►
From YouTube: Brainstorm on Quality risks for Defend features
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
B
They
yeah
so
we've
got
this
agenda.
I
know
Mike.
You
you
met
with
waiting
about
some
of
this.
Previously
he
wasn't
able
to
make
it
today
so
I
think
the
goal
of
this
meeting
is
to
identify
areas
where
we
are
accepting
a
greater
risk
within
defend
and
we
could
use
assistance
from
our
SDT
counterparts
to
fill
some
of
those
gaps
like
I
just
said
before
you
called
Mike
I.
Think
one
of
the
areas
that
we'd
identify
early
on
and
Tanya
Tanya
had
worked
with
Thomas.
B
Would
him
on
this
was
around
load
testing
graph
to
provide
an
example
but
I
think
there's.
The
goal
of
this
meeting
is
to
identify
other
areas
that
are
similar
to
that.
So
looking
at
this
agenda,
it
looks
like
this
has
been
broken
down
into
sort
of
general
defend
areas
and
then
each
of
our
groups,
so
the
groups
are
then
defend
right
now
our
secure
container
security
and
threaten
sites.
C
So
before
you
before,
jumping
I
want
to
take
take
a
step
back
so
I'm
the
current.
So
everybody
is
aware
the
current
team
structure
right
now.
We
don't
have
anyone
for
defend
and
that
is
going
to
improve.
When
we
have
the
the
plan
hiring
opening
up,
we
only
have
one
person
for
for
secure,
and
maybe
we
can
quickly
prioritize
this
one:
the
secure
test
gap,
integrating
tests.
We
can
maybe
switch
and
work
only
on
the
highest
priority
items
for
this,
and
that
says
how
things
are
gonna
be
I'm.
C
Trying
to
set
expectations,
gonna
be
how
things
will
be
until
we
get
more
help
on
our
side
and
to
be
to
be
completely
honest
and
transparent.
We
did
planned
staffing
for
both
secure
and
defend
earlier
on
last
year.
However,
when
the
product
world
map
was
revised,
the
headcount
for
those
positions
I
think
we
have
three
people,
it
was
removed,
and
now
we
only
have
one
so
I
think
that's
that's
something
that
when
the
the
opportunity
opens
up,
we
need
a
counterpart
here.
C
I
would
I
would
love
to
have
support
from
you
to
help
help
at
the
case
for
this,
because
the
teams
are
stretched
in
the
dev
side
of
things.
You're
working
on
get
Leo
J
a
big
prospect
there.
It's
waiting
for
it,
ci
is
busy
as
well
and
named.
Owen
has
a
bunch
of
self-managed
customers
that
we
need
to
land.
I
with
a
50k
reference
architecture,
so
everyone
is
busy,
but
we
will
try
to
make
it
work
and
we
prioritize
aggressively
to
get
things
done.
Iteratively
so
just
want
to
put
that
put
that
forward
out.
First.
B
Thanks
Mike
I
wanted
to
speak
to
the
logic
and
having
someone
shared
across
secure
and
defend
that
I
think
there's
a
lot
of
value
there
and
that
we
do
have
a
good
amount
of
overlap.
I
mean
if
someone
has
got
a
lot
of
expertise
or
knowledge
around
the
Stanners.
That
secure
team
supports
it's
just
a
it's
a
logical
leap
to
be
assisting
with
things
like
the
security
dashboards.
I,
don't
know,
that's
not
that's
not
necessarily
the
case.
What's
container
security
but
I
think
there's
a
lot
of
logical
overlaps
between
the
two
stages.
C
C
D
Only
thing
that
would
be
close
enough,
for
that
would
be
the
ability
management.
So
what
we
could
there's
none
of
my
abilities,
because
it's
tight
with
secure
in
without
the
reserves
from
secure,
are
going
to
be
digested
and
and
presented
by
determination.
But
that's
pretty
much
it.
Okay,
that
we
can
completely
mark
that
data.
C
Okay,
before
we
go
ahead,
can
we
please
put
like
a
rough
variety
on
on
the
list
here
on
the
like?
Was
it?
Is
it
both
continuous
security?
We're
looking
at
and
put
in
sites?
Is
that
where,
where
we
stand
here
on
like
what
are
they,
what
if
I
were
to
get
a
list
from
from
all
of
you
on
what
is
the
highest
item
to
work
on
highest
priority
item?
How
would
you
stack
rank
it
for
me
as
a
team.
E
E
Talk
to
plan
ahead
this
time,
but
I
would
actually
heard
you
that
my
group,
the
container
security
group,
is
definitely
the
highest
priority.
I'll
just
go
ahead
and
vocalize
when
I've
got
there.
So
container
security
is
different
from
all
other
things
in
all
of
get
lab,
because
container
security
is
really
focused
around
productive,
protecting
the
customers
code,
while
it's
running
in
a
production
environment,
so
secure
is
scanning
things
before
it
goes
out
to
production.
Everything
else
is
pre-production.
E
This
is
the
one
thing
that's
post
production
in
all
of
gitlab
and
so
with
the
Web
Application
Firewall,
for
example,
we're
actually
sitting
in
line
in
front
of
the
customers,
running
application
and
the
outside
world,
and
so,
if
we
have
a
bug
there,
it's
not
in
just
get
lab
that
we're
breaking
anymore.
You
know
it's
not
oops
get
lab
broke,
don't
worry,
we'll
fix
it
real
quick!
This
is
the
customers
production
environment
that
we
just
crashed,
that
we're
at
fault
for
and
that's
a
very
big
deal.
E
You
know
that's
not
what,
when
those
kinds
of
bugs
arise,
it's
not
easily
forgotten
or
forgiven,
and
it's
I
would
say
that
that
is
a
huge
risk
that
we're
taking
on
as
gitlab
in
our
lack
of
testing
of
those
environments
today,
so
I
would
put
that
definitely
as
top
priority
I
would
put
it
above
threat.
Insights
I
would
really
put
it
above
most
of
the
other
testing
that
happening
and
get
labs
just
because
we're
actually
crossing
that
boundary
into
customers
production
environments
rather
than
to
get
a
lot
of
product
at
all.
Okay,.
E
D
D
D
B
C
Cool,
so
sorry,
I
was
late.
We
have
15
minutes
left,
so
we
identify
the
top
one
to
work
on
now.
If
I
were
to
restructure
this
right,
the
work
that
we
need
from
a
test
infrastructure
standpoint
I
want
to
solve
it
from
my
own
way
that
anything
that
will
has
already
done
that
we
can
reuse
anything
that
the
other
teams
have
been
doing.
I
see
ke
ke,
ku
Vinay
discuss
to
hear
that
I
out
dive.
C
He
is
not
ironing,
it
I,
think
of
k2
es,
which
is
like
a
docker
container
that
has
kubernetes
mechanisms
built
in
and
we
now
have
transition
away
from
testing
against
a
real
cluster,
because
KC
has
speed
stuff
that
the
deployment-
and
it
says
you
can
test
the
auto
devops
part
pretty
fast.
So
we
could
look
into
that
to
speed
up
the
things
I'm
looking
at
and
if
I,
what
are
the
pillars
that
we
can
work
on
and
piece
together.
What
we
have
done
before
set
up
something
fast
and
easy?
C
Well,
maybe
maybe
have
it
before
someone
joins,
or
at
least
have
a
plan
in
place
and
have
work
in
progress
before
we
have
a
dedicated
counterpart
here.
So
with
that,
should
we
just
touch
on
Tiago
still
comment
there
until
there's
an
end
to
insects
and
there's
a
number
of
things
highlighted
there
under
a
B,
a
B
and
C
show.
A
Or
verbalize
that
quickly,
this
is
three
three-part
risk.
One
is
around
cost,
so
you
started
addressing
addressing
that.
Perhaps
there's
an
alternative
to
deploying
a
full
kubernetes
cluster
so
that
that's
good.
We
have
a
mitigation
on
there
on
the
second
one,
I,
don't
fully
understand
how
the
end-to-end
case
QA
specs
work
yet,
but
apparently
they
don't
run
on
merge
requests,
understandably,
due
to
cost
constraints,
they
do
run
on
when
it's
merged
master.
A
That
creates
a
gap
for
a
chance
there
where,
if
things
emerged
and
then
integration
so
say
say
the
orchestration
team,
the
example
I'm
giving
actually
happened
is
what's
on
C.
The
orchestration
team
changes
one
of
the
helm,
charts
that
installs
dependencies
that
defend
uses
in
in
kubernetes
and
then
that
no
longer
works
for
the
different
features.
We
wouldn't
know
that
until
that
runs
on
master
and
by
that
time,
if
it's
all
master,
is
gonna
get
released
eventually,
so
we
will
be
racing
against
the
clock
again.
A
C
A
A
Asking
for
some
pointers,
not
not
gonna,
ask
him
to
switch
browsers
anything,
but
you
do
still
sit
on
our
rotation
pressurization
for
Matt
and
Sam
to
to
look
at
well,
mostly
Sam,
I.
Think
there's
nothing
for
you,
Matt
and
yep,
and
on
coverage
I'm,
just
I'm
flying
a
little
bit
bit
blind
there
at
the
moment.
C
C
C
A
Because
we
yeah,
we
just
depend
on
on
the
helm,
charts
working
correctly,
so
we
can
install
the
pen
sees
there
might
be
some
stuff
around
telemetry
I,
don't
know
if
you
know
enough
about
that
Philippe
to
to
comment
now.
I
would
start
with
the
with
that,
with
orchestration
and
until
every
second
okay.
C
C
C
What
can
we
do
to
make
sure
that
they
get
a
faster
feedback
loop
from
you,
and
it
could
be
some
checks
that
one
in
their
pipeline
to
say,
hey,
you
change
this.
You
got
to
make
a
lot
of
people
unhappy
in
the
other
side
of
the
company,
because
you're
breaking
their
dependencies.
So
it's
not!
It's
not
like.
C
A
Touched
on
a
good
one
there,
the
patterns,
I,
think
I.
Think
that's
a
good
path
to
go
down.
I've
spoken
might
have
been
with
the
Netanya
someone
else
in
your
team
about
identifying
foul
paths
in
the
application
that
that
would
be
a
dependency
for
defend
and
the
helm
charts
says
yep
following
that,
and
then
we
can
either.
E
A
C
I'm
thinking
I'm
thinking
of
like
it's
really
hard
to
test
an
end-to-end
thing
on
distribution,
because
what
we
end
up
doing
is
in
that
pipeline,
they
actually
reuse
give.
Actually
they
come
with
a
set
of
version
containers
and
they
just
run
rerun.
He
lucky
way
on
all
those
flavors.
So
it's
the
coverage.
There
is
okay,
it
can
be
better,
obviously,
but
we
need
to
target.
How
can
we
this
detect
it
earlier
on
and
it
meant
it
might
not
even
be
a
test.
Maybe
some
analysis
like
hey,
you
changed
its
fall
pattern.
C
It's
you
changing
his
path.
It
does
have
to
be
an
end-to-end
but
like
if
you
change
something
and
admits
matches
the
container,
it
was
not
gonna
work
for
this
group
and
then
fix
it
before
before.
You
merge
it.
That's
probably
the
the
smallest
iteration
you
can
do
to
to
to
solve
this,
and
then
we
have
this
in.
Let's
measure
it.
C
If
we
have
it
in
if
it's
working
as
intended
fast
forward
a
few
weeks
or
at
least
from
now,
we
should
be
seeing
less
breakages
of
this
and
then,
if
we're
still
seeing
it
means
that
we
probably
need
to
close
out
like
add,
more
I,
have
more
analysis
there
to
make
sure
if
we
catch
it
so
yeah.
That's
that's
I!
Think
that's
the
plan
for
point
B
time,
yep.
C
We
have
the
same
problem
in
all
the
other
feature
areas.
What
I'm
trying
to
push
for
with
infrastructure
is
to
get
a
sanitized
version
of
production
data
inside
staging
and
that
will
trigger
a
lot
of
the
painful
data
shapes
that
you
don't
really
see
in
a
in
a
very
clean
environment.
It's
it's.
This
really
nasty
data
shapes
that
trigger
delays
and
optimize
queries
on
our
end.
I
want
to
see
how
we
can
adapt
this
this
this
playbook
and
solve
it
for
for
defend.
C
E
Again,
talking
about
actually
customers,
runtime
environments,
this
would
be
in
the
kubernetes
cluster
monitoring
things
like
network
latency
coming
in
and
out
of,
there
deployed
kubernetes
cluster
as
well
as
even
just
like
CPU
memory
usage
uptime.
You
know
making
sure
that
if
we
run
for
a
really
long
time
and
I
really
high
followed
you
is
there
a
memory
leak
somewhere
that
eventually
causes
us
to
crash.
You
know
those
types
of
bugs
would
be
things
to
watch
out
for
I,
see.
E
C
C
Now
we
don't
have
a
performance
environment
for
four
for
this
group,
so
that
is
the
only
something
we
can
I
will
treat
that
like
a
service
testing,
where
I
would
just
ask
someone
from
another
group
to
maybe
set
it
up
and
then,
if
this
group
can
start
to
use
it
and
maintain
it
at
a
limited
capacity
until
someone
as
a
permanent
counterpart
from
SCT
can
come,
I
think
that'll
be
great,
but
this
is
probably
a
longer
running
past
I
think
I
think
0.33
a
3
be
something
we
can
aim
to
knock
out
sooner.
C
C
Let's,
let
me
talk
to
the
team
on
on
this.
If
you
can
link
me
the
breakages
in
the
helm,
charts
that'll
be
great.
Let's
start
with
that
proof
really
just
linking
to
point
B
here,
I'll.
E
C
I'll
run
by
the
team,
probably
the
engine
productivity,
because
they
they
know
helm
charts
like
the
back
of
their
hand,
you
can
add
something
there
for
the
distribution
team
and
add
some
checks
and
see
we
get
help
and
relief
there
and
then
we're
gonna
aim
to
maybe
touch
base
again
after
oddly
having
that
iteration
done
so
maybe
maybe
three
weeks,
let's
just
have
a
sink
again
and
then
see
where
we
are
from
there.
How
does
that
sound.
D
C
D
We
are
all
running
away,
just
wanna
make
sure
that
were
on
the
same
page,
with
what
defend
is.
We
talked
about
a
lot
about
M,
charts
and
communities
and
everything.
It
is
this
earth
of
different
rights,
you're,
aware
of
that,
the
other
life
is
very
busy
management
and
we
don't
have
any
coverage
for
that
which
is
pure
right.
D
C
A
A
C
A
Important
one
I
didn't
make
the
call
whether
it's
the
most
important
Roth
III
raised
it,
but
I
couldn't
judge
where
they
still
I
think
both
are
important,
because
one
is
where
the
cash
cow
is
and
it's
what
there's
the
most
uses.
The
other
one
has
the
highest
impact
to
customers:
I'm,
not
in
position
to
make
that
judgment
and
I.
B
D
E
Well,
you
say:
yes,
Imperium
I,
think
P,
AMA,
yeah
I,
think
P
amount,
priority,
I,
think
you'll
be
David.
Yeah.
C
Cool
so
we
can
talk,
a
sink
doesn't
have
to
be
a
next
two
weeks
to
revise
this,
but
right
now
things
that
I
can
digest
and
give
it
to.
The
team
seems
to
be
three
be
right:
the
helmet
our
dependency
breaking
other
things
we'll
need
more
infrastructure
work.
So
let's
keep
the
conversation.
Channel's,
open,
I'll
work
on
this,
the
first
thing
first,
and
that
we
can
revisit
maybe
async.
Let's
talk
in
the
quality
Channel
and
then
we
can
go
from
there
and
crossing
document.