Reflecting on Large-Scale Cloud-Native Modernizations

Lessons learned in implementing DevSecOps in large Enterprise IT

• Take stock of inventory and work with security to change perception of secure software
• Bring in security officers early on and provide education and training
• Transitioning to agile methodology and tying it into deployment and build process takes culture change
• Be mindful of tackling tech debt during migration
• Learn from industry best practices and use relevant templates

The speaker emphasized the importance of bringing in security officers early on in the process of implementing DevSecOps in large Enterprise IT. They shared that security officers may not be experts in all the technical aspects of DevSecOps, but their input is critical in managing Enterprise security. The speaker also highlighted the need for education and training for security officers to understand the new capabilities and scanning layers of DevSecOps. This early collaboration and education can help overcome roadblocks and ensure security is baked into the entire build and deployment process.

Migrating large infrastructures from an on-premise, monolithic, traditional IT management approach to a modern cloud-native Kubernetes-based ecosystem is a daunting task. Join us as Christopher Nuland (Konveyor Ambassador) leads a conversation with James Bench, Valentina Rodriguez Sosa, and Jared Burk in an open conversation about the different migrations they have completed and the challenges they experienced. This panel conversation will cover topics such as: - How community-led projects, like Konveyor, helped with the challenges of assessing applications before implementing a migration -General discussions around the planning and execution phase of their migrations -How challenges like change management and scheduling conflicts were solved -What would they do differently given the knowledge they have now -Open Q&A with the audience