PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.

•

0 recomendaciones•382 vistas

Puppet

Tecnología

Avoiding Toxic
Tech Debt
Sad Stories By
R Tyler Croy

You will need
independent
infrastructure

Managing secrets
- Certificates
- Signing keys
- API keys / tokens

Access Control
- GitHub Organization
- LDAP
- Artifactory
- Jenkins Matrix Authorization
- SSH keys

Service balkanization
- Virtual machines
- Jails/chroot
- Containers

Security Lifecycle
- Security advisory lists
- Automation => Easier upgrades
- Don't be dumb

"Automating this is hard"
- Difficult services
- Custom packaging
- Monitoring

Incident response
- Application problems
- Resource exhaustion
- Cache issues
- Insufficient file descriptors
- Log rotation

Derployment
- Document deployment processes
- Continuous delivery saves time

Más contenido relacionado

La actualidad más candente

Kali linux and some features [view in Full screen mode]abdou Bahassou

DevOoops (Increase awareness around DevOps infra security) - VoxxedDays Ticin...Gianluca Varisco

Malware forensicsSameera Amjad

Bz backtrack.usagedjenoalbania

Hack Attack! An Introduction to Penetration TestingSteve Phillips

DevSecCon Singapore 2018 - System call auditing made effective with machine l...DevSecCon

Anatomy of a Cloud HackNotSoSecure Global Services

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...DynamicInfraDays

Icinga Web 2 is more - Module magic at Icinga Camp San FranciscoIcinga

Automating OWASP ZAP - DevCSecCon talk Simon Bennetts

せめてログサーバの稟議を通す方法歩奥山

Packet Capture on AWSTeri Radichel

Dokku your own heroku 21Amoniac OÜ

Dokku - your own herokuAleksandr Simonov

Icinga 2010 at Nagios WorkshopIcinga

La actualidad más candente (15)

Kali linux and some features [view in Full screen mode]

DevOoops (Increase awareness around DevOps infra security) - VoxxedDays Ticin...

Malware forensics

Bz backtrack.usage

Hack Attack! An Introduction to Penetration Testing

DevSecCon Singapore 2018 - System call auditing made effective with machine l...

Anatomy of a Cloud Hack

ContainerDays NYC 2016: "The Secure Introduction Problem: Getting Secrets Int...

Icinga Web 2 is more - Module magic at Icinga Camp San Francisco

Automating OWASP ZAP - DevCSecCon talk

せめてログサーバの稟議を通す方法

Packet Capture on AWS

Dokku your own heroku 21

Dokku - your own heroku

Icinga 2010 at Nagios Workshop

Similar a PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.

(WEB301) Operational Web Log Analysis | AWS re:Invent 2014Amazon Web Services

SecuritytoolsRichmond Adebiaye

Security in Android Applications / Александр Смирнов (RedMadRobot)Ontico

Advance java session 19Smita B Kumar

Lares from LOW to PWNEDChris Gates

How to slice your monolithic webapp using MicroApps architectureYonatan Maman

Cloud Device InsecurityJeremy Brown

Hacking IoT with EXPLIoT FrameworkPriyanka Aash

DDD17 - Web Applications Automated Security Testing in a Continuous Delivery...Fedir RYKHTIK

Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Designjonmccoy

OpenStack Security ProjectTravis McPeak

RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash

Why Managed Service Providers Should Embrace Container TechnologySagi Brody

CI / CD / CS - Continuous Security in KubernetesSysdig

How we build VoxTatsuhiko Miyagawa

stackconf 2020 | Speeding up Linux disk encryption by Ignat KorchaginNETWAYS

Linux Desktop AutomationRui Lapa

Threat hunting on the wireInfoSec Addicts

Netconf for Peering Automation by Tom Paseka [APRICOT 2015]APNIC

APRICOT 2015 - NetConf for Peering AutomationTom Paseka

Similar a PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc. (20)

(WEB301) Operational Web Log Analysis | AWS re:Invent 2014

Securitytools

Security in Android Applications / Александр Смирнов (RedMadRobot)

Advance java session 19

Lares from LOW to PWNED

How to slice your monolithic webapp using MicroApps architecture

Cloud Device Insecurity

Hacking IoT with EXPLIoT Framework

DDD17 - Web Applications Automated Security Testing in a Continuous Delivery...

Jon McCoy - AppSec-USA-2014 Hacking C#(.NET) Applications:Defend by Design

OpenStack Security Project

RIoT (Raiding Internet of Things) by Jacob Holcomb

Why Managed Service Providers Should Embrace Container Technology

CI / CD / CS - Continuous Security in Kubernetes

How we build Vox

stackconf 2020 | Speeding up Linux disk encryption by Ignat Korchagin

Linux Desktop Automation

Threat hunting on the wire

Netconf for Peering Automation by Tom Paseka [APRICOT 2015]

APRICOT 2015 - NetConf for Peering Automation

Más de Puppet

Puppet camp2021 testing modules and controlrepoPuppet

Puppetcamp r10kyamlPuppet

2021 04-15 operational verification (with notes)Puppet

Puppet camp vscodePuppet

Modules of the twentiesPuppet

Applying Roles and Profiles method to compliance codePuppet

KGI compliance as-code approachPuppet

Enforce compliance policy with model-driven automationPuppet

Keynote: Puppet camp compliancePuppet

Automating it management with Puppet + ServiceNowPuppet

Puppet: The best way to harden WindowsPuppet

Simplified Patch Management with Puppet - Oct. 2020Puppet

Accelerating azure adoption with puppetPuppet

Puppet catalog Diff; Raphael PinsonPuppet

ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet

Take control of your dev ops dumping groundPuppet

100% Puppet Cloud Deployment of Legacy SoftwarePuppet

Puppet User GroupPuppet

Continuous Compliance and DevSecOpsPuppet

The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet

Más de Puppet (20)

Puppet camp2021 testing modules and controlrepo

Puppetcamp r10kyaml

2021 04-15 operational verification (with notes)

Puppet camp vscode

Modules of the twenties

Applying Roles and Profiles method to compliance code

KGI compliance as-code approach

Enforce compliance policy with model-driven automation

Keynote: Puppet camp compliance

Automating it management with Puppet + ServiceNow

Puppet: The best way to harden Windows

Simplified Patch Management with Puppet - Oct. 2020

Accelerating azure adoption with puppet

Puppet catalog Diff; Raphael Pinson

ServiceNow and Puppet- better together, Kevin Reeuwijk

Take control of your dev ops dumping ground

100% Puppet Cloud Deployment of Legacy Software

Puppet User Group

Continuous Compliance and DevSecOps

The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy

Último

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

Finology Group – Insurtech Innovation Award 2024The Digital Insurer

Partners Life - Insurer Innovation Award 2024The Digital Insurer

Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia

Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo

TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc

2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong

Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays

Automating Google Workspace (GWS) & more with Apps Scriptwesley chun

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

Histor y of HAM Radio presentation slidevu2urc

Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer

🐬 The future of MySQL is Postgres 🐘RTylerCroy

Presentation on how to chat with PDF using ChatGPT code interpreternaman860154

WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal

GenCyber Cyber Security Day PresentationMichael W. Hawkins

Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun

08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls

Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK

PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.

1. Avoiding Toxic Tech Debt Sad Stories By R Tyler Croy

3. Welcome to the future

4. Welcome to the future

5. You're an ops now

6. You will need independent infrastructure

7. Choosing tools

8. Choosing tools

9. Tech debt

10. Tech debt

11. Tech debt

12. Automation

13. Automation

14. Automation

15. Security

16. Managing secrets

17. Managing secrets - Certificates - Signing keys - API keys / tokens

18. Managing secrets - Certificates - Signing keys - API keys / tokens

19. Access control

20. Access Control - GitHub Organization - LDAP - Artifactory - Jenkins Matrix Authorization - SSH keys

21. Access Control - *GitHub Organization* - LDAP - Artifactory - Jenkins Matrix Authorization - SSH keys

22. Access Control - GitHub Organization - *LDAP* - Artifactory - Jenkins Matrix Authorization - SSH keys

23. Access Control - GitHub Organization - LDAP - *Artifactory* - Jenkins Matrix Authorization - SSH keys

24. Access Control - GitHub Organization - LDAP - Artifactory - *Jenkins Matrix Authorization* - SSH keys

25. Access Control - GitHub Organization - LDAP - Artifactory - Jenkins Matrix Authorization - *SSH keys*

26. Service balkanization

27. Service balkanization - Virtual machines - Jails/chroot - Containers

28. Service balkanization - *Virtual machines* - Jails/chroot - Containers

29. Service balkanization - Virtual machines - *Jails/chroot* - Containers

30. Service balkanization - Virtual machines - Jails/chroot - *Containers*

31. Security Lifecycle

32. Security Lifecycle - Security advisory lists - Automation => Easier upgrades - Don't be dumb

33. Security Lifecycle - *Security advisory lists* - Automation => Easier upgrades - Don't be dumb

34. Security Lifecycle - Security advisory lists - *Automation => Easier upgrades* - Don't be dumb

35. Security Lifecycle - Security advisory lists - Automation => Easier upgrades - *Don't be dumb*

36. Security

37. Security

38.

39. Manual work

40. "Automating this is hard"

41. "Automating this is hard" - Difficult services - Custom packaging - Monitoring

42. "Automating this is hard" - *Difficult services* - Custom packaging - Monitoring

43. "Automating this is hard" - Difficult services - *Custom packaging* - Monitoring

44. "Automating this is hard" - Difficult services - Custom packaging - *Monitoring*

45. Incident response

46. Incident response - Application problems - Resource exhaustion - Cache issues - Insufficient file descriptors - Log rotation

47. Incident response - *Application problems* - Resource exhaustion - Cache issues - Insufficient file descriptors - Log rotation

48. Incident response - Application problems - *Resource exhaustion* - Cache issues - Insufficient file descriptors - Log rotation

49. Incident response - Application problems - Resource exhaustion - *Cache issues* - Insufficient file descriptors - Log rotation

50. Incident response - Application problems - Resource exhaustion - Cache issues - *Insufficient file descriptors* - Log rotation

51. Incident response - Application problems - Resource exhaustion - Cache issues - Insufficient file descriptors - *Log rotation*

52. Laziness

53. Laziness

54. Manual work

55. Manual work

56.

57. Derployment

58. Derployment - Document deployment processes - Continuous delivery saves time

59. Derployment - *Document deployment processes* - Continuous delivery saves time

60. Derployment - Document deployment processes - *Continuous delivery saves time*

61. Derployment

62. Good luck

63. Good luck

64. Go automate

PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (15)

Similar a PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.

Similar a PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc. (20)

Más de Puppet

Más de Puppet (20)

Último

Último (20)

PuppetConf 2016: Avoiding Toxic Technical Debt Derivatives – R. Tyler Croy, CloudBees, Inc.