Agenda

09:30 AM - 09:40 AM IST

Opening Words

DEVOPSDAYS TEL AVIV

DEVOPSDAYS TEL AVIV MINI-TRACK

09:40 AM - 10:20 AM IST

Keynote | DataOps - Why is it so hard?! // Einat Orr

Einat Orr - Treeverse
    EINAT ORR
    TREEVERSE

DataOps is harder than you might think. Supporting the operations of big data environments poses a challenge greater than the known application-level support due to the complexity of managing data together with the application. Why is data adding so much complexity? Well, Data is big, so all systems are now becoming distributed. Data is mutable, and it's hard to create repeatable, automated pipelines. On top of that, the technology is evolving at high speed and change management is messy. In this talk, we will dive into those challenges, explore best practices, and develop empathy for those who manage big data environments.

10:20 AM - 10:30 AM IST

BREAK

COUCHBASE: Any Scale, Any Load, Always On // Lior King, Senior Solution Engineer

In this session, we’ll learn why Couchbase is an ideal data platform for modern applications, how it delivers scalability, performance, and agility, and why it is a great source of truth.

DevOpsDays Ignites

Julia Shub - Lawgeex
    JULIA SHUB
    LAWGEEX

Pregnancy - Nature's CI/CD // Julia Shub

So you and your partner decide to have a child.
From this point onwards, you can treat it as a CICD project since it's basically the same.

    MICHAEL ZION
    APPSFLYER

Waste-Oriented, Hunch-Based Web Architecture // Michael Zion

The software engineering field lacks hunch-based decisions.
It's oriented towards making things right, rather than going YOLO and enjoying life.
In my talk I'm suggesting an alternate approach, where production is important, but not as much as the feelings of the person changing production.

Robert Barron - IBM
    ROBERT BARRON
    IBM

Obviously a major malfunction... Lessons 35 years after the Challenger Disaster // Robert Barron

The Space Shuttle was the most advanced machine ever designed. It was a triumph and a marvel of the modern world.
And on January 1986, shuttle Challenger disintegrated seconds after launch.This session will discuss how and why the disaster occurred and what lessons modern DevOps and SREs can learn.

Anton Weiss - Otomato
    ANTON WEISS
    OTOMATO

Resilience Engineering - a Primer // Anton Weiss

Lately we've heard some buzz around the term "resilience engineering" in relation to information systems. Much of it initiated by none other but John Allspaw - the man who inspired the birth of DevOps. My talk will lay out how the ideas of resilience engineering relate to our daily work.

    DOTAN HOROVITS
    LOGZ.IO

Checking the pulse on DevOps and Observability // Dotan Horovits

What are the biggest obstacles to Observability? Is Observability just the DevOps' responsibility? How many companies actually use tracing? Which open source SW is gaining popularity?
We went and asked this and much more to nearly 1000 engineers across the globe, to check the pulse on DevOps.

Heidi Waterhouse - Launch Darkly
    HEIDI WATERHOUSE
    LAUNCH DARKLY

The Devil's DevOps // Heidi Waterhouse

An Ignite that plays off Ambrose Bierce's The Devil's Dictionary to present satirical and painfully true definitions of words you hear at conferences all the time.

DEVREL IL Erik Zaadi - Salto
    ERIK ZAADI
    SALTO

Monitoring People - An Engineering approach to understanding human KPIs // Erik Zaadi

Feel like understanding systems is easier and more logical than people? Let's challenge that and see how engineering practices such as monitoring and CI can be correlated to understanding and improving humans, you know, those illogical chaotic beings, which are sooooo much different than production.

11:10 AM - 11:30 AM IST

BREAK

SPONSOR TALKS

APPSFLYER: Death by balloons // Gil Zellner & Elad Leev

Short story about how doing something innocent and safe at scale can go horribly wrong.


AWS: This talk will save you more than 50% of your AWS bill // Boaz Ziniman

Cloud computing changed the way we consume and pay for computing resources. Paying for what you use, and only for that, is key to get the best ROI out of your cloud investment. This session will focus on one solution that can lower your AWS bill on idle computing.


NEXT INSURANCE: DevOps the Next Insurance Way // Moshe Ben Shoham

Next Insurance offers a simple, affordable & tailored business insurance, designed for small businesses. In this short talk, we will provide a glimpse into our CI/CD processes and the cloud infrastructure that allows us to quickly deliver value to our customers and evolve our infrastructure as we identify new opportunities to better serve the small businesses owners. We will describe our DevOps processes, our usage of best-of-breed tools such as Kubernetes, and we will also talk a bit about our current challenges and how we leverage them to grow our people.

DEVREL IL Nur Lee Harel - Eventhandler
    NUR LEE HAREL
    EVENTHANDLER
BREAKOUT SESSION #1 - HOW TO WRITE YOUR PROFESSIONAL BIO, NUR LEE HAREL | JOIN ON DISCORD IN BREAKOUT CHANNEL

Sometimes during our careers, we are asked to write something about ourselves. It can be an awkward task and most of the time we have no idea what to include, how to sell ourselves, how to make it relevant etc. In this hands-on session, you will learn how to create and improve your professional bio.

Cloud Native & OSS Israel

CLOUD NATIVE & OSS MINI-TRACK

Keynote | THE WORLD HAS CHANGED - HAVE OUR DESIGNS? // Avishai Ish-Shalom

Avishai Ish-Shalom
    AVISHAI ISH-SHALOM
    SCYLLADB

When we build systems our design and tradeoffs reflect the different scales of the system: the speed of disks, latency of network; They reflect the constraints and abilities of the underlying technologies. But as technology advances some of these assumptions have become invalid. We are no longer running on physical machines for which RDBMS systems were designed; SSD changed pretty much everything in the storage world, but our software was designed for magnetic disks; NVRAM? O/S design is way off. This talk will show how changes in hardware technologies impact design rational of various systems, highlighting the importance of understanding and rethinking the design rational and explore new designs that arise from the new rational.

12:10 PM - 12:20 PM IST

BREAK

Aerospike: From GBs to PBs at Sub-milli – The Fast Track to Real-time Applications – Live “Magic Show" // Oshrat Ben Avi Zabludovitz and Zohar Elkayam
12:20 PM - 13:00 IST

Cloud Native & OSS Ignites

Orit Wasserman - Red Hat
    ORIT WASSERMAN
    RED HAT

Rant: Everybody talks about data but nobody talks about storage // Orit Wasserman

We live in a data driven world, and the data needs to be stored somewhere on some storage. This makes the storage a critical resource that may break your application and even lose all your data! Ignoring it just won’t work. You have to choose the right kind of storage for your workload: block, file or object. You need to use it wisely or you will lose performance and scale. You need to consider cost efficiency or pay a large bill in the end of the month You must make sure your data is secure by using best practices, access control and encryption. Don’t forget about Data protection as losing your data is a huge disaster!

NIR YECHIEL - RED HAT
    NIR YECHIEL
    RED HAT

Submariner: multi-cluster networking for Kubernetes // NIR YECHIEL

With standard Kubernetes networking, connectivity is limited to a single cluster only, requiring proxies to connect workloads across clusters for migration, disaster-recovery, or geographic locality. Submariner is an open source project that enables high-performance cross-cluster connectivity and Service Discovery between different Kubernetes clusters, either on-premises or in the cloud. With Submariner, your applications and services can span multiple cloud providers, datacenters, and regions.

RONEN LEVINSON - Sisense
    RONEN LEVINSON
    SISENSE

k3s: From Development to Production at the speed of light // RONEN LEVINSON

With Kubernetes becoming the standard container orchestration tool, we got to a point in which apps are deployed and managed in the same ecosystem for different purposes. As a result, the number of Kubernetes distributions started to rise in order to deal with different scenarios. To name a few: OpenShift, RKE, Tanzu… K3s is one of the newest distributions made by Rancher, which is an open source project that recently joined the list of CNCF Sandbox projects. The main goal of K3s is providing a lightweight k8s distribution using a single binary, while reducing the memory consumed by the orchestration tool.In this lightning talk we will discuss what k3s is, compare it to k8s and see how it can be installed for different purposes: CI, Edge, development and production.

Boaz Ziniman - AWS
    BOAZ ZINIMAN
    AWS

Being good neighbors - Rate limiting in a serverless world // Boaz Ziniman

How do you avoid DDoSing other systems or running out of resources when developing serverless applications? Serverless cloud based applications bring new challenges with their architecture and scaling capabilities. In a perfect world, this should be an advantage only, but we all know by now, that the world ain’t perfect. Integrating serverless with non-serveless systems is a challenge you should take into account and plan accordingly. This session will focus on why rate limiting is so important in serverless systems and how you should design a better system that acts as a better neighbors.

SPOTLIGHT IGNITE

Zeev Suraski - Strattic
    ZEEV SURASKI
    STRATTIC

Crash Course: Open Source Licenses // Zeev Suraski

Open Source is an integral part of virtually all modern software development. However, it is often too easy to not realize that some Open Source packages may come with strings attached to them - in the form of their license. In fact, some packages that might seem to be Open Source, may technically not be ones at all.
In the talk, some of the most commonly found licenses and their implications on end users will be discussed: - GPL-style licenses, including Affero GPL - BSD-style licenses - Source-available licenses.
If you’ve never heard about these licenses, or if you did hear about them but never really bothered to understand how they may affect you - attending this talk may be a good idea.

DEVREL IL Dan Lines - LinearB
    DAN LINES
    LINEARB

3 DATA DRIVEN BURNOUT INDICATORS // Dan Lines

Burnout is dangerous. Even more so when we can’t see the physical indicators due to being a distributed team. In this lighting talk I discuss the 3 data-driven burnout indicators I use to make sure my team rested and happy. As a manager it’s your responsibility to identify employee burnout and make sure your dev team is rested and healthy. But identifying signs of burnout as a distributed team can be challenging. In this lightning talk I discuss the 3 data-driven burnout indicators I use to make sure my team rested and happy.

13:00 - 14:00 IST

BREAK

SPONSOR TALKS

ELASTIC: What Is Great About Modern Monolithic Applications? // Philipp Krenn, Developer Advocate

You only have ONE repository, build artifact, deployment step, process, and version that you can run locally but still scale horizontally. Sounds too good to be true and you think it must be a theoretical example? Far from it…You might even be running such a monolith yourself. Though there are of course some tradeoffs that we are covering as well.


VONAGE: Conversing with machines: tips for creating meaningful voice interactions // Noam Mor, Conversation Design Lead

Voice is one of the first capabilities we acquire as newborns, and one of the last we lose before we leave this world. Voice communication is the fastest, most natural and efficient way to convey an idea, so why is it so hard for machines to understand the human language?
During this five minute talk, I'll share several tips that will help drive engagement when designing virtual assistant conversations, without ever compromising on experience..


TERASKY: How to choose your enterprise-grade Kubernetes? // Lev Andelman, CTO

Kubernetes comes in many sizes and flavors - choosing a future safe solution for your organization might be challenging. In this short talk I'd like to share our experience with Enterprise Kubernetes market leaders.


SITE24X7: ALL IN ONE MONITORING // Elango Vimal, Senior Presales Engineer

User experience plays a significant role in determining the success of a business as businesses globally are on their digital transformation trajectory. While DevOps teams are embracing public / hybrid cloud to run their business applications, they are left to battle diverse operational and technical challenges in providing better user experience, and using multiple tools to achieve this goal.
Learn about the most comprehensive cloud based monitoring tool that helps you to monitor your Full Stack in one single console.


MYSQL: The hottest MySQL topics in 2020 // Vittorio Cioe, Sr.Presales Consultant, Oracle MySQL

Speaking about MySQL... How to.... Security? High Availability? Operations? Cloud? Get a gasp of the hottest MySQL topics of 2020 in a time as short as 5 minutes to be up to date with what is going on in the MySQL world!


SimilarWeb: First steps to developer autonomy // Or Tzabary, Head of Production Engineering

A story on how we identified visibility issues throughout the application deployment lifecycle, made an impact by delivering a solution that we later released to Open Source.


Scylla - A fast, Scalable and Boring Database // Avishai Ish-Shalom, Developer Advocate

What is this Scylla thing we've been hearing about? why write yet another database? Well, there are a lot of great databases out there, but none quite like this one. Scylla is a database built for modern hardware, achieving extreme performance and at the same time being operator friendly and scalable. Did I mention it's open source as well?

DEVREL IL Nur Lee Harel - Eventhandler
    NUR LEE HAREL
    EVENTHANDLER
BREAKOUT SESSION #2 - TIPS AND TRICKS FOR BETTER TALK PROPOSALS, NUR LEE HAREL | JOIN ON DISCORD IN BREAKOUT CHANNEL

In this hands-on session, I will share some useful tips on how to improve your talk proposal and increase the chances of getting your talk selected, as learned from my experience as a producer of various tech conferences in the past 5 years, such as AngularUP, React Next, Node.TLV and React Week NYC.

DevSecCon Tel Aviv

DEVSECCON MINI-TRACK

14:00 - 14:40 IST
Noam Rotem
    NOAM ROTEM
    HYPERGUEST

Keynote | Good code, bad OPSEC - Data horror stories from a hacker's perspective // NOAM ROTEM

For the past few years, together with Ran Locar, we're running a side project to find sensitive data exposed by governments and large corporations. Although the code is usually OK from a security POV, in many cases the OPSEC is so bad it makes the effort invested in developing good code - redundant. In this talk we'll cover a few cases unearthed by our project, explore the failures, and discuss ways to prevent such catastrophes from happening on your systems.

14:40 - 14:50 IST

BREAK

SNYK: Trick or Treat, Hello Dependency Defeat, Liran Tal

Hello there dear developer building your app on open source dependencies. Did you ever wonder where dependencies go when they die? Oh wait, did you think source code lives forever? Think again! Join me on a journey full of humor and scare across real world incidents to learn how even the mightiest of open source projects got defeated.

DevSecCon TLV Ignites

Danny Robinson - AppsFlyer
    DANNY ROBINSON
    APPSFLYER

Security Chaos with Load Balancers // Danny Robinson

Whilst testing a directory traversal vulnerability within one of our services, I found that I got different behaviour when testing through a load balancer and direct to the service. This talk is about the research the that followed. Key Findings Discussed: AWS Application Load Balancers share code with NGINX, NGINX parses http urls in a special way which results in a protective behaviour for directory traversal attacks, How I bypassed this protection behaviour, and Quick lessons from the research

Chloe Messdaghi
    CHLOÉ MESSDAGHI
    POINT3 SECURITY

HACKER RIGHTS // CHLOÉ MESSDAGHI

Sixty percent of hackers don’t submit vulnerabilities due to the fear of out-of-date legislation, press coverage, and companies misdirected policies. This fear is based on socially constructed beliefs. This talk dives into the brain’s response to fear while focusing on increasing public awareness in order to bring legislation that supports ethical hackers, ending black hoodie and ski mask imagery, and encourage organizations to support bilateral trust within their policies.

Yaniv Simsolo
    YANIV SIMSOLO
    RTL

WHEN DEVOPS FAILS, MISERABLY // YANIV SIMSOLO

In this presentation I will briefly present some insights on the soft belly of DevOps. Even when SecDevOps is used, there are additional factors that should be understood for having a DevOps system or a DevOps operation secure. Some of the insights that I gain in the past years and most recently as the security manager of a major media company:

  • SecDevOps requires more people – security architects and security experts.
  • Juniors will not cut it.
  • Operational security experts will not do.
  • Refer to OWASP IL by me: Should I Trust my Vendor
  • Knowledge Gap – a very nefarious serial killer of DevOps, destroyer of security operations
  • Ludicrous security tools – some tools are no good. In some ecosystems the best of breed tools is useless.
  • Testbenching the 2 best of breed tools, mano-a-mano.
  • Orientation on content and delivery

Oded Hareven - Akeyless
    ODED HAREVEN
    AKEYLESS

Stopping the hassle of SSH keys by using SSH Certificates // ODED HAREVEN

SSH Keys are known to be a major operational burden, either because of the constant provisioning to target hosts or due to SSH keys that went lost (not to mention employees that took their private keys with them after they left the company…) In this session you’ll learn how to eliminate the need for ssh-keys by using ssh-certificates which in order to profoundly improve efficiency and significantly increase your workloads security posture with just-in-time access and audit.

SPOTLIGHT IGNITE

Danny Grander - Snyk
    DANNY GRANDER
    SNYK

Sour Mint - The case of malicious advertisement SDK, affecting thousands of mobile apps // DANNY GRANDER

In this talk we will share the details surrounding an SDK distributed by a Chinese ad network. We will share the details of the research methods used to identify the excessive data tracking and remote code execution backdoor in the code, and why it went undetected for more than a year. This talk will share all the details of our research into a popular advertisement SDK affecting billions of consumers of both Android and iOS ecosystems. We will share the details of our research process, leading to the discovery of hidden functionalities in the SDK, including a remote code execution backdoor affecting the privacy and security of billions mobile devices.

DEVREL IL QUINTESSENCE ANX
    QUINTESSENCE ANX
    DEVELOPER ADVOCATE

Virtually Unforeseeable: Pandemic DevRel // QUINTESSENCE ANX

One of the hardest parts professionally during this pandemic is how to shift a role that was mostly face-to-face and high travel to being 100% virtual - without losing the connection that in person interaction provides. This has led to a lot of growing pains over the past 8 months (!!!), but as a company cornerstoned in process we adapted our workflow to accommodate our New Abnormal. This is a 5 minute talk where I will run through how we shifted our workflow, not just by top loading already virtual content like blog posts but also focusing on other ways that the advocacy team could assist the business as a whole including shifting how to handle virtual events, booth duty, changes in how to present at virtual events, and more.

15:30 - 16:00 IST

BREAK

SPONSOR TALKS
Statscraft

StatsCraft MINI-TRACK

16:00 - 16:40 IST

Keynote | DO YOU REALLY MEASURE WHAT YOUR USERS EXPERIENCE? (HEBREW) // CARMIT DANON

Carmit Danon - Terasky
    CARMIT DANON
    TERASKY CLOUD & DEVOPS

The system is slowing down, the customers are becoming frustrated, but our monitoring shows all green. Everyone handles performance issues, but how do we measure it properly? Are you really measuring what your users experience? Is it possible to measure everything? In my presentation, I will walk you through some of the blind spots we all have in our monitoring systems, and share from my own experience of dealing with performance issues.

StatsCraft Ignites

Jason Yee - Gremlin
    JASON YEE
    GREMLIN

SLOs: You're missing the point // Jason Yee

Innovation is how you win customers; reliability is how you keep them. To succeed, you need both. But as organizations adopt Service Level Objectives (SLOs) as part of their Site Reliability Engineering (SRE) practices, they become fixated on reliability and innovation suffers. In this talk, I’ll discuss why you need to spend more time on innovation and how to do it. I’ll also share how you can escape your everyday toil and stressful firefighting to rediscover the fun in engineering—and help your company succeed at the same time!

NATALIE PISTUNOVICH - AEROSPIKE
    NATALIE PISTUNOVICH
    AEROSPIKE

Highway to High Availability // NATALIE PISTUNOVICH

High availability is the holy grail of an architect, ensuring the system’s uptime is achieved for a higher than normal period. This can be achieved with an Active-Active architecture and Active-Passive architecture, which, in turn, can be deployed using different models, eg multi-site clustering and cross datacenter replication. The performance is monitored to ensure the system is meeting the agreed upon SLAs and SLOs.
Let’s understand all those terms, the relationships between them and how to implement those.

ANNA TSIBULSKAYA
    ANNA TSIBULSKAYA
    MICROSOFT

Optimizing monitoring for first impressions // ANNA TSIBULSKAYA

On average, any Instagram story gets 2 sec of attention from a person viewing it. Yes, that’s the speed with which we’re already consuming information. But, how much information can you get from a 2sec look at your monitoring? And if you just joined a company and it’s your first production incident today? I’m sure, using the right tools and thinking of monitoring as a product, it’s possible to build intuitive and user-friendly monitoring, which will dramatically reduce the amount of debugging and troubleshooting in your life. My talk is about how to do it, why it’s important to pay attention to it and how to measure results.

Amir Langer
    AMIR LANGER
    EBAY

The dark side of Flamegraphs. What we can and cannot see // AMIR LANGER

Flamegraph is a visualization of hierarchical data used to show sampling profiling results. We found them to be extremely useful observability tools. At eBay, we use Flamegraphs to triage performance problems and visualize service behaviour in production. In this talk we’ll go over Flamegraphs, their strengths and limitations. We’ll also explore ideas to extend the technology especially in performance regression analysis where the current solution struggles and a view of more than a single Flamegraph is required to compare different runs.

SPOTLIGHT IGNITE

Nati Cohen
    NATI COHEN

5 Monitoring Anti-Patterns (and how to avoid them) // NATI COHEN

During the past 15 years I was lucky to partake in building and monitoring various production systems. However, while sometimes the monitors and alerts we created were spot-on, and helped us mitigate future failures quickly, other times the dashboards we created were simply useless, and the alerts did nothing but make us miserable. In this talk we will review several common monitoring mistakes my peers and I repeatedly tend to lean towards. We will discuss why these are not the right things to do, and suggest several, hopefully better alternatives.

DEVREL IL Philipp Krenn - Elastic
    PHILIPP KRENN
    ELASTIC

Take Aways from 400 Virtual Talks since March // PHILIPP KRENN

Virtual talks are the new norm. In theory, they are great — speakers and attendees can join from around the world, infrastructure is cheap and scalable, recordings are simple. But what is happening in reality with problems like Zoom fatigue? What is and what isn’t working? At Elastic, we have done 400 virtual talks and meetups since March. This talk gives an overview of the development over time, specifics in regions, differences in tooling,… and adds some personal anecdotes.

17:20 - 17:30 IST

LAST BIO BREAK...AND YOU'LL NEED ONE BEFORE THE CLOSING SESSION - SO BE QUICK!

FUNNNY CANDLE-LIGHTING BY HEATHENS AND OTHER ASPARAGI
DevOpsDays

DEVOPSDAYS FUNNY TRACK

17:30 - 18:00 IST (or as long as he keeps us laughing)

SPECIAL RANT SESSION | DO YOU KNOW WHAT YOUR PROBLEM IS...? // COREY QUINN

Corey Quinn - Duckbill Group
    COREY QUINN
    DUCKBILL GROUP

Expect the unexpected in this special live rant session that will be led by....YOU! Now is your chance to let Corey give a good talkin' to, to all of your "favorite" companies. Join our Discord and start suggesting companies for Corey to rant at in the "#rant-session-let-corey-have-it" channel.

We told you it was going to be great...so what are you waiting for, join us!