JSON Web Tokens (JWT) sind die Grundlage vieler Single Page Applications und eigentlich recht einfach gestrickt. Doch in dieser Simplizität stecken auch Gefahren, denn schnell schleichen sich Fehler ein: Probleme mit der Signatur, ignorierte Ablaufdaten, unsichere Speicherung, es kann viel schief gehen. Diese Session beleuchtet den Hintergrund von JWTs, stellt beteiligte Standards vor, skizziert Bedrohungsszenarien und präsentiert Gegenmittel. Damit lassen sich SPAs sicher gestalten.

In the session we will talk about the impact of AI on the daily work of IT teams. Our goal is to fully share the big picture of the upcoming future of plan, schedule, develop and deploy an idea to a first usable MVP in under 40 minutes. Yes, the future is already around the corner, not only because my team and I have already developed the solution for our sessions main topic.

Die Authentifizierungsmethoden werden anhand verschiedener Sicherheits-Kriterien und -Eigenschaften kategorisiert. Es wird dargelegt, wie man sich dem Kriterium der wirtschaftlichen Effizienz von Sicherheitsmaßnahmen nähern kann.

Modern software development practices revolve heavily around the mythical „change“. Inspect and adapt. Retrospect and change. Change this, change that, pivot, adjust, make the team dance polka. Yet, people hate to change, systems are naturally resisting it, and we’re not talking enough about the art and science of change management in all this mess. Come to the presentation to learn how to think of your role in the process, how to use a solid, repeatable framework for managing the change, and how to communicate in a way that makes people jump on board and not jump ship. Join us to learn how to make your next good idea stick in your organisation, so you can make a long-lasting impact with your work.

So many challenges, so little time. While we’re busy developing software and keeping it operational, we also need to sharpen the saw, but how? Gamification can be a way to look at how you’re doing and find out where to improve. It’s a great way to have everyone involved and get the best out of people.

In this presentation, Ben Linders will show how playing games with the DevOps coaching cards can help to explore your current development and deployment (DevOps) practices and decide as a team what to improve or experiment with.

The games that we play are based on an engagement model. Instead of imposing change, the games enable people to pull in ideas for change and apply those in a way that best suits their collective needs.

By playing games, you can learn from each other. Teams can use games, exercises, and coaching cards to discuss values, principles, and practices, and share their experiences and learnings.

Different game formats can be used to share experiences on DevOps principles and practices and explore how they can be applied effectively. This presentation provides an overview of playing formats and will inspire you to come up with your own formats

How can you effectively organize DevOps, SRE, Platform Engineering, and CCoE? Get to know in this session!

This session will dive into the different teams and buzzwords that have come up in recent years and demonstrate the resulting issues in many environments. Afterward, we will check the recommendations on setting everything up to build up an effective organization and what to avoid. To finish it, we will have a look at data-driven approaches to increase the overall maturity further.

