Hi [[ session.user.profile.firstName ]]

Application Management As Part of The Overall Service Management Lifecycle

In this session, Cathy, one of North America’s most experienced ITSM practitioners, will review how her organization tackled Application Management under the ITIL framework while avoiding the creation of redundant support silos and new processes to what are already in place on the Infrastructure side.

Her discussion includes: how her organization defined the concept of Application Management according to ITIL; how they avoided having redundant Infrastructure AND Application Management processes, policies and support; the approach used to avoid separate process improvement projects; and how they created holistic across-the enterprise strategies for all Application Teams.
Recorded Apr 26 2012 43 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Cathy Kirch, itSMF USA, The priSM Institute and Allstate Insurance Company
Presentation preview: Application Management As Part of The Overall Service Management Lifecycle

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • SHIFT LEFT THEN SHIFT UP: STRENGTHENING YOUR DEVSECOPS POSTURE Jun 20 2019 3:00 pm UTC 45 mins
    Rani Osnat, VP of Product Marketing Aqua Security
    The concept of “shift left” engages security earlier in the development cycle of cloud-native applications, accelerating development while reducing risk. However, migrating to cloud-native environments also necessitates the security team to “shift up”, focusing on the application layer to account for the shared-service model and “thin OS” environments that are prevalent in these environments.

    Attend this webinar to learn why Shifting Up provides improved security and cost efficiency in cloud-native environments, including:

    - Kubernetes orchestrated applications
    - Containers running on VMs
    - Serverless containers (e.g., AWS Fargate and Azure Container Instances)
    - Serverless functions (e.g., AWS Lambda and Azure Functions)
  • Panel Discussion - Application Security in a DevOps World Jun 6 2019 10:30 am UTC 45 mins
    Moshe Lerner (Checkmarx), Paul Farrington (Veracode)
    With today's enterprises leveraging around 1000 applications and multiple clouds, application security is becoming a key area of focus. Application security testing is being integrated into the DevOps process early on, while automation, speed and coverage and becoming critical to the success of DevSecOps programs.

    Join this interactive panel of industry experts to learn more about:
    - Why application security is critical
    - Key principles for building application security into DevOps
    - Best practices for leveraging automation
    - Speed vs Security: Where do you draw the line?
    - Recommendations for improving security in 2019

    Panellists
    Paul Farrington, EMEA CTO, Veracode
    Moshe Lerner, SVP Product Strategy & Corporate Development, Checkmarx
  • Kubernetes in the Cloud May 2 2019 6:00 pm UTC 75 mins
    Matt Baldwin, NetApp and Former Founder StackPoint Cloud; Ingo Fuchs, NetApp; Mike Jochimsen, Kaminario
    Kubernetes (k8s) is an open-source system for automating the deployment, scaling, and management of containerized applications. Kubernetes promises simplified management of cloud workloads at scale, whether on-premises, hybrid, or in a public cloud infrastructure, allowing effortless movement of workloads from cloud to cloud. By some reckonings, it is being deployed at a rate several times faster than virtualization.

    In this presentation, we’ll introduce Kubernetes and present use cases that make clear where and why you would want to use it in your IT environment. We’ll also focus on the enterprise requirements of orchestration and containerization, and specifically on the storage aspects and best practices.

    •What is Kubernetes? Why would you want to use it?
    •How does Kubernetes help in a multi-cloud/private cloud environment?
    •How does Kubernetes orchestrate & manage storage? Can Kubernetes use Docker?
    •How do we provide persistence and data protection?
    •Example use cases
  • Introducing a Security Feedback Loop Apr 25 2019 7:00 pm UTC 45 mins
    Dan Garfield, Chief Technology Evangelist, Codefresh.io
    We’re all looking at ways to prevent vulnerabilities from escaping into our production environments. Why not require scans of your Docker images before they’re even uploaded to your production Docker registry? SHIFT LEFT!

    When your engineers get information about security vulnerabilities earlier, they're more efficient with fixes!

    Join Codefresh, as we demonstrate setting up vulnerability and compliance thresholds in a CI pipeline. We will show you how to give your teams access to your Docker images’ security reports & trace back to your report from your production Kubernetes cluster using Codefresh.
  • New Enterprise Application and Data Security Challenges and Solutions Apr 25 2019 5:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere and the breach epidemic growing, the need for application and data protection solutions has become even more critical.

    Join Ulf Mattsson, Head of Innovation at TokenEx as he discusses:

    - New Security Challenges to Applications and Data in Cloud
    - New requirements from Regulations
    - Application and Data Security solutions for the Enterprise
    - Trends in integration of Security into Application development
    - Automating Security tasks in the Open Application development process
    - The new API Economy
    - Application Security in the new API Economy
    - Latest developments and standards in Identity Management for The API Economy
    - Emerging Data Protection options for Public, Hybrid and Private Cloud.
  • [Panel] Harnessing Knowledge: The State of Enterprise Application Security Apr 25 2019 3:00 pm UTC 60 mins
    Daniel Blander, Virtual Clarity (Moderator), Joseph Feiman, CSO, WhiteHat Security & Paul Farrington, CTO, Veracode EMEA
    As organizations strive to transform themselves for the digital economy, application development is moving further into the spotlight - and right behind it is application security.

    So in 2019, AppSec can make or break a business. Instead of being overwhelmed by this pressure, there are tools and processes on the market that can help your application both meet and exceed business and security demands.

    From infrastructure-as-code models to API security and DevOps, learn from this panel of global experts how to harness knowledge and accelerate application release cycles, improve security and transform your business.

    Moderator: Daniel Blander, Virtual Clarity
    Panelists:
    Joseph Feiman, Chief Strategy Officer, WhiteHat Security
    Paul Farrington, CTO, Veracode EMEA
  • A Journey into Open Development with Lloyds Banking Group Apr 25 2019 10:00 am UTC 30 mins
    James McLeod, Software Engineering Lead, Lloyds Banking Group
    Lloyds Banking Group is a financial services group with millions of customers and a presence in nearly every UK community, both online and on the local high street. With more than one million businesses serviced through their brands, the hopes for creating the bank of the future is firmly locked in the sights of this digitally transforming organization.

    In order to hit their ambitious goal, Lloyds Banking Group is changing from a traditionally introverted bank, hardened to risk through years of manual process, into an open and collaborative organization where innovation and experimentation are driven by engineering and automation.

    During this talk you’ll learn how Lloyds Banking Group journeyed into Inner Source with the formation of engineering guilds and how this lead to the adoption of GitHub Enterprise from proof of concept to widespread use. We’ll also explore how engineering guilds formed the GitHub Enterprise Working Group to share successes and educate on best practices, while safeguarding the operation of their engineering community.

    Finally, we’ll tell the story of how Lloyds Banking Group is moving fast toward Open Source, powered by the determination and ambition of Lloyds Engineering and the Lloyds Banking Group Open Source Mission.

    About the speaker:
    James McLeod is a passionate Software Engineer with a belief in open collaboration and a drive for growing engineering communities.

    James’ role as Software Engineering Lead at Lloyds Banking Group focuses on guiding the engineering community, listening to feedback, and removing barriers through leading and advocating for Lloyds engineering guilds and Inner Source collaboration.

    His energy and passion goes beyond the workplace where James is the founder of ‘React London–Bring Your Own Project’ – a rapidly growing London meetup, with over 1300 active members.
  • Making Continuous Security in Applications a Reality Apr 24 2019 5:00 pm UTC 43 mins
    Aaron Weaver - Application Security Architect, OWASP and DefectDojo
    You’ve probably heard many talks about DevSecOps and continuous security testing but how many provided the tools needed to actually start that testing? This talk does exactly that. It provides an overview of the open source AppSec Pipeline tool which has been used in real-world companies to do real security work. Beyond a stand-alone tool, the OWASP AppSec Pipeline provides numerous docker containers ready to automate, a specification to customize with the ability to create your own implementation and references to get you started.

    The talk will also cover how to add an AppSec Pipeline to your team’s arsenal and provide example templates of how best to run the automated tools provided. Finally, we’ll briefly cover using OWASP Defect Dojo to store and curate the issues found by your AppSec Pipeline. The goal of this talk is to share the field-tested methods of Aaron Weaver - If you want to start your DevSecOps journey by continuously testing rather then hear about it, this talk is for you.
  • How to Protect Cloud-Based APIs from Data Scrapers and Cloned Apps Apr 24 2019 12:00 pm UTC 46 mins
    David Stewart - Co-Founder, CriticalBlue and Stephen Gorton -Technical Architect, Racing Post
    If you are deploying APIs, even private ones, you are leaving your revenue stream open to exploitation. APIs are a window into your business and if there is a way to make a gain from abusing that API, someone will do it. Worse, thousands of people or thousands of bots may do it.

    The art of keeping scripts and bots from abusing your APIs requires you to validate that the incoming traffic is coming from an authentic client. Merely authenticating users may not be appropriate or may not be enough. When the remote client is a mobile app and you know that mobile devices should not be trusted, achieving the authentication goal is easier said than done.

    This session will explain how Racing Post launched a feature-rich API and a new native mobile app and managed to protect their valuable data from API scrapers and their brand reputation from cloned apps. We will cover their experiences with bots, their approach to the problem and how they solved it.

    Whether you are a mobile or API developer, an enterprise system architect, or even a product owner with strong mobile revenue, you'll want to hear this story.
  • How to Prevent Mobile App API Abuse: Attacks and Counter-Measures Apr 23 2019 5:00 pm UTC 55 mins
    Skip Hovsmith, Principal Engineer & VP Americas, CriticalBlue
    Think a good user authentication solution is enough protection? Think again. Follow the ShipFast courier service’s evolving mobile app and API security defenses as it beats back malicious ShipRaider.

    As ShipFast launches its mobile app with hidden API keys and OAuth2 user authorization, we'll start discussing the existing security threats and how to counter them. Along the way, TLS, certificate pinning, HMAC call signing, app hardening, app attestation and more will strengthen ShipFast's security posture, but ShipRaider will be working hard trying man in the middle attacks, app decompilation and debugging, exploit frameworks, and other reverse engineering techniques to keep exploiting ShipFast's API.

    This fast-paced overview of mobile attacks and counter-measures demonstrates the defense in-depth techniques required to protect both your mobile apps and your API backends.
  • New Application and Data Protection Strategies Apr 23 2019 12:00 pm UTC 60 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere and the breach epidemic growing, the need for application and data protection solutions has become even more critical.

    Join Ulf Mattsson, Head of Innovation at TokenEx as he discusses:

    - New Threats to Applications and Data
    - New requirements from Regulations
    - Application and Data Protection solutions for the enterprise
    - New trends in integration of Security into Application development
    - Automating Security tasks in the Application development process
    - The new API Economy and how to control access to applications
    - Latest developments in Identity Management for The API Economy
  • Cyber Security: Keeping Ahead of the Game with Micro Focus Recorded: Mar 14 2019 60 mins
    Darren Blumenthal, Stan Wisseman
    Join us to hear about the hot new technology trends and topics in the world of cyber security and how Micro Focus tools can help you stay ahead of the game with your cyber hygiene.

    This webinar is the first of its kind, as we are combining the Vivit Automation & Cloud Builders Special Interest Group and the Vivit Security Special Interest Group. This gives us an opportunity:

    •To align our thoughts and common practices
    •To learn from each other
    •To ensure we are all being cyber resilient
  • Robotic Process Automation - Based on Micro Focus OO & UFT Recorded: Mar 12 2019 60 mins
    Michael Bettan, Guillaume Dubuc, Michael O’Rourke
    Robotic Process Automation (RPA) technology creates digital factories to automate and integrate any repetitive administrative tasks. RPA reduces labor-intensive processes by imitating human effort to complete tasks, thereby boosting the capabilities of companies that perform high-volume transactional processes. Operating non-invasively on the surface (UI layer) without compromising the underlying IT infrastructure, RPA bridges the technology gap between fragmented, semi-structured legacy systems. The RPA solution is based on industry leading products Operations Orchestration (OO) and Unified Functional Testing (UFT). During this session, you will learn more about this RPA solution with a live demonstration.

    At this session we will cover the What and Why of RPA, as well as, hear how some customers are already benefiting:

    •Save time and money and learn how growth in adoption of RPA technology by organizations is allowing for greater speed and scalability while at the same time reducing risk
    •Overcome manual limitations and gain efficiencies; RPA helps IT eliminate human errors introduced by workarounds and manual data entry, all while completing tasks in record time
  • Consolidating and Upgrading Multiple APM Instances with a Larger Retailer Recorded: Feb 28 2019 58 mins
    Sarah Ware, Jay Batson
    Brought to you by the Vivit Application Performance Management Special Interest Group (SIG).

    After merging monitoring teams for consolidation and cost reduction opportunities, a larger retailer was faced with the challenge of merging the tools into one unified platform. We had two APM instances, both underutilized, that were good candidates to start with. The environments consisted of BSM 9.26 w/Oracle database and APM 9.40 w/SQL server.

    This webinar will walk through the deployment plan, problems, and successes we had along the way.

    Agenda:

    •BSM9.2x to APM Comparison
    •Deciding on a Migration Path
    •Path of least resistance and down time
    •Prep work
    •Executing Plan
    •Checklist
    •Moving things over
    •Shutting down decomd instance
    •Things you should know
    •Integrations
    •Q and A session
  • What’s New in Container Storage Recorded: Feb 26 2019 38 mins
    Keith Hudgins, Docker; Alex McDonald, NetApp
    Containers are a big trend in application deployment. The landscape of containers is moving fast and constantly changing, with new standards emerging every few months. Learn what’s new, what to pay attention to, and how to make sense of the ever-shifting container landscape.

    This live webcast will cover:
    •Container storage types and Container Frameworks
    •An overview of the various storage APIs for the container landscape
    •How to identify the most important projects to follow in the container world
    •The Container Storage Interface spec and Kubernetes 1.13
    •How to get involved in the container community

    After you watch the webcast, check out the Q&A blog at http://bit.ly/2GPkFET
  • How to Modernize Applications in the Cloud Era Recorded: Feb 21 2019 57 mins
    Jeffrey Deverter, Cloud Strategist, Cloudreach
    Learn from industry-leading Cloud Strategist Jeffrey Deverter how to modernize your applications using continuous deployment and continuous integration on the Cloud.

    Jeffrey will discuss a methodology that will enable you to modernize applications to reap several business benefits - including Agile improvements, transparency into the true cost of ownership of application operation - and share advice on how to drive business value and the direction of applications.
  • Emerging Application and Data Protection for Cloud Recorded: Feb 21 2019 62 mins
    Ulf Mattsson, Head of Innovation, TokenEx
    With sensitive data residing everywhere, organizations becoming more mobile, and the breach epidemic growing, the need for advanced identity and data protection solutions has become even more critical.

    Learn about Data Protection solutions for enterprise.

    Learn about the new trends in Data Masking, Tokenization and Encryption.

    Learn about new Standards for masking from ISO and NIST.

    Learn about the new API Economy and how to control access to sensitive data — both on-premises, and in public and private clouds.
  • Scaling Collective Code Ownership & Code Reviews at LinkedIn - Nikolai Avteniev Recorded: Feb 21 2019 56 mins
    Nikolai Avteniev - Software Engineer, LinkedIn
    The contemporary code review practice has been adopted by many organizations and open source projects as a quality assurance measure. This process typically involves software tools such as Review Board and the time of one or more peer reviewers.

    However, there is a growing body of empirical research about this broadly‐adopted practice that can help us learn more about the effects of code reviews on software quality. Available research shows that in fact, peer code reviews are better suited for knowledge sharing and code improvements, rather than for eliminating code defects or reducing error rates. The effectiveness of the process seems to depend on the experience of the reviewer with the code, the size of the change set, and the rate at which the review is conducted.

    In this talk, Nikolai will share how the LinkedIn Flagship Product Engineering team leverages the code review process to spread organizational knowledge and uplevel individual contributors. I will also discuss the tools we’ve built to support this practice across a team which spans three offices, four development stacks, dozens of teams, and hundreds of individual contributors.
  • How to build low-cost, scalable Node.js APIs with Serverless and AWS Lambda Recorded: Feb 21 2019 26 mins
    William Woodhead, Tech Lead and Co-Founder, Pilcro
    Switching from Express to Serverless has completely transformed the delivery of Pilcro’s APIs over the past 6 months.

    It has offered reduced cost, out-of-the-box deployment/scalability/monitoring, and lightning fast development.

    This talk outlines why we made the switch with a demonstration of setting up your first Node.js API with Serverless and AWS Lambda.
  • Not so FaaS, Hacker Recorded: Feb 20 2019 44 mins
    Aaron Weaver, Application Security Architect, OWASP and DefectDojo
    How fast can you build out a new security microservices? Building a security pipeline that scales with your development and operations team is achievable by creating security microservices that can be programmed in a variety of languages, cloud agnostic and infinitely scale.

    In this talk, Aaron will walk through the process of building a security automation pipeline starting with building containers in the first iteration and then moving to OpenFaaS to create simple Serverless functions. Building security automation into your program is essential in building out a scalable security services.
Trends and insights for developing apps and maintaining service
The webcasts in this channel will highlight trends and best practices for the application development lifecycle as well as how to make sure your application maintain a steady level of service.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Application Management As Part of The Overall Service Management Lifecycle
  • Live at: Apr 26 2012 3:00 pm
  • Presented by: Cathy Kirch, itSMF USA, The priSM Institute and Allstate Insurance Company
  • From:
Your email has been sent.
or close