Motivation:
-------------
After executing a project to test a cloud-based microservices platform, we experienced a lot of challenges in both technical and social manners and tried to develop solutions to cope with them. Finally, we have wrapped them up to make a list of golden rules to successfully manage a test project. The purpose of this talk is to give insights about how a test automation project is managed.

Our problems were:
----------------
Technically, if not managed properly, automated testing will lead to extra costs and could even be less effective than manual testing.
From another aspect, at some point, we had too many complaints in our retrospective meetings about the heavy deployment activities and redundant executions. We had lots of flaky tests, execution lists full of not clear test definitions. Everyone was sick and tired of maintenance issues and the team was not happy. We took actions to improve motivation in the team.

Our 4 fundamental solutions are:
--------------
* Being truly agile: Adapt new solutions quickly.
* Manage the progress: Be aware of what is going on by setting KPIs to track & monitor with tools like CloudWatch, Grafana
+ Technical part: Automation principles for the sake of robustness.

* Solutions to reduce flaky tests & analysis effort & costs: Code demos on Java API polling libraries, Selenium usage and others.
* How we solved flaky tests: Adaptations into the code and observing the effect of each application. A few examples are polling mechanisms (safe wait methods) and test design techniques
* For maintenance efforts: We keep test history in the pipelines and develop helper methods to improve quality.
Improve coverage from different aspects to reduce escaped bugs.

* Team spirit!

Results & Conclusion
---------
After application of our proposals, we observed that waste is eliminated by prioritization and removing duplicated or dispensable work. After all, we believe that this submission has interesting content which can make great attention. Instead of theoretical claims, we discuss faced challenges and applied solutions. We analyze effects of solutions with before-after situations, graphs and evidence. Instead of what to do, we go over how to do it.

Takeaways
-----------
Proposed approaches can be applied by any organization by adapting according to the related work to achieve time and cost reduction. After this talk:

* Attendees will know our 4 golden milestones for successful agile testing: Being truly agile, Managing and improving internal processes, building a Good Automation Framework and Improving Efficiency.
* Attendees will be able to realize the importance of test coverage and see how it affects defects coming from production.
* Attendees will be able to realize the effect of test suites on sprint planning and execution effort.
* Attendees will be able to have some insights about increasing efficiency.
* Attendees will be able to utilize automation not only in implementation, but also in Executions, Reporting and other phases.
* Attendees will be able to analyze bugs. Just resolve and close them, or gain some lessons-learnt from them?


Outline
Introduction & project background
----------------------------------------------------------------
Importance of agility: Quality mindset, voice of customer
Demo 1: Collecting KPIs & metrics and monitor them on CloudWatch.
----------------------------------------------------------------
Automation Principles
Demo 2: Code Blocks to reduce test smells on Java, Postman and Selenium.
----------------------------------------------------------------
Efficiency & Team Productivity
Demo 3: A game showing the effects of team work.
----------------------------------------------------------------
Close & Questions

Today we are talking a lot about security, data protection, privacy, but we are forget one pretty important stuff, a secure code. Normally most of IT professionals or security experts expect attack from outside. But what if the real enemy is our code? Many times we see that someone from developers forget to delete credentials from code, or just hard-code passwords, database endpoints, etc. From security perspective its very hard to detect it if app is already deployed.. In this session I would like to present how Endava integrate security into our CI/CD pipelines and how it help us to identify security issues.

While the business keeps increasing the pressure and demand of flexibility of the development team, the agile movement was pushed to the limits. CI/CD was born to reduce manual step to reduce human errors and increase speed to go-live! Last not least, with DevOps the teams took application responsibilities, from cradle to grave. Nevertheless, software security is still missing in many full-stack developers resume and application security responsibilities are pushed off to the security department still. Petty, because the exactly agile, CI/CD and DevOps are security enabling practices.
This session is explaining Shift-left, early security enablement in the development Lifecycle. As the application development becomes more developer centric, the developer’s toolset must match the new challenges to have responsibilities matching capabilities. Learn from rugged software to supply chain cleanliness. Learn to avoid the common pitfalls and benefits of modern application development strategies. Hear why security champions programs tend to fail, compliance driven security trainings are a waste of time and money. Take back the best practices, proven solutions and Shift Left beyond the development.

What would you do if you were asked to design a system to analyze transactions in near-real time to find money laundering? That was the challenge I has been working with the last year. I used microservices and after a while I had a fully functional system, but how to deploy it? How to keep control when each service acts independently from the rest of the system? How to deliver a system with high quality, availability, and reliability? The last piece of the puzzle was to add DevOps – and this is when things get interesting.

And during the process I must admit it, I have fallen in love with DevOps and the capabilities it brings. Come listen to a speech about the elegance and possibility’s I have learned.