because they operate on Instagram but do

the right thing to put them to use it we all know devs quite early cats and they’ll all find their own little tricky

ways to get around that because they’re creative guys that’s what I use hired but like guys backwards that’s where

your heart lastly on AI AI assimilates into its work with others

this artist is not objective impede if I read today that Reddit has just decided

they’re going to pay all their API to stop it being part of being part of would it not be ironic that the arrival

of AI will actually start limiting and by virtual acts of information

it would introduce bias because you would be reduced by lack of reduced threat of information available that’s

the important ah I have lots more

so you want to start and turn it around that sounds like a bottle of wine and get to the pub sort of conversation

service engineers products it’s sometimes hard to justify

for at least having the existence of like devops

themes or sres in place uh what would be like what reasons would give the CVM

residency to keep these things in place

so and this is not just a question about devops this is a question that I have

seen many times when I’ve LED software engineering teams where we go

how do I justify this thing I want to do in this way to a manager or whoever’s

paying the bills it’s about understanding what the business cares about right what do you

care about do you care about getting products here customers pick that do you care about having a secure quality

product do you care about having an environment that’s collaborative where people can grow people can learn it’s

about understanding what does the business care about because there is nothing in my

experience that I have come across that the business cares about that cannot be improved by having devops culture within

that organization so it’s about how you shape the narrative right if they care about

delivering faster then show how devops can help them do that if they care about

uh standardization show how you can Implement that programs if they care about reliability

observability whatever it is automation which is ultimately remember that

devops fundamentalism mindset yes we talk in terms of devops teams but it’s a

mindset so let’s forget about the team let’s talk about how do we embed this mindset well we need people to coach the

engineers to do this we need people to build the tools that will allow the engineers to do this we will need people

to XYZ whatever problem we’re trying to solve and that is effectively what your devops

2 is it’s the team that solves that problem for that organization because in

the abstracts it’s not easy to justify oh can I have a budget to hire seven people who are going to do blah blah

blah blah blah but when you translate it to what the business cares about how much does it cost us every time we have

an incident in production how long does it take for a team to you know their

recovery time what does that look like their lead time for changes what does that look like if you can get the monetary amount of

that and then you can say by having people that can build extra or

having people that can do this type of coaching or that kind of coaching we can reduce the rate of incidents by

XYZ that’s the language that you know Business Leaders understand

that comes after do you like debits no

conscious time any more questions from um

hang on oh per se it’s okay saves me from running okay ability

now that is a bottle of wine down the pub question I want to give a really quick overview

or do you feel like your question was answered of course that’s what we’re here it’s women in devops

what do you do Xena well

I guess what is a devops engineer I think we’re responsible for pushing

devops culture which means that um we’re delivering as fast as we can but

making sure that making sure that things are operationally sound as you said the code quality that we’re actually the

like the quality of the code we’re pushing to production is good and we’re helping software Engineers basically

coaching them on how to do their jobs in a way that allows the quality reliability and

um speed so yeah it’s like is consultative you are engineering

Solutions you’re helping with collaborative and it will keep evolving exactly

I just want to uh touch on it one thing that you asked um or you said uh which

if the people on the call didn’t hear is um you’re interviewing for a role and

they said oh you’re currently okay you’re currently a devops engineer but someone said there’s no such thing as devops

I think when well because I I’ve said something similar to that sometimes but it’s a bit tongue-in-cheek because like

what I actually mean is it’s a mindset and at a lot of smaller companies you there’s not a budget for a head count

for a whole team of separate devops and so to a lot of what Zayna was saying is

like that mindset gets um you know instilled in all of

engineering and so if a person is saying there’s no such thing as devops hopefully they’re coming from that place

of these things are really important and foundational and core to engineering so

everyone needs to care about it so it shouldn’t necessarily be its own team but I think there’s a lot of um

Nuance in that and Company size and all sorts of other factors that come into it that you’ve had something on the back

yes um I was just going to say in in The narrowest View

it’s the team that’s going to build tools that allow the engineers to do their jobs better

that’s in its narrowest form but that’s also in its myopic form

so when I’m in organizations that are thinking that’s devops I would be the

person saying there’s no such thing as devops because that’s a very very myopic View

it’s for me it’s like you’ve just shifted the problem somewhere else you had an operations team now you have a

team that comes from a development background but still doing the operations separate from what the future team Engineers are doing

exactly so in that scenario that’s that’s what some people see the devops

engineer is but it’s a lot broader than that it’s about the capabilities are also not just a tooling it’s everything

about it still in the mindset embedding those philosophies within the organization

perfect um we are out of time and when we actually were about five minutes ago

um but there are some questions behind you um not to put you on the spot panelists

but if we send these to you would you mind if we answer them in blog format so everyone does get their questions

answered but also everyone does get to enjoy the food and have a few more drinks and network is that okay

five facts um cool so before I let you all run in that direction

um I would say a huge huge huge huge thank you to our lovely panelists

to zainab to fake title I’ll get and tomorrow I’ve been calling you Tam all evening I’m sorry I didn’t even ask you

Sam’s good okay great time on nickname basis um we’ve been able to grow for the last

six years because we’re continuously growing a community around your feedback um the direction we’ve gone in what we

focused on at the countries we went to I thought you live in California thanks thanks folks

um your feedback honesty is so important to ask The Good the Bad and the Ugly so please please please do take the time to

scan another QR code and do give us some feedback um so we can build better

events for you time and time again um but again a huge huge thank you I hope you all enjoyed it

and uh you can harass very nicely you don’t forget that code of conduct the speakers at the makeshift bar