Monday, May 20, 2024

NewCrafts Paris 2024 - A Memorable Conference to Rave About

There are some conferences out there that you hear people speak highly of. NewCrafts is one of them, and I've waited for years for my opportunity to experience it. It finally happened! Thank you Maxime Sanglan-Charlier for having me this year. NewCrafts celebrated their tenth edition, and I celebrated my first. It was a blast.


The Day Before

Travels went well and I had planned to use some of my time before evening activities to go sightseeing. After all, it's Paris! I quickly realized, however, that I just didn't have energy for it, so opted for preparing myself for the conference and taking a break instead. Sightseeing will have to wait for the next opportunity to get there.

The evening before the conference, the organizers invited all speakers to a dinner. They treated us to a fabulous place at Radio France - quite an experience! Great place, great food, even better company.

It's such an awesome feeling to see more and more amazing people come together for these occasions. There are usually some folks that I know already from past conferences which ends up in lots of hellos and how have you been and what have you been up to. There are always speakers I haven't met or not really talked with yet, which allows forming initial bonds. Very exiting, somewhat overwhelming, and still much appreciated.

This time was my chance to re-connect and connect with folks like Romeu Moura, Thierry de Pauw, Elizabeth Zagroba, Marit van Dijk, Zsófia Herendi, Sofia Katsaouni, Aki Salmi, Kenny Baas-Schwegler and Alberto Brandolini. Thanks for making this evening a great start into the conference!

Conference Day 1

It's quite a sight when you walk from the hotel to the conference venue and you're walking straight up to the Eiffel Tower. The venue itself turned out to be really nice, coffee and breakfast treats were served on arrival, and organizers provided a separate speaker room to get prepared. All ready to get started! The first day's program made our choice very difficult, all the sessions were intriguing - I'm glad I'll have a second chance for the talks I missed as all of them were recorded. Even though watching videos usually doesn't really work well for me, I have lots of incentive to do so this time.

  • Keynote: From Pilot to Transformation: Embracing the Reality of GenAI at Scale by Patrick Debois. I did not come with expectations for this talk and was pleasantly surprised that it provided more information about generative AI that I have not come across before, especially around the actual implementation, respective tooling and experience.
  • Team Transformation Tactics for Holistic Testing and Quality by me. I've done this talk a few times by now, and it constantly evolved further. According to people's feedback, this edition seemed to have resonated, and I'm glad it was recorded.
  • Human-centred system design by Trond Hjorteland. It was insightful to learn about the history of the Open Systems Theory, which experiments were run and how concepts evolved. The talk was packed full of insights and conclusions, there's a lot more to go deeper into.
  • Workshop: Architecture Modernization: Understanding your System's Current State using Service Blueprints by Indu Alagarsamy. I wanted to learn a new approach for my toolbox and see if it would help me with my challenges that often involve getting people across roles and teams on a shared page. And this workshop did just that! Service blueprints are diagrams that visualize the relationships between different components like people, systems, or processes that are directly tied to touchpoints in a specific customer journey. It's an approach originating from service design. It brings people together across roles as everyone can benefit from the shared understanding, and helps everyone making better decisions. Indu created a great space to try out creating a service blueprint hands-on, and reflect on the different variants we could use to adapt it to our needs.
  • Effective software design: The role of men in debugging patriarchy in IT by Kenny Baas-Schwegler. I loved seeing this session on such a crucial topic on the program and am really happy I could join it live. I very much appreciate that Kenny used his privilege to lead by example and address these difficult topics and convey very important messages that more people need to hear.
  •  Keynote: Don't Hit the Iceberg by Diana Montalion. I really appreciated the points made, along with the encouragement to do better and participate in creating a better environment together. The iceberg model helped convey the message of how things are connected and how systems drive different behaviors. A great reminder for all of us to look out for the invisible parts of the icebergs we encounter, every day.

A conference is not only the sessions you attend. All the informal times before, in between and after the program are invaluable to learn more. Lunch allowed insightful conversations, this time including Michael Plöd, Susanne Kaiser, Anja Kunkel, and Krisztina Hirth. Right after the conference, there were drinks and pizza served, and a meetup took place at the same venue. It sounded very interesting, yet I didn't make it there as I got caught up in lots of interesting conversations. Finally, as it usually happens at conferences, a dinner group formed for the evening. We all enjoyed some lovely quality time together along with nice food. For me a great chance to catch up with Joep Schuurkes, Kostas Stroggylos, and Markus Tacker


Conference Day 2

Time is flying if so many things are happening. The second and final conference day started, and had once again lots of good stuff prepared for us.

  • Keynote: Power Structures and their Impact on Software by Andrew Harmel-Law. I had high hopes for this keynote as I've seen the speaker with a brilliant talk before. This keynote even exceeded my hopes! Andrew not only presented what I've experienced myself in such poignant ways, they also used their privilege to call out systemic issues that we all must continue fighting to build a better world. My sincere, heartfelt thanks to Andrew for this absolutely wonderful keynote - it's been resonating with me more than I can express and I believe way more folks need to hear it! And on top of this, representation matters and we need to see more neurospicy folks on stage. Andrew included meta talk about themselves, and thus not only provided a role model but also helped normalize talking about the whole topic.
  • Workshop: Leveraging Team Topologies for software evolution by João Rosa. I hoped to learn more about team topologies, potentially uncover mismatches with my mental model about it, and also gain more practice to apply these concepts back at work. The workshop did all this and provided lots of hands-on opportunities to engage with the material. A few things really stuck with me. The core idea to reduce cognitive load and making it the base for our decision making. Shifting our thinking from problem solving to puzzle solving when it comes to designing teams and their interactions, and using the "yes, and" approach to find the next piece. Strategizing against the environment to change it, and intentionally re-shaping towards the future to have the organization aligned in business and tech. Really well structured, explained and facilitated workshop, with an impressive workbook to go with.
  • Shades of Conway's Law by Thierry de Pauw. I'm in awe of Thierry going through all this material on such a complex topic and condense the findings in such a concise manner. There's a lot to digest and think about, and this talk triggered just that. I'll need to keep on thinking about this and matching what I've heard and learned in the talk to what I experience at work, and then to see how I can apply the gained knowledge to help my organization (or at least a sub-part of it) to a better place. Really, so much food for thought in here.
  • My Team Is High Performing But Everyone Hates Us by Stephen Janaway. I hoped for an insightful story from the trenches - and I got one! Could relate with a lot of what had been shared, and loved the condensed playbook with sage advice for our own contexts. Really engaging presentation and great storytelling as well!
  • Bring meaning back to your retrospectives (no matter your role) by Sofia Katsaouni. At first, I didn't plan to come to this talk as I felt I had already engaged with the topic so much in the past, so what's there still to learn right now. After getting to know Sofia better, I decided to join nonetheless and give it a try, allowing myself to find serendipitous new insights. I was not disappointed! I really liked how the talk encouraged everyone to reflect on our own experiences and gain a deeper understanding on what likely happened in certain situations, and how we could approach similar ones differently in the future. Although nothing of what had been shared was completely new, the arrangement was unique and did inspire to take further steps and go deeper into the respective topics, once again.
  • Keynote: Technical Neglect by Kevlin Henney. I've heard Kevlin speak at a conference many years ago and had high hopes for this keynote, especially on the given topic of technical "debt" as it's often called. No disappointment here! It was an amazing and very insightful spotlight on what's so often happening, and also gave tangible advice on how to turn our ships around and get them back on course. This will be a talk I'll refer people to a lot in the future.

What about the rest of the day? During lunch time, I really enjoyed conversations with Vitaly Sharovatov, Minh-Tâm Tran, Elizabeth Zagroba and Joep Schuurkes.

When the conference was over, lots of people had to leave right away. Some people joined for another drink, and we once again found a wonderful dinner group to enjoy the rest of the evening with. Many thanks go out to Marit van Dijk, Mathias Verraes, Alberto Brandolini, Kevlin Henney, Michel Grootjans, and Stéfanie Loiseleur.

That not being enough, of course we ended up in the hotel bar before it was really over. So here's my shout-out to Indu Alagarsamy and Javiera Laso - thanks for the perfect closure of a memorable conference!



Would I recommend people to join NewCrafts? Yes, absolutely. Especially if you want to grow beyond your current position, role and expertise - if you are eager to learn more about the world and the socio-technical systems we're working in. You will not only hear about tech and culture topics that are relevant right now for your work, but also about all kinds of horizon-broadening topics to help you grow further as a human. Add to that a really smooth conference experience, and an inspiring crowd to learn with. People raved about this conference, hence I really wanted to go. Now I'm part of those people, and I really want to come back!

Sunday, March 17, 2024

Contributing in New Ways - Everything Everywhere All at Once

It's been a while since I last wrote down my thoughts about things that happened, things I've done, things that evolved. And a lot had happened since beginning of the year when I announced my personal challenge for 2024. I would have loved to share a lot more frequently about my endeavors in small social media snippets, yet the last months had been not only busy but energy-draining (due to other aspects). There simply wasn't any energy left to share what I'm doing, and I rather spent the energy available on the doing itself.

As I'm slowly getting back to a more sustainable pace, and back to the kind of busy that I personally like and that gives me energy instead of just taking it, I'm finally ready to share a few things.

So, how did I contribute in new ways in the last months?


New Work Contributions

At work, I completed my first backend feature. I've worked on the backend before, yet rather focusing on cleaning up legacy, adding tests, improving things, adapting existing features. Yet I simply never had the opportunity before to add a completely new feature. We currently only have one dedicated backend engineer in the team, so I'm once again filling a gap. Admittedly, a gap that I really like and am way more familiar with than with other endeavors.

I gave a bunch of company-wide learning sessions again, this time experimenting with two new formats. One on offering a dedicated public learning hour on all things security, one on sharing stories from my own team to initiate conversations how to grow the culture we want to see. Both formats were planned as a series of at least five sessions. Both had high quality (though low quantity) audiences so far, and people could take things with them after each session. I am calling that a success.

I've also learned a lot more about very domain-specific compliance topics, processes, audits, and more. These are not topics I'm keen on jumping on (especially compared to the other two), yet it's been another gap to fill and another contribution in a new way.

New Conference Contributions

Speaking at conferences is not a new thing for me anymore. What can be new, however, are new formats, new teaching styles, new session topics, new conferences, and new communities.

I decided to go for new topics and finally submitted my first security-focused conference sessions. I was thinking about this for a long time already, basically ever since I started to invest in security knowledge and skills. Yet it's an especially scary area to step into, and that accounts for conference sessions as well.

I managed to write three new proposals, two workshops and a talk. Two sessions are still waiting for the first conference to give feedback on, one is already accepted! I'll have the honor to give my brand-new "Capture the Flag Together: Security for Everyone" workshop at the free Software Teaming Online Conference 2024. And Lisa Crispin agreed to co-facilitate with me! It's going to be a lot of fun. I just love this conference, and I owe a lot to it. Fun fact, my all-time most booked workshop "Ensemble Exploratory Testing" also has its roots there. Very curious what happens to my new security workshop in the future, and in general to more security-focused sessions. At least the first step is done!

New Community Contributions

Finally, my courageous community contributions! So much to share from the very start. Right after having posted my personal challenge of the year, yet another initiative evolved. I can tell you I'm so very excited about everything. Depending on the initiative, I cannot always share everything publicly right away, yet there's enough to share already!

  • Launch an open space security conference together with Claudia Bothe, Claudius LinkDave van Stein, Janina Nemec, and Ulrich Viefhaus. The TL;DR version: it's happening for real! The Open Security Conference (#osco) will take place on 4-6 October 2024 in Rückersbach, near Frankfurt in Germany. A lot more folks joined as organizers since I last wrote about this initiative. We have further awesome supporters in the closer circle as well. Our website is public (and constant work in progress), first social media presences initiated on Mastodon and LinkedIn. Have you seen our amazing logo created by Janina Nemec? The event will be a full open space conference with the addition of two keynotes to kick it off - one amazing and well-known speaker is already confirmed. We're looking for sponsors, if you have a suggestion for us it's appreciated! Well, a lot more is coming and to be revealed as we go further. There's a ton of more work to be done, this initiative is indeed not getting boring at all. Instead, it's very exciting, and I'm really happy to have such a great organizer team to take this journey with!
  • Create a security card game together with Martin Schmidt and Philipp Zug. This endeavor took shape as well over the last months. We already had a play session, trying out the game for the very first time. It was such a cool experience to test out the preliminary content and experiment with different game mechanics. And it instantly generated lots of more ideas to improve on. This is a really chill and fun activity and we hope to bring it to open space conferences and the world. Check out our Security Card Game Github org in case you want to follow along.
  • Build a full-stack open-source practice platform as an ensemble with Ben Dowen and Vernon Richards. Yet another initiative I feel very hyped up about! We are taking the roles of the employees of the fictive company "Make-Believe Labs", taking on "Project Snack Shop" for a customer who wants to digitalize their well-running snack shop business by offering an online shop. For real, I just love this happening. We have an ensemble session each week, and we are all in. From our own vision, to the actual project offer and context, to the first proof of concepts, to team agreements, to design documents, to architectural decision records, exploring walking skeleton options with code, and more. This is just super awesome. We have so many ideas to build on this! We don't have an overarching Github org for this yet to follow along, but stay tuned, a lot more is brewing already.
  • Offer Shiva Krishnan's and my leadership workshop series to the community. Ah, a longtime endeavor dear to our hearts. This series proved to be valuable to lots of people in the past, and it definitely helped both us grow immensely. Finally, the time has come to spread the word further and transform our workshops to an open community offer. This year we want to try it out with a small cohort. In the first instance, we won't have public registrations, yet will build on our networks for this first community proof of concept. If this goes well, there are plans for more afterwards! It's now really taking shape, and I'm glad to see this. Although access won't be public in the first instance, I'll see what I can share as we go along.

By the way, as if any one of the above wouldn't be enough (they clearly are), there are still further endeavors on my list that I'd love to start. I know, I know, I can't do everything at once, so I deliberately hold back for the moment, as above initiatives (as you can imagine) already fill my time very easily. They also give lots of energy! Lots of growth, too, and I'm not alone in either of them.

As I'm writing this, I'm looking back to the original hypothesis for my personal challenge. While above endeavors are indeed new contributions, quite courageous and also ambitious, I'm also very pleased to see that the hypothesis criteria will be very easy to measure indeed. I won't have any trouble to learn from these initiatives. Seems I'm on the right track, and that's providing me peace of mind already.

I am very much looking forward to see how each of these new contributions evolves over time. Truly exciting!

Tuesday, January 2, 2024

My Personal Challenge for 2024 - Scary New Grounds

In the last few years, I've taken on several personal challenges. These are things that initially scared me yet clearly helped my personal growth. You could also call each of them my "theme" of the year to focus on deliberately, as my learning partner Toyer Mamoojee framed it. For 2024, I am taking on my sixth one! 

Open Thinking

While working on my current challenge of the year, I am already taking note of topics that cross my path that would make yet another great theme for the following year. Here's my rough and raw list of thoughts that came to mind in the sequence I noted them down.

  • open source contribution
  • security
  • accessibility
  • app development
  • call for a weekly 90min ensemble creating an open source app together
  • a project a month
  • build an intentionally insecure movie app for practicing
  • "everyday security" series
  • "accessible security"
  • asking for help; see Ady's idea
  • initiate pairing/ensembling with others
  • deep dive focus weeks: learn foundations for a topic and share to deepen my generalist me
  • series of how I test things, especially on the backend side
  • anything that contributes to my vision of systemic inclusion and growth?
  • feeling I'm doing the same over the past years, over and over again, also re-using a lot of what I've built before; yet there's so much more to learn and grow into, like Maaret continually does, expanding
  • do something I haven't done before, truly grow again; I've used lots of approaches in the last years that had worked before, just built on them and refined them; yet didn't really reinvent myself anymore
  • really do need my own topics again, not being driven from conference to conference alone, neglecting my goals and blog
  • “Courageous Community Contributions” - finding new ways to contribute to the community (like I found new ways to contribute to a team and company over the years)
    • These are still scary!
      • List of a bunch of points - not revealing them here yet, you'll need to read on ;)
      • … leaving space for serendipity
    • What else I might do, yet not as scary anymore:
      • Paired blog posts
      • Paired conference sessions
    • Other things I’m already doing, that are not scary anymore:
      • Blogging
      • Public speaking
      • Security testing sessions with Peter Kofler
      • Code reading club
      • Learning partnership with Toyer Mamoojee
      • Daily habits and practice

As usual, the last idea grew and took shape in my head, and I kept adding to it. That's usually the candidate for the very next year, so here it is!

My Challenge for 2024

Here's the challenge of my choice for this year: "Contributing in new ways." Let's dive into this.

The challenge: I owe a lot to the various communities out there. I'm doing a lot to give back and especially pay forward through sharing on social media, blogging, and conference speaking. There are a lot more ways to contribute, though! I'd love to explore new options and pathways. This runs parallel to what I do at work: constantly re-inventing myself, my role, and how I contribute to teams and organizations. Going out of my comfort zone is how I've grown myself as a generalist. Therefore, I think I can contribute also in different ways outside of work. So here's my challenge to find new ways to contribute to communities and dare to try them - they only can't be the old things I'm already doing (while no one stops me from continuing what I want to continue).

The hypothesis: I believe that contributing to communities in new, courageous ways will add value to the communities I'm part of and grow my own knowledge and skills. I've proven the hypothesis when...

  • I have contributed in three new ways,
  • other people engaged with these contributions, and
  • I have learned three new things from each.

The experiment: In order to prove or disprove the hypothesis, let's get more concrete.

  • Contributions need to be courageous, something I haven't done yet that I find scary enough while being ready to give it a try.
  • Communities to contribute to are not limited, whether I'm already part of it or it's a new one I'm discovering on the way. Topics are not constrained either, as this is all about re-inventing myself by daring to contribute in new ways.
  • My initial options are not carved in stone. Instead, they are even prone to change, and that's welcome. I deliberately leave space for serendipitous new collaboration options.
  • There's no constraint on how much time these contributions require, whether they only take one hour or continue over many months.
  • If a contribution turns out to be not scary at all, then it's still a valid contribution to the community I can decide to pursue.
  • I choose to share anything about these contributions in any form I find appropriate. I am not limiting myself to blog posts for this challenge, nor do I require myself to write any.

Timeline criteria: It always proved valuable for me to think about when to start, when to pause, and when to stop.

  • Start: The fact that I've taken initial steps for a few courageous endeavors already in 2023 doesn't hinder me from including them in this challenge. The main focus will still start from now on.
  • Pause: Whenever I neglect the self-care I committed to, I stop to re-assess the situation and make a judgment call for how long to pause the challenge and get back on track to maintain the required energy. Pressing on without having the energy for it is a no-go.
  • Stop: It's time to stop my challenge and evaluate my experiment overall when I've either proven the hypothesis or it's the end of October 2024.

The hashtag: Initially, I opted for the following name and related hashtag to refer to this challenge: #CourageousCommunityContributions. Yes, I do like alliterations. This one's quite a mouthful, though, and I realized I'm not thinking about this challenge in this way. So I decided to take the words I use when I think about it, and that's #ContributingInNewWays. So be it.

Reviewing all this, I acknowledge the substantial risk that I open up too many topics and, hence, once again feel overwhelmed like in 2023. To mitigate this, I'm trying to build in as much freedom as possible to reduce unhelpful pressure. I don't want to lock myself in and instead still be able to respond to life. The constraints should be liberating. After all, I'll have to try it out and see how it goes.

Also, framing my challenges as measurable experiments allows me to document a starting point and afterward compare where I ended up with that initial state. So, hypothesis measurements are a tool to help me look back and spot differences. The most important metric will always be how much value I got from these personal challenges for my own growth. So far, it's always been worth it to dare take this journey.

It's on!

You might wonder, what kinds of contributions do I already have in mind? Here's a non-comprehensive list of currently prominent topics. As stated above, these options are prone to change. I'm sharing them here to make all this more tangible, help me reflect once I finish this challenge, and see if any of you would like to join me in any of these endeavors.

My journey already started with a few tiny steps on some of the listed topics last year. With old tasks closed and the new year starting, I now have a lot more focus to spend. I'm grateful for my wonderful conspirators, looking forward to our collaboration over the year, and I can't wait for what I'll learn on this challenge!