It was weeks before the birth of my first daughter and weeks after I had experienced a loss in the family. At that time, making an emotional commitment to something new was by no means a small undertaking! I knew from the first meeting that I could contribute to helping create something important to the local DevOps community.
Since then I've successfully convinced my employers to let me donate a portion of my company time to DevOpsDays and sometimes to formally sponsor the event. I found that it was important that the company I work for sees value in building and maintaining the DevOps community.
Mondoonauts land in Amsterdam
This year is no different: Mondoo was a Gold sponsor for DevOpsDays Amsterdam.
At the conference I was joined by fellow Mondoonauts Patrick, Chris, Soo, Preslav, and Ivan. I also had three personal goals to make the week successful:
- Show some of my fellow European Mondoonauts some fantastic Amsterdam experiences.
- Take a photo of Mondoo's CEO, Soo Choi, on a bike in Amsterdam.
- Be onsite every day at 7:30 to help start up DevOpsDays Amsterdam.
Together, Mondoonauts took turns at the Mondoo booth, answering questions from the 500-person community. The attendees we spoke with validated our conviction that introducing security and policy as code early in the development lifecycle will save them time, resources, and costs.
Hacking a box on stage!
One unique aspect of DevOpsDays Amsterdam is that before the ‘traditional’ 2-day conference kicks off, Amsterdam has a workshop day. A majority of the conference attendees participate in the workshop day. It allows experts in the community to go deep on a particular open source project, cloud platform, or refining process within a team. This year, Mondoo's own Patrick Münch held a workshop that taught 60 participants how to hack a Windows server and Amazon EKS instance. The participants were told to just bring a laptop with a working internet connection, while Patrick supplied the rest. He walked us through the two hacks step by step, demonstrating how easy it is to penetrate these systems with the right vulnerabilities.
Find and fix the security risks that pose the biggest threat to your business.
Security is everyone’s responsibility
On the first day of the main conference, keynote speaker Emily Freeman presented a revolutionary approach to incident response. In her talk, Emily stressed that security is becoming more and more important and will soon be everybody’s responsibility in the lifecycle of a software product.
Later, Amber Vanderburg talked about how to work (and grow) together as a remote team. As a fully remote company spanning many nations, this is something everyone at Mondoo has experience in.
The struggle to make automation secure and reliable
Each day of DevOpsDays concludes with open spaces in the afternoon. Mondoo’s Ivan Milchev joined one session in which participants were convinced that scanning in production infrastructure containers isn’t relevant if you deploy multiple times a day. Ivan pointed out that just because you deploy more often does not mean that all underlying components actually get updated or stay up-to-date. Ivan’s group then split into two—one focusing on fully automating CI/CD and the other on increasing confidence over what is being deployed (for example, how to handle a deployment that crashes production). Ivan’s clear, main takeaway is that people try to automate as much as possible, but they struggle with how to be certain that their automation is secure and reliable.
No regrets
These are just some of the highlights of a fascinating conference. I love organizing DevOpsDays Amsterdam and don't regret my decision to start organizing on that gloomy, rainy night back in 2016. I am proud that Mondoo was there in 2022 as a Gold sponsor.
Finally, as to my goals, I was successful in two out of three of my goals. That photo of Soo on a bike will have to come later. ;-)