feat: Add speaker and program files for Annie Hedgpeth, Debo Ray, Zoë Chalfant, and Scott Bly

omargohan · omargohan · commit 4970b3e0359f · 2024-12-27T10:12:06.000+01:00
diff --git a/content/events/2025-los-angeles/program/annie-hedgpeth.md b/content/events/2025-los-angeles/program/annie-hedgpeth.md
@@ -0,0 +1,18 @@
++++
+Talk_date = "2025-03-07"
+Talk_start_time = "15:15"
+Talk_end_time = "15:30"
+Title = "Firewalls and Friendships: Building a Balanced Professional Network"
+Type = "talk"
+Speakers = ["annie-hedgpeth"]
++++
+
+Many people really struggle with intentional career networking. It can seem scary or pointless or overwhelming, so they end up falling back on default networking, only maintaining professional relationships with those in their immediate circle of influence. Others are very intentional with their networking but end up being takers and not givers, offending those in their network. Still others are worried about asking for anything from their network for fear of seeming like a taker. Being a genuine person in the corporate world is a tricky business.
+
+I'm going to use basic IT systems networking concepts to illustrate career networking concepts in a way that DevOps folks can easily visualize. I will share my experiences with authentic career networking through the lens of systems networking, the good and the bad. Sometimes it has worked out favorably for me, a well balanced ingress and egress! And other times it has left me feeling super crappy and used, egress only sharing. All of it has been educational and has shown me how to be a better network-friend, a well-balanced router and have healthy firewalls. I want to share it all with you in hopes of seeing more authenticity and generosity in our shared work world.
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/program/debo-ray.md b/content/events/2025-los-angeles/program/debo-ray.md
@@ -0,0 +1,26 @@
++++
+Talk_date = "2025-03-07"
+Talk_start_time = "15:30"
+Talk_end_time = "15:45"
+Title = "Strengthening Vulnerability Management in Cloud Development Environments"
+Type = "talk"
+Speakers = ["debo-ray"]
++++
+
+Effective vulnerability management is essential for secure cloud-native environments. This talk covers key elements like asset tracking, SBOMs, and risk prioritization. Attendees will learn how to implement monitoring pipelines to detect threats early and evaluate vulnerability impacts in fast-paced DevOps workflows.
+
+Actionable Takeaways:
+
+- Establish scalable vulnerability management processes tailored for cloud-native development.
+
+- Leverage SBOMs to track software components and manage vulnerabilities effectively.
+
+- Develop prioritization techniques to address security risks based on impact and likelihood, enabling faster, targeted responses.
+
+This talk aims to equip attendees with a clear framework for proactive vulnerability management that aligns with the speed and scale of modern cloud environments.
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/program/scott-bly.md b/content/events/2025-los-angeles/program/scott-bly.md
@@ -0,0 +1,24 @@
++++
+Talk_date = "2025-03-07"
+Talk_start_time = "17:00"
+Talk_end_time = "17:45"
+Title = "Adding API Security to your DevSecOps Toolbelt"
+Type = "talk"
+Speakers = ["scott-bly"]
++++
+
+How do you integrate API Security into your DevSecOps processes? You have DevOps tooling and CI/CD pipelines for your product release cycle. Your Dev & Ops teams work well together. You started a DevSecOps transformation to Shift Left and test code security in pipelines. But how do you integrate the Security teams into DevOps to achieve true DevSecOps? Then, how do you integrate APIs, as they are behavior-based? Traditional AppSec can't identify vulnerabilities in API consumption. Learn how to integrate API testing into Shift Left DevSecOps pipelines to eliminate vulnerabilities. Learn how to bring Dev, Sec, Ops teams together to improve Mean Time To Remediation, and keep your teams happy!
+
+The Problem:
+
+DevOps Release code to market faster Traditional release 1-2x annual fails at cloud scale DevOps tooling, microservices architecture allow independent releases DevOps culture grew organically as Dev and Ops teams learned to work harmoniously. DevSecOps Newer thinking - security integration to DevOps processes, AppSec integration to pipelines improved code security But developers are still incentivized to get features to market fast Ops teams are incentivized for uptime and keeping dev teams moving Security teams are incentivized to reduce risk, in opposition to above objectives. Risk reduction slows development, blocks code release due to late stage vulnerability discovery. Shift left moves discovery earlier, but security teams are already stretched thin. API security is behavior based, not traditional code security discoverable, so how do you add this?
+
+The Solution
+
+Shift further left Integrate Security teams even earlier in the pipeline - catch problems at the design stage. APIs are products that deliver data, and the business problems can be caught at design stage as well, Tooling API Scanning tools can integrate to CI/CD pipelines, shifting left into the existing test/build phases But they require live dev environments to test API behavior, Culture DevSecOps triad in large orgs are siloed Form DevSecOps Center of Excellence as first steps Share best practices Co-host technical trainings Co-host social events to bring teams together organically Cross-incentivize.
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/program/zoe-chalfant.md b/content/events/2025-los-angeles/program/zoe-chalfant.md
@@ -0,0 +1,20 @@
++++
+Talk_date = "2025-03-07"
+Talk_start_time = "16:00"
+Talk_end_time = "16:45"
+Title = "Staying Sane In Technology Careers: Managing Mental Health"
+Type = "talk"
+Speakers = ["zoe-chalfant"]
++++
+
+Mental health is a salient topic of concern in the tech industry. Indeed, our industry in particular attracts individuals with a seemingly higher-than-average incidence of neurodivergence or neuroticism. Attending to one's mental health is an important aspect of managing a career for the long term in an industry that can revolve around textual communication, create fewer opportunities for meaningful social interaction than other careers, and increases the potential for social isolation with the advent of widespread remote work. 
+
+Discussing mental health can often be stigmatized, especially in an industry such as ours where company cultures can inculcate impostor syndrome and a pressure to perform at increasingly high levels, as well as a high pace of execution and meeting demanding delivery deadlines. While "self-care" and "work-life balance" are often touted as values, these ideas can be vaguely articulated and encouraged only in the abstract. Self-advocacy for creating space for attending to mental health can be challenging, and we often lack the language, skills, and confidence to navigate investing in one's own mental health.
+
+Indeed, it is crucial to pro-actively create space to manage mental health -- developing the self-awareness to know when one needs a break, whether that means planning for sustainable work pace or taking time off, is very important. And when crises do happen, having the confidence to take a leave of absence or find a different position where expectations can be more sustainable is critical, especially in an industry that touts perpetual "growth mindset."
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/speakers/annie-hedgpeth.md b/content/events/2025-los-angeles/speakers/annie-hedgpeth.md
@@ -0,0 +1,20 @@
++++
+Title = "Annie Hedgpeth"
+type = "speaker"
+image = "annie-hedgpeth.jpg"
+linktitle = "annie-hedgpeth"
++++
+<h3>
+Co-Founder
+Hedge-Ops Software
+</h3>
+
+<p>
+From film to engineering, Annie's career has seen many iterations. She is a keen observer of what works and what doesn't, striving always to make the right thing to do the easy thing to do. Annie and her husband, Michael, are raising their three teenagers in Boulder, CO. She's currently working on a project to make doing the right thing with your career the easy thing to do. Find out more at people-work.io.
+</p>
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/speakers/debo-ray.md b/content/events/2025-los-angeles/speakers/debo-ray.md
@@ -0,0 +1,22 @@
++++
+Title = "Debo Ray"
+type = "speaker"
+image = "debo-ray.jpg"
+linktitle = "debo-ray"
++++
+<h3>
+Co-Founder, COO
+DevZero
+</h3>
+
+<p>
+Rob Fletcher is the Co-Founder and Chief Operating Officer of DevZero, a Seattle-based startup specializing in cloud-based development platforms that enable developers to write and test code in production-like environments.
+
+Before founding DevZero in 2021, Rob held significant roles in security engineering at major tech companies. He served as Head of Product Security at Uber, leading a team of over 45 security engineers, engineering managers, and product managers. Following his tenure at Uber, he became a Security Engineering Manager at Meta (formerly Facebook).
+</p>
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/speakers/scott-bly.md b/content/events/2025-los-angeles/speakers/scott-bly.md
@@ -0,0 +1,28 @@
++++
+Title = "Scott Bly"
+type = "speaker"
+image = "scott-bly.jpg"
+linktitle = "scott-bly"
++++
+<h3>
+Director, API Security Practice
+iSOA Group
+</h3>
+
+<p>
+Scott Bly is the Director of the API Security Practice at iSOA Group where he leads customer DevSecOps transformations through an API-first journey of cyber maturity and continual improvement.
+
+Scott has served as a Cybersecurity Technical Account Manager (TAM) at Noname Security, and he led teams of TAMs at AWS where he ran the Enterprise Support Security Improvement Program, which has assisted thousands of customers to measure and improve their cloud security postures.
+
+Scott's background as a film production major at USC and longtime IT Consultant was the perfect fit during his tenure as the Director of IT for the American Film Institute, where he led their digital transformation and migration to the cloud.
+
+Scott has served as a Cybersecurity Solutions Architect and holds more than 50 certifications in IT and security, including CISSP and CISM, and from vendors such as Fortinet, Cisco and AWS.
+
+Scott lives in Santa Monica with his wife, son, and two cats.
+</p>
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
diff --git a/content/events/2025-los-angeles/speakers/zoe-chalfant.md b/content/events/2025-los-angeles/speakers/zoe-chalfant.md
@@ -0,0 +1,22 @@
++++
+Title = "Zoë Chalfant"
+type = "speaker"
+image = "zoe-chalfant.jpg"
+linktitle = "zoe-chalfant"
++++
+<h3>
+Staff Platform Engineer
+BabyList, Inc
+</h3>
+
+<p>
+Zoë Chalfant studied Political Science and East Asian Languages and Civilizations at the University of Chicago. She worked for approximately 8 years at Facebook/Meta as a Production Engineer. Currently she is a Staff Engineer at BabyList, Inc working on infrastructure systems.
+
+Partially trained as a psychotherapist, she volunteers as a phone counselor at the Seattle-based Crisis Connections hotline and volunteers with the Puget Sound Rangers (Burning Man affiliated) as an at-event crisis counselor who provides counseling to participants having intense emotional or other kinds of experiences. She also volunteers as a staff historian with the Burning Man Project.
+</p>
+
+<style>
+  p {
+    text-align: justify;
+  }
+</style>
