A warm welcome to @espen.johansen, coming up in two minutes!

I`m already up. I promise!

Did not oversleep today 🙂

Research mentionned in the talk : https://www.agilealliance.org/resources/experience-reports/empowerment-of-security-engineers-through-security-chartering-in-visma/

And this book ( Chapter 9 ) : https://www.igi-global.com/book/balancing-agile-disciplined-engineering-management/244366

( I do not make any money on the book and I`m sorry for the price, not my choice )

https://doesvirtual.com/watch?track=2

I see 37 watching live! Post comments and questions here for @espen.johansen.

Happy to share 🙂

Short background on Visma. 13.000 employees, 6000 devs. 40 aquisitions a year, we make software and buy companies that make software.

Great talk, thanks Espen!

Thx 🙂

Thanks Espen!!

Interesting talk. ..I need to get the slides and review..this again.. agree so much on empowering and sharing the same intelligence!

Thx @troy.grandison. !

Great talk @espen.johansen I'm interested to hear (I might have missed it) how you align all of Visma and subsidiaries on a Security mandate? Do you centralise or is it departmentalised/region

@espen.johansen so you talked about sharing information that you have. Our team struggles with organizing that information and often leads to duplicate info. Do you have any suggestions on how to centralize shared information?

Thank you, @espen.johansen! Coming up in a few minutes: @shilpama and @krishnakanth_bn

@annp Track2 Topic is not what is there in the schedule. Please check

So sorry, we have the wrong talk playing – stay tuned while we fix things backstage.

Anyone else experiencing problems with the connection?

yeah

ok thanks @vnadiminti

yes, presentation stream has stopped

Please hold!

That said, I was seeing the correct talk on Track 2. The schedule is not ordered by Track number

The correct talk, Mission Live Enterprise : Distributed Agile and DevSecOps Automation at Scale Through Platform Approach, will start momentarily. Apologies for the delay!!

I guess I'll be watching this later from the library 🙂

I'm so sorry for the inconvenience, everyone. We will be showing the session with @shilpama and @krishnakanth_bn at a later time, we will make an announcement very soon. Thank you all for your patience!

Nicely recreated the live conference epxerience where you end up in the wrong room than you expected :rolling_on_the_floor_laughing:

We will be showing Mission Live Enterprise : Distributed Agile and DevSecOps Automation at Scale Through Platform Approach with @shilpama and @krishnakanth_bn at 3:50p BST today here in Track 2 during the break. Our apologies for the shuffle!

A warm welcome to @ikrnic from CROZ!

Hi all, thank you @annp!!

Hello to the 45 people watching track 2! The speaker is available here to comments and questions.

How big an software engineering organization you have, and how big share of the engineers are in the platform team?

does the platform team only build scripts or do they also operate the platform?

Hi @markus.lauttia , we are ccs 300 people strong with most of the people being engineers... And our platform team counts around 8 people

Hey @erik.sackman,they also operate the platform...in fact, when operating the platform, the team identifies things that should be automated and that goes directly to their backlog.

so you have tens of stream-aligned teams?

yep, in fact we have 12 of them... with 2 more in onboarding process currently

with not everybody in the company working as a part of the team

GCP, AWS etc offer something like this already - Kubernetes clusters, logging, monitoring, security capability, with self-service portal. What does your platform team do differently?

there are cases when it makes more sense to do the job outside the team

but roughly put you would say that you have one team of 8 engineers supporting 100 or so engineers in the stream-aligned teams?

https://shapes.teamtopologies.com/?

Hi @david.read, the thing is that we still work with clients that are relying on internal on-premise cloud installations. With our runtime infrastructure as similar as theirs, it's easier to manage risks coming from differences in infrastructure.

@markus.lauttia yes, we currently have such setup 🙂

how do you overcome bottlenecks when introducing platform teams (i.e. you introduce more dependencies)

for example, stream aligned team cannot access the k8s platform directly but must go through the platform team

Hi @erik.sackman, you're right, we try to design all changes so they are as frictionless as possible.... self-service is crucial here, we want to eliminate such situations and have stream-aligned teams to be as autonomous as possible...

and do you supply your clients with an exit strategy when they have "lock-in" on your platform?

Right now, I think that we have automated much of stuff that needs to happen for initial setup... we have a selfservice platform that can provision namespaces and project resources on its own

:)) It's not a lock-in on our platform. This is a platform that we use internally. And when we help them build their platform, they are engaged from the beginning and we reach decisions together.

Very interesting talk. Hvala...

Molim :)))

ok, so it's either included in the services your provide, or it's knowledge you take with you on consultancy efforts when building a platform for your client

interesting stuff, i'm kind of on a similar journey 🙂

👏 thanks @ikrnic I really liked the talk

thanks for sharing your experiences!

Thank you, Ivan! And now we welcome @akoran!

👏:skin-tone-4:👏:skin-tone-4: @ikrnic!

@ikrnic How do you sync with the complete ecosystem of tools/technologies which are integrated and the platform that you have built

Yes, many times part of our job is not only to deliver software components but also to consult and help our clients build their own platform... this usually includes client education, knowledge sharing and helping them with specific tasks... so we share more than we lock-in 😄

Hi @manash_hazarika we invest efforts to look out what's happening out there and we decide on the direction via Community of Practice. We need all POVs for this

Thanks all for being here, welcome @akoran!

What's this narrow path that we're pushing security candidates down?

She's saying we need more security folks to secure all the things that the software devs are making. Can anyone summarize the other points?

@akoran kudos for the Aliens reference

Hi!

Basically, we need to be judicious in how we spread responsibility in order to not overload others (DevOps folx) but be cognizant that some things require specialists. It's a fine line... but we need to move fast because the security skills aren't growing as fast as the de talent and demand (that 1:17 ratio)

@rupert - that was supposed to be a GIF, but it didn't render in my tool

I'd be really curious to hear what team structures you've seen working - most places I've worked have had separate security and they've struggled to keep up, as a devops-centric person boosting security into the discussion and automation is critical to what I do, but... bundling them together as a single team doesn't feel quite right either

How are some ways that you have seen developers effectively improve in their security skills? I have trouble growing and learning for things actually useful for development based on what my security team tells or doesn't tell me.

Now there's talk of Dev, Ops and Security teams. Previously there was talk about DevOpsSec roles too. I'd love a diagram to see what is good and bad in team structure.

Really like the last slide with the multiple streams and columns

My takeaway from the last two slides is that it's highly contextual and probably will change. Yeah, I like that slide, might steal that for some team structure discussions myself

Thanks for the informative session @akoran - loved the energy and the content.

Thank you, Amelie! And NOW, we welcome @shilpama and @krishnakanth_bn!!

Thank you so much @shilpama @krishnakanth_bn for allowing us to air your talk now — we’ll push a change so that it shows up in the schedule in just a couple of moments. cc @alex

I'll be on more later... have a Lean Coffee session to moderate!

I have some slides with the venn diagrams with better explanations as well - i will post them

@shilpama @krishnakanth_bn You’re now in the schedule — thanks for accommodating this!

@annp @genek101 Thank you Ann and Gene.

@shilpama @krishnakanth_bn Your submission generated so much interest among the programming committee — can you share some details on how you’re funded? It’s so impressive you did this for non-revenue generating applications! How did you justify modernizing certain categories of apps where justification for funding might be difficult? And thank you so much for sharing your story!

Thank you Ann and Gene

Live enterprise is our Organization level initiative, there are 6 weekly SPRINT plan review with CXO. The organization was aligned for the digitization as part of Live enterprise.

@genek To expand on that, Infosys' Live enterprise vision encompasses transforming our internal processes, employee experience, apps that support and more to enable agility, sentience. This is an ongoing org wide initiative, sponsored by the leadership.