Keynote Speaker
Emily Freeman (author of DevOps for Dummies and Principal – DevOps Solutions at AWS)
Drafting Success
Writing a book is the hardest achievement I’ve set out to accomplish. I finished it like a marathoner at the end of a long race, crawling toward the finish line. I was empty. But finishing the book isn’t the interesting story. The journey is where I learned the valuable lessons. Only in the tears and the toil, in the mud of my own emotions and self-doubt, did I learn the truths of struggle, resiliency and creative work.
Engineering software is creative work. Yes, we talk about algorithms and lambdas. But our work transcends science and technology. I believe we need to rethink the definition of success, learn to write the first draft and work as a community to better technology. It’s the lessons I learned in the trenches of my own creative work that I think we can apply to our DevOps organizations.
Speaker Bio: Emily is the author of DevOps for Dummies and Principal – DevOps Solutions at AWS. Her experience spans both cutting-edge startups and some of the largest technology providers in the world.
Emily is best known for her creative approach to identifying and solving the human challenges of software engineering. It is rare in the technology industry to find individuals equally adept with code and words, but her career has been defined by precisely that combination.
Emily is a technologist and a storyteller who helps engineering teams improve their velocity. She believes the biggest challenges facing developers aren’t technical, but human. Her mission in life is to transform technology organizations by creating company cultures in which diverse, collaborative teams can thrive.
MacDevOpsYVR 2021
Note: The speakers and talks are subject to change
Estela Baca (CrowdStrike)
5 Minute Talk
MacOS: A Quests to Find Vulnerability Land
This info moment will expose the difficulty that Security Engineers, System Admins, and users, in general, have while trying to find information about Vulnerabilities and remediations for MacOS. Mac disclosure of vulnerabilities is hard to find making the investigation process for patching difficult and lengthy. For example, there is an existing issue for 10 years (CVE-2021-3156) but there is no accurate way to check for documentation since this is the first time that is being documented for Mac OS systems but not through Apple’s official site. We will compare the way Microsoft presents their vulnerabilities with details but Apple doesn’t have a one-stop site link where this information is displayed. In some cases, users have to ask Apple directly for vulnerability information rather than having a one-stop-shop site. Users need to go to multiple sources to find bits and pieces of information to confirm if a given MacOS vulnerability was resolved. Mac should implement a way to allow their users to find in one-stop accurate information about vulnerabilities, product affected, and resolution times.
Speaker Bio: Estela Baca is Cybersecurity Technical Account Manager who enjoys exploring new software technologies, development tools, the latest technology trends, etc. In her free time, she enjoys reading Cybersecurity white paper reports and listening to the Black Hills podcasts to be up to date with the latest Information Security news. She is also passionate about reading biographies of world leaders to try to understand socio-cultural views that helped shaped today’s society.
Armin Briegel (Scripting OS X)
15 Minute Talk
The Encyclopedia of Packages
This session will discuss what different kinds of packages there are, how you can tell them apart, when you need which kind of package, whether you need to sign or notarize and the options for creating them. We will explain best practices and discuss the different tools available.
Speaker Bio: Armin Briegel has been managing Macs and their users for over twenty-five years and probably held most existing technical job titles at one time or another. He worked for nearly ten years at Apple in Germany and the US as a Systems Engineer, Consulting Engineer, and Solutions Architect. Then, he put theory into practice as a System Administrator at University of California. He currently lives in the Netherlands and writes on his weblog, scriptingosx.com and has published five books for Apple Administrators scriptingosx.com/books
Chad Calease (Ntiva)
15 Minute Talk
Resume Hacking: Making the Jump to InfoSec
In 15-minutes or less, I’ll share insights I’ve gathered from my experiences participating in and running Career Hacking Villages at hacker cons like DerbyCon, GrrCon, and PancakesCon. Looking to make a transition to InfoSec? Come thrü!
Speaker Bio: Chad is the Cyber Resilience Lead on the Apple Managed Services team for an MSP in N. Virginia, US. His Twitter bio sums him up well: Parent, partner, ludic, grateful for many gifts. Mom said, “There’s always one weirdo on every bus,” but I can never find them.
Jon Crain (Unity Technologies)
5 Minute Talk
GitHub Actions for the MacAdmin
GitHub has unlimited runners available for public repositories, including macOS runners. This talk will include some helpful resources and ideas for getting started with this powerful tool.
Speaker Bio: Jon is a Client Platform Engineer at Unity Technologies.
Csaba Fitzl (Offensive Security)
30 Minute Talk
Mitigating exploits using Apple’s Endpoint Security
In this talk I will introduce the basic concepts behind some of the attacks using privacy (TCC) related bypasses and privilege escalation to root through XPC services. I will talk about how they work, and what they make possible. Then we will discuss Apple’s Endpoint Security framework, how it works, and how someone can use it.
Speaker Bio: Csaba graduated in 2006 as a computer engineer. He worked for 6 years as a network engineer, troubleshooting and designing big networks. After that he worked for 8 years as a blue and red teamer focusing on network forensics, malware analysis, adversary simulation and defense bypasses.
In the past two years his main focus is macOS security and found numerous vulnerabilities in both macOS and third party applications. Currently he is working as a content developer at Offensive Security. He gave talks and workshops on various international IT security conferences, including Hacktivity, hack.lu, Troopers, SecurityFest, DEFCON and Objective By The Sea.
Ben Greisler (Kadimac Corp)
30 Minute Talk
What I Should Have Thought About Before Archiving 263TB to the Cloud
Let’s chat about the process of moving hundreds of terabytes of data to the cloud as a preventative measure to keep the data safe during the physical move of a storage array. What is normally a no-brainer with tens of terabytes becomes a different animal with hundreds of terabytes. One client, one consultant and two vendors collaborate to make this happen. It was not without its trials and terror and it taught me to ask questions that I didn’t know to ask before. Now I want to share.
Speaker Bio: I’m a speaker, author and most importantly, trusted resource to my clients. I’ve been around the Apple as a user world since the beginning of the company and for over 20 years as an IT professional. I truly enjoy my clients, their creativity and the magic they bring to the world. I am lucky to be able to help them achieve their goals.
Lucas Hall (Slack)
30 Minute Talk
Making SimpleMDM Complicated
Or Considerations in systematically managing your devices via a MDM vendor with a working API.
Explore API and event driven architecture built on top of SimpleMDM’s API. Streamlining and customizing enrollment to advanced off-boarding workflows and automation. Utilizing SimpleMDM’s Webhook to invoke systematic change or change requests within your infrastructure. Oh and who doesn’t love logs?
Speaker Bio: CPE @ Slack
Remote in Bellingham WA
Hannes Juutilainen (University of Jyväskylä and Core Service Oy)
Munki Admin tips and tricks
30 Minute Talk
Mac admins and IT around the world use Munki, the open source Mac software patch management tool, and many of those also use MunkiAdmin a macOS app to manage Munki. Learn some tips and tricks to be the best Munki Admin using MunkiAdmin to manage Munki to patch your fleet.
Speaker Bio: Hannes is a Sysadmin, developer, and recovering musician. Creator of MunkiAdmin and writer of code (Github), Hannes is a well respected member of the Mac Admins community.
Aspen Lindblom (CrowdStrike)
30 Minute Talk
Shlaying the beast: A playbook for the most pervasive adware on MacOS
Shlayer made its debut back in 2018 and it is still the most common malware infection on macOS. It uses social engineering to trick users into installing and assisting in bypassing Apple’s built-in security features, quickly establishes persistence and immediately installs more adware friends. This talk will go over how Shlayer operates and how to defend against it.
Speaker Bio: Aspen Lindblom is a Threat Analyst at CrowdStrike where she focuses on improving detection capability and efficacy through researching and analyzing malware. Prior to that she was in IT for 8 years before switching to cyber security. While in her IT role her favorite things to do were virus removals, responding to ransomware outbreaks, and figuring out how a security incident occurred. In her spare time she volunteers for CyberDEI and has a passion for Diversity Equity & Inclusion.
Alex Narvey (Precursor)
5 minute quick talk
Mama Don’t Take My ARD Away
When all the computers were at the office Apple Remote Desktop was the one tool to rule them all. But now that everyone has dispersed to the four winds to Work from Home, other tools may not offer the same versatility for remote controllers in sticky situations that require control of login screens, AppleSetup Dialogs, and Migration Assistant runs. Setting up a BlueSky server in Docker can be an inexpensive and fruitful way to use Apple ScreenSharing with remote users who need you to shepherd them through things like Migrations.
Speaker Bio: Alex is a past presenter at MDO and an Apple Certified IT Consultant at Precursor Systems.
Piero Mamberti (GoCardless)
15 Minute Talk
Kanban is your friend or: how I got to love boards (yes, the jira ones too)
How does talking about Toyota end up in a MacDevOps conference? What is Kanban? Can it really make your life better? Let’s go for a quick history of Kanban, its principles, and explore how it can help you deliver faster and higher quality work.
Speaker Bio: Piero is working as a Technical Lead in the IT Engineering team at GoCardless. There, he enjoys building things, refining processes and helping others. He’s been mostly focused on macOS and the opensource world that revolves around managing it, but since stumbling upon the DevOps philosophy, he discovered a keen interest in flow and how to optimise it, he’s kind of a kanban fanboy since then. In his free time, he eats, walks, reads, climbs and learn to code with various degrees of success.
Joel Rennich (Jamf)
30 Minute Talk
You, me and FIDO
A quick run through WebAuthn and FIDO authentication. How it’s supported in browsers you already use, what’s going on behind the curtain and if it makes sense for your workflows. We’ll get a bit into the nitty gritty of how FIDO makes use of the CTAP2 protocol and how this differs from other multi-factor authentication like push or smartcards.
Speaker Bio: Joel Rennich resides in Minneapolis helping Jamf do great things on Apple devices around identity.
In 2016, he released the popular open source application NoMAD and other tools that help to make Mac admins’ lives easier. Before that he spent over a decade working at Apple as an Enterprise Systems Engineering Manager. Prior to Apple, Joel was frequently seen speaking at Macworld, WWDC, and other international conferences and gatherings of Apple-minded admins as the founder of AFP548.com.
James Smith (ANZ)
15 Minute Talk
Speeding up PreStage Packages
Want to make the smoothest possible experience for users when they enrol their Mac using Automated Device Enrolment? Want to make sure that users are aware things are working as expected? This is the talk for you!
While this technical talk will focus on Deploying a package via Jamf Pro’s PreStage Package feature and some crafty scripting, it can easily be adapted to any MDM platform.
Speaker Bio: James is an Engineer for ANZ Bank, he spends most of his time tinkering with Jamf Pro and discovering new and interesting ways to manage Apple devices in the least intrusive way possible.
Rich Trouton (SAP)
30 Minute Talk
Ride on the Release Train – Providing software to your users with superior user experience and minimal drama
This talk will cover how our Release Train process uses AutoPkg, application owners from all over SAP, code review, Jamf Pro and an automated QA process to provide the software, scripts and profiles deployed.
SAP’s Mac team tries to provide SAP’s Mac users with the best experience to be found anywhere, and that includes the software we provide to our user community. An important part of that effort is our Release Train process, which uses an Agile-based app submission, testing and QA process workflow. This operation helps ensure that only the best results are deployed to our user community, while mistakes, problems and other detrimental issues are caught and addressed before deployment to our user’s Macs.
Speaker Bio: Rich Trouton has been doing Macintosh system and server administration for over twenty years and has supported Macs in a number of different environments, including university, government, medical research, advertising and enterprise software development. His current position is at SAP, where he works with the rest of the Apple@SAP team to support SAP’s Apple community.
Rich has also written for Peachpit, Apress and MacTech Magazine on various ways to manage Apple devices. His most recent book with co-author Charles Edge is “Apple Device Management: A Unified Theory of Managing Macs, iPads, iPhones, and AppleTVs”.
John Sharpe (Snapchat)
A (Li|U)nix Syseng Experience Running MacOS at Scale
MacOS has many references to BSD and other *nix’s of yore. Some internal components can still be used or seen in . In this talk, we will give a dive into some of the *nix internals we use to manage a build / test server fleet of MacOS.
Speaker Bio: John Sharpe has years of experience launching and running distributed systems, networks, data stores, and release pipelines for everything from games, web, business intelligence, build and test automation in scales of 10’s to 100000’s of containers and hosts.
Henry Stamerjohann (Zentral Pro Services GmbH & Co. KG)
15 Minute Talk
Useful techniques for a successful Santa deployment
The aim of this talk is to introduce an approach to organizing the Google Santa binary authorization system for macOS and to manage the Santa rules for a more comprehensive deployment scenario.
Starting with a short review of specific requirements to deploy Santa on latest macOS. The next step is to bundle Santa Rules into handy rule sets and see how they can be applied to one or even more configurations.
The talk will finish with practical examples in managing the Santa rules in a git-based workflow, ready to meet demand practices for proper change management, peer review, and further process automation.
Speaker Bio: Henry Stamerjohann is based in Germany and is a returning speaker to MDO:YVR. He is co-creator of Zentral, an open-source event hub that can control Santa and Osquery. He runs a consulting firm with a small team that helps organizations run Zentral on a large scale. They also provide additional expertise in solving Apple Platform Management problems.
Chad Swarthout (Alectrona)
5 Minute Talk
Managing data in disconnected systems: Using automation to sync information
At Alectrona, we manage many customers, users, and computers across multiple MDM instances. Each of our customers provides us data a little differently, depending on what they use internally for asset tracking and their HRIS platform (if they even have one!). In order to keep track of all these things in our internal systems such as our ticketing system, CRM, and MDM, we needed to find a way to have systems talk to each other. We’ll walk you through our internal tool Alectrona Sync and show you how to manage your own data in a more automated way.
Speaker Bio: Chad Swarthout is Founder & CEO of Alectrona, providing Mac management services and software solutions to IT organizations. Chad has been supporting Apple devices in the enterprise for over 15 years providing managed services, training, and consulting services for rapidly scaling companies. Chad and his team released Alectrona Patch in early 2021 to enable organizations to solve one of the most challenging security compliance problems facing IT organizations: patch management.
Ben Toms (dataJAR)
15 Minute Talk
Digging for download URLs for AutoPkg recipes
AutoPkg is a fantastic project, but creating the recipes as the first step of getting a download url for a product can be an interesting adventure.
This talk will show some methods to retrieve download URLs for titles, for use within AutoPkg recipes.
Speaker Bio: Ben Toms, (aka macmule), has been an Apple Admin since before MDM.
Throughout the years, he has been involved with the Apple admin community in various ways including via his blog; macmule.com
Now the Head of Innovation and Platform at dataJAR, he has a wider exposure than ever to technology to help Apple Admins and his own team at scale.
MacDevOpsYVR 