Red Hat User Group

Please join us for the next Boston RHUG on Thursday, February 13 at the Boston Red Hat office for beer, wine, pizza and two exciting presentations on “Developing Kubernetes Native Applications using Quarkus" and "Automate or Die  - DevSecOps in the Age of Software Supply Chain Attacks”

Doors will open at 4:30 and the first presentation will start at 5:00 p.m. RSVP to reserve your seat!

Developing Kubernetes Native Applications using Quarkus

Presented by Ken Finnigan

Java was originally built for a world where long-running, memory-hungry dynamic applications were all that we knew. However, we now live in a world dominated by the cloud, mobile, IoT, and open source, where containers, Kubernetes, microservices, reactive, Function-as-a-Service (FaaS), 12-factor, and cloud-native application development can deliver higher levels of productivity and efficiency. Quarkus provides an effective solution for developing with Java in this new world and offers an extensible set of Java libraries and frameworks that you know and love, combined with blazingly fast startup times, extremely low memory usage and pure developer joy.

Come along to learn about developing Kubernetes Native applications using Quarkus, a Java ecosystem way to develop cloud-first, container-native, serverless focused and Kubernetes optimized apps.

Automate or Die  - DevSecOps in the Age of Software Supply Chain Attacks

Presented by Curtis Yanko

As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high profile and devastating cyber attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain in 3 days or less or, in some cases plant vulnerabilities themselves. They rely on their ability to launch attacks faster than we can patch! If we don’t fight back by automating security directly into the DevOps pipeline - then we’ll always be reactionary. This session will provide new research on the above, and details on how to get started.

Key takeaways:

• Key insights from the 2019 DevSecOps community report - including the top investments for automated security
• The need to build quality in rather than through testing and inspection
• How automating application security via policies makes them harder to ignore.

LEARN ABOUT THE SPEAKERS:

Ken Finnigan, Red Hat

Ken Finnigan is a Senior Principal Software Engineer for Red Hat Middleware and has been a consultant and software engineer for over 20 years with enterprises throughout the world. Ken leads the SmallRye project, which implements the Eclipse MicroProfile specifications while also looking to innovate with Kubernetes Native development. Ken is also part of the team developing Quarkus to be Supersonic Subatomic Java. As part of his work on SmallRye, Ken is heavily involved in the Eclipse MicroProfile community to develop specifications for Java microservices in the Cloud. Ken has previously served as the project lead for Thorntail and LiveOak, along with other JBoss projects. Ken is the author of “Enterprise Java Microservices” and has previously authored two other books.

Curtis Yanko, Sonatype

Curtis Yanko is a Director of Global Alliances at Sonatype and a DevSecOps coach and author. Prior to coming to Sonatype Curtis started a DevOps Center of Enablement at a Fortune 100 insurance company and chaired an Open Source Governance Committee. When Curtis isn’t working with customers and partners on how to accelerate delivery by building security and governance into CI/CD pipelines he can be found raising service dogs or out playing ultimate frisbee during his lunch hour. Curtis is currently working on building strategic technical partnerships to help solve for the DevSecOps toolchain.