Transcription
DESIGN THINKING, SECURITY, ANDYOUR LIFEDECSECOPS DAYSAlex Cowan COWAN
WHO AM I?ALEX COWAN alexandercowan.com @cowanSF COWAN
WHAT IS ABORATIONCONTRACTNEGOTIATIONRESPONDING TOCHANGEFOLLOWINGA PLANSource: adapted from ‘Manifesto for Agile Software Development’ COWAN
WHAT IS GERTESTSECURITY COWAN
HOW DO YOU usDeliveryFeatures w/ High EngagementTotal Features ReleasedTotal Features ReleasedFrequency of ReleasesALEX COWAN alexandercowan.com @cowanSF COWAN
HOW DO YOU DEVSECOPS?Please get thisdone ASAPPlease deploythis ASAP(it’s late)I’m not sure Iget it, but OKDEVPlease test this asmuch as you canHow do I knowif it’s working?What’s mostimportant to test?PRODUCTMANAGEROPSHow do I get everyoneto secure their stuff?!TESTALEX COWAN alexandercowan.com @cowanSFSECURITY COWAN
HOW DO YOU DEVSECOPS?How might webuild fortestability?DEVHow might weinvest in velocity?How might we designfor testability?How might we build a morecontinuous, consistent infrastructure?DEVOPSPRODUCTMANAGEROPSHow might welayer and prioritizeour testing?TESTALEX COWAN alexandercowan.com @cowanSFHow might we standardizeand automate security?SECURITY COWAN
WHO IS PAULA THE PRODUCT MANAGER?WHAT’S IMPORTANT?a) Finding product/market fitb) Driving focused collaborationWHAT’S HARD?a) Managing uncertaintyb) Making time to test ideasc) SecurityWHERE ARE WINS?a) Init HDDALEX COWAN alexandercowan.com @cowanSF COWAN
HOW DO YOU DO HYPOTHESIS-DRIVEN DEVELOPMENT?Finding the RightPROBLEMXPersona Problem/JTBDHypothesis HypothesisFinding the hesisFunctionalHypothesistimeSource: adapted from ‘The Design of Everyday Things’ COWAN
HOW DO YOU DO HYPOTHESIS-DRIVEN DEVELOPMENT?ContinuousDesignAgileDevelopmentALEX COWAN alexandercowan.com @cowanSFContinuousDelivery COWAN
WHO IS DANA THE DEVELOPER?WHAT’S IMPORTANT?a) Connecting the dotsb) Managing changec) Aligning with infrastructureWHAT’S HARD?a) ‘Changing requirements’b) Making time to testc) SecurityWHERE ARE WINS?a) Init TDD-ishb) Manage via metricsc) Help build the infrastructureALEX COWAN alexandercowan.com @cowanSF COWAN
HOW DO YOU WRITE TESTABLE USER STORIES?EPIC STORY‘As Trent the HVAC technician, I want to know the pricing and availability of a part that needs replacing so I candecide my next steps.CHILD STORIESANALYTICSA) ‘I know the part number and I want to find iton the system so I can find out its price andavailability.’B) How often is this search used per transaction relative to thealternatives?How often does this search lead to a part order?- Searches of this type relative to others- Sequence of this search relative to other search types- Conversion to order from this type of search (%)ALEX COWAN alexandercowan.com @cowanSF COWAN
WHO IS TREY THE TESTER?WHAT’S IMPORTANT?a) Repeatabilityb) Automationc) AdaptationWHAT’S HARD?a) Murky prioritizationb) Making time to automatec) SecurityWHERE ARE WINS?a) Standardizationb) Automationc) Self-serviceALEX COWAN alexandercowan.com @cowanSF COWAN
HOW DO YOU LAYER TEST llALEX COWAN alexandercowan.com @cowanSF COWAN
WHO IS ESTEBAN THE OPS ENGINEER?WHAT’S IMPORTANT?a) Stabilityb) Standardizationc) AutomationWHAT’S HARD?a) Taming the beastb) Making time to automatec) SecurityWHERE ARE WINS?a) Standardizationb) Automationc) Self-serviceALEX COWAN alexandercowan.com @cowanSF COWAN
WHO IS STEVE THE SECURITY ENGINEER?WHAT’S IMPORTANT?a) Securityb) Securityc) SecurityWHAT’S HARD?a) All the little placesb) Getting into the picturec) SecurityWHERE ARE WINS?a) Standardizationb) Automationc) Self-serviceALEX COWAN alexandercowan.com @cowanSF COWAN
WHERE’S MY STUFF?https://alexandercowan.com COWAN
Source: adapted from ‘The Design of Everyday Things’ Finding the Right . PROBLEM. Finding the Right . SOLUTION. X ! Persona Hypothesis Problem/JTBD Hypothesis. Demand/Value Hypo
