Notes from the Summit: Day 1 Summary

 

The Event

The Global Powershell and DevOps Summit strikes you as the sort of conference run by people who have spent a fair share of their professional lives attending terribly-organized technical conferences and swearing to themselves that one day, ONE day they would create an event that lived up to their own expectations. They have certainly exceeded mine. As Don Jones said at one point, 90% of this success comes from choosing the right venue. The Meydenbauer Center is centrally located to Bellevue’s hotels and food, the staff is highly organized, and the catered food is extraordinary. The fact that the event is relatively small, not a 20,000-person cattle call, also really helps, as does the fact that there are no third-party vendors trying to sell you stuff. I would recommend this event to anyone who thinks that technical conferences have to be thinly-disguised, poorly-executed sales pitches. It’s just a good experience.

Sessions

Overall I would give today’s sessions a B+. The speakers were energetic and well-prepared, the audience was engaged with lots of good questions, and only one session I attended felt a little bit like a waste of time. (Check powershell.org’s YouTube channel for recordings of sessions posted throughout the week.) Here’s a quick rundown of the sessions I attended today:

9 AM (June Blender): Real-World Test-Driven Development in Powershell

This packed-out session was essentially a whirlwind intro to Powershell’s Pester unit-testing tool. Pester is Powershell’s contribution to the “academic discipline of code testing”, complete with asserts, mocks and a nice natural-language syntax. Despite the session name, June’s talk was actually centered around what she called “help-driven development”: where you start with a help file (your “contract with the user”) and then write tests for the behavior in the help examples. Though I’ve used Pester pretty extensively at work, I still took away some cool things from this session:

10 AM (Joe Levy and Ed Wilson, OMS Team2): Configuration Management with Azure Automation DSC (Cloud & On-Premises; Windows & Linux)

I had an asymmetrically large number of thoughts about this session, so I made them into a separate post.

1 PM (Don Jones): Stupid DSC Tricks

Don used his session as a directed roundtable discussion on how to make DSC do things it’s not necessarily designed to do. A couple of the ideas that were kicked around:

  • How do you run dynamic code (ex: for printer mapping) during an LCM consistency check instead of the static configuration in the MOF file? (Possible answers: you can create a DSC resource on the client that does stuff, or you could even write a resource that overwrites the pending MOF file itself during consistency check.)
  • Will Microsoft ever make a tool that can enumerate every possible configuration variable on a system? (Answer: No, that would be silly, but it sure would be nice to have a “watcher” service that would observe every change you make to your server after a baseline image install.)

2 PM (Mark Minasi): Harvesting the Web: Automated Datagathering with PowerShell

I’ve done various screen scraping things with Powershell, usually as a measure of last resort and with mixed results (the built-in HTML parsing always seemed really slow to me), so I was interested to learn some new approaches in this session. However, though the speaker was engaging and well-prepared, unfortunately the level of the session was not as advanced as I would have hoped/expected for this conference. (A great deal of the first hour was devoted to a fairly slow-paced introduction to basic regular expressions.) I bailed at the session break and wound up at:

3 PM (Lee Holmes, Powershell Team): Assume Breach: Building Systems for the Inevitable

Lee Holmes tends to speak in maxims, like some sort of cybersecurity oracle. Every other sentence that comes out of his mouth is a carefully distilled nugget of wisdom about system defense. I’m not sure how to summarize his session, which compared effective breach mitigation to the crumple zone of a modern car, other than by regurgitating a few nuggets (slightly paraphrased in real time):

“It is impossible to truly defend against all attacks. We have to assume that breaches will happen.”

“Breach is not a binary state. Attacks will be incremental and will propagate throughout the system. But an attacker can only do what your service can do, so remove components, isolate systems and reduce capability.”

“Data is a liability; if you don’t need it, don’t store it.”

“Don’t let success be your downfall. Design your system in such a way that popularity will not expose your weaknesses.”

“Threat modeling does not have to start with a huge Visio diagram – it starts by talking through your architecture in front of a whiteboard.”

In my opinion, this is a slightly backloaded conference, with a lot of the best sessions scheduled for later in the week. Check back tomorrow and Wednesday for more takeaways from the 2016 Summit!

Notes from the Summit: Day 1 Summary

4 thoughts on “Notes from the Summit: Day 1 Summary

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s