PurePerformance

Most services are moving to SaaS - whether it’s email, collaboration, customer relations, or finance. But not everyone can go to SaaS - or at least that’s the initial reaction when navigating certain industries’ rules and regulations.Milan Steskal - who worked in healthcare for many years - is now helping organizations ask the right questions and find the best solutions as they evaluate their options to move their observability data to SaaS. Tune in and learn about the questions to ask vendors and your internal security, privacy, and compliance teams. Milan also walks us through the capabilities SaaS vendors such as Dynatrace have put in place to protect data sent to the cloud so that it stays safe and only accessible to those needing access.Links discussed today:Milans LinkedIn Page: https://www.linkedin.com/in/milansteskal/Dynatrace Trust Center: https://www.dynatrace.com/company/trust-center/ Blogs on Trust: https://www.dynatrace.com/news/tag/trust-center/

Andreas Taranetz is a software engineer and lecturer at the University of Vienna. He creates a lot of educational content around Web Performance Optimization. For the past seven years, he has also operated Wahlkabine, Austria's top website, for matching one's political views with the parties that are up for election.This episode was an amazing flashback - reminding us about the time when Steve Souders - the "godfather" of Web Performance Optimization - educated web developers about optimizing CSS, JavaScript, and server-side roundtrips.Tune in and learn why Web Performance is still such an important topic, how it relates to sustainability, why you should cache on every layer, and what the Static Site Paradox really is! Links we discussed in the episode:Andreas on LinkedIn: https://www.linkedin.com/in/andreas-taranetz/Personal Website: https://andreas.taranetz.com/We Are Developers Talk: https://www.youtube.com/live/KRemC82gsBkWahlkabine: https://wahlkabine.at/Steve Souders: https://stevesouders.com/

Authentication (validating who you claim to be) and Authorization (enforcing what you are allowed to do) are critical in modern software development. While authentication seems to be a solved problem, modern software development faces many challenges with secure, fast, and resilient authorization mechanisms. To learn more about those challenges, we invited Alex Olivier, Co-Founder and CPO at Cerbos, an Open Source Scalable Authorization Solution. Alex shared insights on attribute-based vs. role-based access Control, the difference between stateful and stateless authorization implementations, why Broken Access Control is in the OWASP Top 10 Security Vulnerabilities, and how to observe the authorization solution for performance, security, and auditing purposes.Links we discussed during the episode:Alex's LinkedIn: https://www.linkedin.com/in/alexolivier/Cerbos on GitHub: https://github.com/cerbos/cerbosOWASP Broken Access Control: https://owasp.org/www-community/Broken_Access_Control

Open Source is the Best Thing that happened to IT"! Powerful words from Marcio Lena who has been using and contributing back to open source for the past 20+ years. Besides being a vivid advocate for open source, Marcio also knows the concerns of large enterprises when picking open source projects.Tune in and follow our discussion about how to identify a healthy open-source project, how to balance between vendor and community lock-in, the power of open standards such as OpenTelemetry, open source business models as well as that contributing to open source is not limited to code but includes documentation, education and advocacy as well!Links we discussed:Marcio's LinkedIn Page: https://www.linkedin.com/in/marcio-lena/CNCF DevStats: https://devstats.cncf.io/Linux Foundation Events: https://events.linuxfoundation.org/CNCF Ambassadors: https://www.cncf.io/people/ambassadors/

DORA - the EU's Digital Operational Resiliency Act - will take effect in January of 2025 and is currently top of mind for IT Leaders across all financial service institutions that operate in the European Union. But what is DORA really? Why is this important? How can institutions meet the DORA requirements? What is the role of observability, automation and AI in all of this?To answer all those and more questions we invited Kay Young, Sr Principal Product Manager at Dynatrace, who has been working with organizations around the globe that have been tasked to implement regulations such as DORA, GDPR, FedRAMP or others.In our conversation we also touch base on the third-party risk management as well as resiliency testing and incident reporting.Resources we discussed:Kay's LinkedIn Profile: https://www.linkedin.com/in/karlien-young-4a156730/What is DORA blog: https://www.dynatrace.com/news/blog/what-is-dora/Taming DORA compliance: https://www.dynatrace.com/news/blog/taming-dora-compliance-with-ai-observability-and-security/Blog on Dynatrace's DORA compliance journey: https://www.dynatrace.com/news/blog/the-dynatrace-journey-toward-dora-compliance/Beyond DORA compliance: https://www.dynatrace.com/news/blog/dora-how-dynatrace-helps-the-financial-sector-stay-resilient/

NAIS (pronounced like NICE) is a team central application platform that provides DevOps teams with the tools they need build, test, deploy, run and observe applications.In this episode Hans Kristian Flaatten, Platform Engineer at NAV, walks us through the WHYs, HOWs and challenges of building modern platforms on Kubernetes. Tune in and hear WHY they defined their own abstraction layer for applications, HOW developers benefit from that platform and WHY they developed their developer portal instead of going with other popular available choices.Links we discussed:Hans Kristian's LinkedIn: https://www.linkedin.com/in/hansflaatten/NAIS Documentation: https://docs.nais.io/

"We will overwhelm developers if we give them the same specialized observability, security or deployment tools that are used by their platform engineering, operations, SREs or security teams!" - says Viktor Farcic, Developer Advocate at UpBound and host of The DevOps Toolkit YouTube channel. Tune in and hear us discuss about making observability easier accessible for developers, what Viktor doesn't like about Kubernetes and how Crossplane - the cloud native control plane framework - can be the gateway to real product-oriented platform engineering!Here the links we discussed during this episode:Viktor on LinkedIn: https://www.linkedin.com/in/viktorfarcic/DevOps Toolkit: https://www.youtube.com/@DevOpsToolkitCrossplane: https://www.crossplane.io/

Hans Kristian is a Platform Engineer for NAV's Kubernetes Platform Nais hosting Norway's wellfare services. With 10 years on Kubernetes, 2000 apps and 1000 developers across more than 100 teams there was a need to make OpenTelemetry adoption as easy as possible.Tune in as we hear from Hans Kristian who is also a CNCF Ambassador and hosts Cloud Native Day Bergen why OpenTelemetry is chosen by the public sector, why it took much longer to adopt, which challenges they had to scale the observability backend and how they are tackling the "noisy data problem"Links we discussed in the episodeFollow Hans Kristian on LinkedIn: https://www.linkedin.com/in/hansflaatten/From 0 to 100 OTel Blog: https://nais.io/blog/posts/otel-from-0-to-100/?foo=barCloud Native Day Bergen: https://2024.cloudnativebergen.dev/Public Money, Public Code. How we open source everything we do! (https://m.youtube.com/watch?v=4v05Huy2mlw&pp=ygUkT3BlbiBzb3VyY2Ugb3BlbiBnb3Zlcm5tZW50IGZsYWF0dGVu)State of Platform Engineering in Norway (https://m.youtube.com/watch?v=3WFZhETlS9s&pp=ygUYc3RhdGUgb2YgcGxhdGZvcm0gbm9yd2F5)

Has one of the decision makers in your organization decided that you have to go "all in on technology X" because they saw a great presentation at a conference or got a great sales pitch from a vendor? If that is the case then this episode is for you and you should forward it to those decision makers.Sebastian Vietz, Director of Reliability Engineering and Host of the Reliability Enablers Podcast, shares his thoughts on considerations when picking a technology like Serverless. We discuss the importance of knowing limits, best fit architectural patterns and things that should influence your technology decisions!Being aware of coldstarts, a 20000 concurrent request limit or 512mb being an ideal size for Lambda are just some of the things we can all learn from Sebastian.Additional links we discussed:Sebastians LinkedIn: https://www.linkedin.com/in/sebastianvietz/Reliability Podcast: https://podnews.net/podcast/ibe8kMore things on serverless: https://serverlessland.com/

Marco Sussitz and Wolfgang Ziegler from the Dynatrace OneAgent Java Team dive deep into the world of observability. They explore their journey from developers to specialists in agent technology, emphasizing the critical role of testing in preventing failures in high-stakes applications. The duo discusses the balance between detailed data collection and maintaining app performance, highlighting OpenTelemetry’s benefits. They also reflect on the importance of teamwork, continuous learning, and the integration of AI in observability systems, making for a truly insightful conversation.