Last month saw the release of Susan Fowler’s "Whistleblower: My Journey to Silicon Valley and Fight for Justice at Uber." View in browser »
The New Stack Update

ISSUE 206: Everyone Loses with Sexism

Talk Talk Talk

“Playing the guitar is really complicated. Once you learn how to do it, you can make beautiful music, but getting there is more challenging than most people realize.”

Michael Ferranti, vice president of marketing at Portworx, on why learning Kubernetes is worth the effort.
Add It Up
Industry Sectors Over Time

Stop the hate and attention-grabbing headlines! The technology sector continues to be the most trusted among nine business sectors asked about in the 20th annual Edelman Trust Barometer. Analysis of this report, The Verge Tech Survey 2020, and countless other studies indicate that animus towards generic “big tech” companies is due primarily to their role in controlling the media, and in particular social media.

Of course, the public relations giant Edelman emphasized the negative by highlighting this headline last week: “Tech is No longer the most trusted sector in 13 markets globally — a new record.” Don’t over-interpret that finding. Globally, trust in the technology sector has stayed at about the same level over the last eight years, while financial services and energy firms have seen a big jump in trust. Tech’s halo effect is not fading as much as other industries have stepped up their corporate citizenship, or at least have had effective public relations efforts.

What's Happening

The concept of DevSecOps is getting a lot of play these days — and for good reason. As organizations’ DevOps seek to boost their rates of deployments and updates at cadences unheard of just a few years ago, the risk of vulnerabilities can often increase at the same rate, in theory. While it doesn’t have to be this way, of course, some organizations struggle with remediating vulnerabilities long after the software has been deployed, not only causing major potential headaches when breaches occur (think Equifax), but causing additional pain when developers must reconfigure code again, and in extreme cases, reinvent the wheel.

The solution, of course, is for security teams to become vested in code development at the very beginning of the production cycle. This is what agile DevOps teams are supposed to do anyway, but many organizations have not implemented the necessary culture, tools and processes to do this. After years of existing as a concept, DevSecOps formalizes the often missing security links in development processes today.

In this edition of The New Stack Makers podcast, we discuss DevSecOps evolution and why it is so vital today. The guests were selected for there first-hand experience and experience with DevSecOps were:

  • Rohit Gupta, global segment leader, security, for Amazon Web Services (AWS).
  • Cindy Blake, security advocate, for GitLab.
  • Shaan Mulchandani, AWS security practice, for Accenture.

The New Stack Publisher Alex Williams hosted this episode.

DevSecOps: Yesterday, Today and The Future

Everyone Loses with Sexism

Last month saw the release of Susan Fowler’s "Whistleblower: My Journey to Silicon Valley and Fight for Justice at Uber." You might remember Fowler during her time at Uber, where she worked as a software engineer, where she gave a number of useful talks on microservices.  

In early 2017, she penned a blog post that laid bare the rampant sexism and sexual harassment she experienced while at Uber. One her first day at work, she was propositioned by her supervisor, “Jake,” over chat. When she brought the issue to HR, they deflected it, claiming that Jake was a valued asset to the company, and that this was his first infraction anyway. 

This turned out not to be the case. In fact, HR for the ride-sharing service had defended Jake from multiple claims of harassment. Jake did not get punished, and Fowler, according to her own retelling of events, was reassigned to another department and was retaliatorily gaslit in subsequent performance reviews. Naturally, she left the company the first chance she got.

But Jake was not just an isolated case of inappropriate behavior. In fact, his attitude towards those he supervised was symptomatic of the entire Uber culture itself. As Fowler pointed out in the book, “Disregarding laws, rules and regulations was so entrenched in Uber's culture that managers within the company seemed to believe that various rules, including employment law and basic human decency, no longer applied to them."

Through the long string of negative press the company subsequently received, one can see this toxic ethos in action.

Only after Fowler’s post went viral, and the world was exposed to the ride-sharing service’s dirty laundry, did the company take her complaint seriously. It hired Eric Holder, former U.S. Attorney General, and Tammy Albarrán to conduct an independent review regarding the specific issues raised by Fowler, as well as provide an assessment of the diversity and inclusion at Uber. Resultantly, 20 employees were fired, right on track, and the company CEO Travis Kalanick took a leave of absence.

But, aside from lost goodwill, the real loss to Uber was not only of Fowler’s engineering talent, but her early-warning signal that something with the company culture was not right. Sexism is everyone’s problem.

Why Observability Needs to Stay Weird

Observability isn’t about three pillars, or dashboards or a particular product. It’s about how we think about change, and how we manage the effects of that change. An observability mindset eschews blind monitoring and alerting; rather, it puts people in the center of the process of running reliable software, and asks them “how can I help?” rather than “do this now.” Check out this provocative sponsored post by LightStep’s Austin Parker.

GitOps Made Simple with Flux

With Git you push your code changes to the repository. With GitOps, those changes can be done to the configuration of an infrastructure. But what is on the other side, pulling the changes and incorporating them into operation? Meet Container Solutions’ Flux, Kubernetes-native GitOps operator. In an infrastructure managed by Git, Flux connects to your Git repository and watches for all changes on a specific branch and folder. When a commit occurs, Flux will operate on the cluster in order to deploy those changes. Using Flux means that no external tool or script, granted with a cluster access, needs to be triggered in the repository pipeline in order for new or changed code to be deployed in the environment.

CNCF Reschedules KubeCon+CloudNativeCon Europe 2020 Amid Coronavirus Concerns

Due to the growing concerns around the rapid spread of Coronavirus Disease, the Cloud Native Computing Foundation (CNCF) has decided to officially cancel and reschedule its upcoming 2020 KubeCon+CloudNativeCon in Amsterdam next month, originally scheduled for March 30 - April 2. The event is currently expected to be rescheduled to a yet-to-be-determined date in July or August 2020, with the North America event in Boston next November expected to occur as planned. The CNCF will also completely cancel KubeCon + CloudNativeCon + Open Source Summit Shanghai in July 2020.

On The Road



GlueCon is not for you if you want to learn business practices. It is your conference if you are a developer wanting to learn the latest technical trends to meet your organization’s business requirements. Microservices, continuous delivery, and serverless technologies will all be topics discussed at GlueCon’s 12th annual conference. Register now!

The New Stack Makers podcast is available on: — Pocket CastsStitcher — Apple PodcastsOvercastSpotifyTuneIn

Technologists building and managing new stack architectures join us for short conversations at conferences out on the tech conference circuit. These are the people defining how applications are developed and managed at scale.
Copyright © 2020 The New Stack, All rights reserved.

Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list

Email Marketing Powered by Mailchimp