Tuesday, February 8, 2022
Speed is the name of the game in continuous integration. The quicker a developer can get feedback on her changes, the quicker she can address problems and move on to the next feature.
Imagine shaving 10 minutes off your build. For a developer pushing code 5 times a day, this is 40 hours of time savings a year.
In this session, Ben will offer 7 actionable tips that mobile developers can apply to their own CI pipelines to enjoy super fast CI responsiveness.
What will the future of the Cloud and Edge look like for us as developers? We have great infrastructure nowadays, but that only solves half of the problem. The Serverless developer experience shows the way, but it’s clear that FaaS is not the final answer. What we need is a programming model and developer UX that takes full advantage of new Cloud and Edge infrastructure, allowing us to build general-purpose applications, without needless complexity.
What if you only had to think about your business logic, public API, and how your domain data is structured, not worry about how to store and manage it? What if you could become “databaseless” and forget about databases, storage APIs, and message brokers?
Instead, what if your data just existed wherever it needed to be, co-located with the service and its user, at the edge, in the cloud, or in your own private network—always there and available, always correct and consistent? Where the data is injected into your services on an as-needed basis, automatically, timely, efficiently, and intelligently.
Services, powered with this “data fabric” of application state—attached to and available throughout the network—can run anywhere in the world: from the public Cloud to 1000s of PoPs out at the Edge of the network, in close physical approximation to its users, where the co-location of state, processing, and end-user, ensures ultra-low latency and high throughput.
Sounds exciting? Let me show you how we are making this vision a reality using technologies like Akka, Kubernetes, gRPC, Linkerd, and more.
OPEN TALK: Learn How to Find & Fix Security Issues in Kubernetes Manifests Using Open Policy Agent and RegulaJoin on Hopin
Teams can now run pre-deployment security checks on their Kubernetes (K8s) manifests using Open Policy Agent (OPA), the open standard for policy as code and a Cloud Native Computing Foundation project.
In this session, Aidan O'Connor (Senior Solutions Engineer at Fugue) will walk through using OPA and Regula (an open source OPA-based tool purpose built for IaC checks) to find and fix security issues (measured against Center for Internet Security Benchmarks) in your K8s manifests pre-deployment.
Attendees will walk away with an understanding of:
-The kinds of security risks that need to be considered with K8s manifests
-Using OPA and Regula to catch security vulnerabilities and learn how to remediate them
-How automated K8s manifest checks can be integrated into DevOps workflows
There are a host of changes that come with a company being acquired, such as joining a larger organization and integrating teams and product offerings with the parent company. In this session, Jodi will share her first-hand experience leading product teams at multiple companies through acquisitions and spearheading product integration. She will also share best practices for scaling a product organization for growth following an acquisition and building a high-performance team that is aligned with meeting larger business goals.
The explosion of IoT devices and the time series data they generate has accelerated the demand for specialized IoT platforms. By 2025, there’s projected to be ~60 billion connected devices around the world. The hurdles for businesses to overcome in the next few years will be centered around collecting, munging, and storing it all from the many sources it comes from, how to manage that storage, and how to analyze it most efficiently.
In this session Sam Dillard will cover why a time series data platform should be used to meet IoT scale and interoperability needs. He will walk through the core concepts of time series databases, share use cases and give us an overview of the InfluxDB platform.
Once seen as a far off idea, the metaverse today is lauded as the future, discussed daily in the media, and prominent in the public discourse — anything but ignored. Many experts have hypothesized what this will look like, and companies across industries and around the world are starting to come forth with their plans for their presence in this next stage of the digital age. For Dan Sturman, there’s one concept that’s central to this vision of the future online — human co-experience. In this session, Dan will outline the five key pillars of creating an ecosystem for human co-experience — fully user generated, persistent identity, universal availability, immediate teleportation, shared fabric — and dive into the latest technologies available for developers within each, including open source software, storage enhancements, Luau programming language advancements, avatar tech, search and discovery, authentication, and more. He will also spotlight how developers across platforms are leveraging technology and advancing what is possible both today and in the future. Furthermore, he will share Roblox’s vision of what will become the foundation of an accessible, safe, creative, and civil human co-experience.
Conversation Intelligence (CI) APIs enables to build applications that go beyond basic speech to text, creating a new array of sophisticated AI-driven experiences and functionalities. Basic speech recognition is designed to recognize or respond to explicit words and phrases, while conversation intelligence is capable of contextual comprehension of any human conversations to effectively extract key insights, identify user intent, surface actionable insights, detect sentiment, and more.
Conversation Intelligence has given a rise to a new generation of AI driven applications and platforms across various verticals such as revenue intelligence, tele-health, call centers and customer support, collaboration and productivity platforms and more…
In DevOps everyone performs security work, whether they like it or not. With a ratio of 100/10/1 for Development, Operations, and Security, it’s impossible for the security team alone to get it all done. We must build security into each of “the three ways”; automating and/or improving efficiency of all security activities, speeding up feedback loops for security related activities, and providing continuous learning opportunities in relation to security. While it may sound like the security team needs to learn to sprint, give feedback, and teach at the same time, the real challenge is creating a culture that embodies the mindset that security is everybody's job.
Instrumenting your services is table stakes for modern services work. If your services are appropriately instrumented, debugging stops becoming guesswork, and you can understand your systems at a much deeper level than just knowing when something goes wrong. And when something is table stakes in software development, it cannot be controlled by any one vendor. OpenTelemetry is an increasingly popular vendor-neutral Observability framework for cloud-native software, poised to be the global standard for instrumenting systems. It’s a set of APIs, SDKs, and tools so that you can better understand your software’s performance and behavior. In this session, Phillip will walk you through what OpenTelemetry is from a developer’s standpoint, why you should choose it if you’re building cloud-native applications, and strategies for instrumenting a system with OpenTelemetry. At the end of this talk, you should feel empowered to adopt OpenTelemetry today and participate in an increasingly vendor-neutral future!
Necessity is the mother of invention. It’s a well-known proverb and means that the primary driving force for most new inventions is a need. When it comes to product innovation, those needs or ‘pain points’ are most easily identified when people in different roles tell you about them. You then follow a well-defined product innovation and development roadmap to create a solution to the problem.
But how do you solve a problem users don’t know is there? Steve Jobs famously said “people don’t know what they want until you show it to them”. With the ever-increasing pace of tech innovation and its ability to continually disrupt established ways of working, his statement has never been more true. So what is the trigger? How can you identify a ‘problem’ by convincing users that there’s a better way to do something when the current way of doing it works just fine.
Join Sanjeev Mervana, Vice President of Product Management for Cisco’s Emerging Technologies & Incubation team, as he details how to identify, generate, screen, and manage new innovation and incubation ideas that ultimately fuel growth.
“The smarter an application is, the dumber its code should be.”
Have you ever tried to add a minor feature to your application only to discover that you’ll have to re-write large blocks of code first? Or maybe you’ve spent hours deciphering hundreds, or perhaps thousands, of lines of existing code just to find out a task only required two lines of additional code. If you’re like most developers, you’ve wasted countless, frustrating hours wading through immensely complicated code trying to force it to do things it wasn’t built for.
In this presentation, we’ll discuss 5 principles to help you create stupidly-simple applications that are maintainable, extendable, and bug-resistant. If your code is already suffering from “genius syndrome”, we’ll also be discussing strategies for refactoring existing code to avoid the infamous “grand rewrite.”
There are no shortage of API metrics you could track, but how do you aligned to business outcomes. This workshop takes a deep dive on how to align metrics to three key goals: Adoption, Engagement, and Retention. Then, we'll discuss changes you can make to your developer experience for improving these areas.
“I really want to develop a tool that aggregates user interactions!”, said no developer ever.
Product-Led Growth (PLG) has stormed into our lives over the past few years. Concepts like usage-based pricing, seamless onboarding, built-in security, and product analytics are now taking a toll on developers. Companies are investing more and more engineering resources on developing self-service features that are shifting the focus from building innovative code for your product’s core technology.
From the product side, this surely looks innovative and unique. However, from the development side, it adds another variable into the equation, which already includes bugs, security issues, never-ending product feedback loops, and other things that stop developers from building exceptional code.
But while investing resources in creating a seamless product experience is crucial, isn’t the core value of the product more important? How can developers build self-service features, while achieving their innovative selves?
In this talk, we will be discussing the application side of the story for PLG success. This will be a practical demonstration of how developers can integrate self-service and data-driven by-design capabilities, while ensuring speed, flexibility, and full user observability, without sacrificing innovation.
Need to harness the power of AI but not a data scientist? No problem. In this presentation, we’ll show you how to consume prebuilt and custom AI models even if you don’t have data science expertise. We’ll also introduce Oracle’s take on machine learning and AI—and how we’ve rearchitected the AI experience to be more streamlined, efficient, and developer-friendly. Come ready to see demos that span capabilities such as language understanding, computer vision, speech, and many more. No data science background required!
As you adopt cloud native technologies and Kubernetes, you will face a myriad of technology, process, policy and people decisions. What tools and patterns are needed to be successful? How can you ensure Kubernetes is a success across your DevOps team and organization?Rachel Sweeney, Product Advocate SRE at Fairwinds, discusses why Kubernetes plays an important role in your DevOps experience and the 5 things to help your team succeed at Kubernetes. Learn a few critical steps to achieving your Kubernetes Maturity around technology, security, visibility and consistency.
Computer vision models based on neural networks have become so good in the last 10 years that nowadays serve as the “eyes” behind many mission-critical systems, like self-driving cars, automatic video surveillance, or face recognition systems in airports. What you probably do not know is that there are easy methods to fool them, forcing them to produce wrong predictions. These methods are theoretically simple and computational feasible and open the door to potentially critical security issues.
Machine Learning is disrupting nearly every industry. AI-First is the new mantra for many, but how do you architect, develop and manage intelligent, real-time applications incorporating Machine Learning that can scale to handle modern workloads driven by Cloud and Edge?
In this talk, you will learn the most critical elements for achieving machine learning applications that can scale to any throughput or volume of interaction up to one billion events per second or more. Also covered will be how to integrate these applications with MLOps frameworks, and how to design for zero-downtime architectures as well as global scale multi-region.
Ada Lovelace was one of the first to recognize the ability of a computer to do higher order reasoning. Now, with the move to cloud, you too interact with infrastructure as code, and security as code.
It’s a new security reality: from the moment you start to build, you configure governance and security controls, identity and access management; you make choices around services and resources; you store data and backups and architect for redundancy and high-availability; and so on. To do security at scale, you must embrace the reality that security engineers are developers, and developers are architecting for security. Making the secure thing to do, the easy thing to do, is hard—but it is the only way to do security at scale.
The recommendation algorithm is not new for the modern apps or platform business. However, with a chat feature and mobile-first strategy, Hirect is creating a new engine for job marketplace - just like the engine behind the refreshing user experience of Tiktok. Based on the algorithm, Hirect can not only gives a better distribution and matching of jobs and candidates list, giving more exposure to small business, breaking the domination of the top 10% of the giant companies from the traditional paid-ads promotion model but also react instantly to users' feedback and activities.
Large language models grow increasingly capable of producing text that is indistinguishable from human written text. Bad actors are able to leverage these text generation capabilities to quickly and easily generate spam or bypass spam filters. Learn different techniques Stream is exploring to catch machine generated text in order to increase our spam detection capabilities.
Testing in production used to be a joke. In fact, it was a popular "Most interesting man in the world" meme. But as life often imitates art, this meme has become reality. As it turns out, the best tests to learn from are the ones that match production. So when looking for feature flag solutions, developers and software delivery teams find themselves looking for ways to test their code and deployments in prod!
In this talk we will dip our toes into the world of feature flags. We'll begin with an overview of what feature flags are, how to think about them, and why both engineers and business users find them valuable. In addition, you’ll also learn about how to get started with feature flags, and the key things to look out for once you "Do it live!" .
I just wrote some code that can have a positive effect on our customers and I’m motivated to release it as quickly as possible. I need your help but you are busy and motivated to continue working on your own code. I call this conflict The Pull Request Paradox.
This problem is not theoretical - it effects most developers every day. The average pull request takes 4 days to merge from when it's opened and half of that time is idle time. Which means every PR sits idle for two days on average! That idle time reduces our code quality, kills our flow and makes it really hard to plan our sprints accurately.
In this talk I'm sharing:
* New ideas to to merge your PRs faster based on analysis of 733K PRs from 26K developers
* Why asynchronous is NOT better than synchronous when it comes to PR code reviews
* Context you can add to your pull requests to get it reviewed by your team 5X faster
* How idle time in PRs reduces situational awareness and increases cognitive load
* Why the time of day you open your pull request effects how quickly you merge
This brief talk by IBM Quantum Developer Advocate James Weaver introduces quantum computing with Qiskit to classical developers, and touches on the following concepts:
- Contrasting classical and quantum computing
- Axioms of quantum mechanics with Grumpy Cat
- Using IBM Quantum Circuit Composer
- Using IBM Quantum Lab (Python notebooks)
- Resources and next steps for attendees
In case you haven't heard, relational databases are the new hotness. Why? Distributed SQL. Wait, distributed what now?
Distributed SQL databases are relational databases engineered with a distributed architecture to scale out on commodity hardware, on premises or in the cloud…without any trade-offs. These databases retain standard SQL, ACID transactions and strong consistency while adding unprecedented levels of scalability. But that's only the tip of the iceberg.
In this session, you'll gain an understanding of the fundamental concepts of distributed SQL and get a quick look at MariaDB's new distributed SQL implementation, Xpand. Using MariaDB Xpand we'll take a more pragmatic look at how distributed SQL takes database elasticity, scale and high availability to the next level. Then, diving deeper, you'll be introduced to the novel concept of MariaDB's columnar indexing with distributed SQL, and how it can be used to dramatically improve the execution speed of analytical queries on massive datasets.
2021 has been a breakthrough year for the crypto industry, reaching 100 million+ global users and a multi-trillion dollar market cap. In this session, Lewis will discuss what it takes to lead engineering teams building blockchain-powered products to keep up with skyrocketing mainstream demand. From implementing effective hiring methods to strategizing team roles and responsibilities, Lewis will share how technical leaders can hire and inspire high-impact teams to build industry-leading products. He will integrate key lessons learned while scaling the engineering team at Blockchain.com, increasing technical headcount over 1000% and helping the company achieve a $5 billion-plus valuation.
KEYNOTE (ProductWorld) Cisco Meraki -- How to survive Chipmaggedon: Design and Development of “The New Normal”Join on Hopin
You can’t always get what you want. Right now you can’t seem to get anything at all. Whether you’re sitting in an empty warehouse, staring at a smoking proto board and wondering how long it will take to get a new one, or clicking obsessively hoping your new oven will ship, “Chipmaggedon” has landed with profound impact on how you design, develop, and consume.
How do you protect your product in a global crisis? How do you invest in growth and innovation when you’re constantly playing defense? What’s the trick to get hardware designers, software developers, and supply chain managers together and rowing in the same direction?Join Morgan Teachworth, Vice President of Hardware Engineering and Supply Chain for Cisco Meraki, as he discusses what sparked the global chip crisis and recommends how shifts in design and development methodologies can bring communities together to combat supply chain challenges and survive the end of “Chipmaggedon.”
Policies, norms, and practices are an integral part of software development practices and undeniably important for delivering scalable and robust systems at high quality. Yet, they can simultaneously be a blocker to fast, iterative development processes which are vital to creating a culture of continuous innovation across the organization.
Even cloud developers who are striving to build bleeding-edge systems are often restricted in delivering value at their optimal personal speed. Handcuffs are being imposed on them by important, yet cumbersome cloud approval processes, as well as unnecessarily long wait times during deployment and testing stages within their cloud infrastructure.
In this talk we will shed some light on common inefficiencies and roadblocks that cloud developers face when developing against public clouds. We will discuss how to give back control and autonomy to developers over their own dev environments and tools with local and hybrid cloud development patterns, to foster innovation and fast feedback loops. Most importantly, we will highlight how the same concepts which give full autonomy to individual developers can also be leveraged to substantially improve team collaboration and feedback loops across team borders, for the best possible developer engagement across all stages of the CI/CD pipeline.
If you feel like you are not getting the full potential out of your cloud team, join me in this thought provoking session and let’s discuss strategies on how to free your development teams from their handcuffs - while embracing security, quality, and compliance.
With today's distributed work environment, running a modern agile organization requires a modern approach. No longer can projects live in their own space and be measured by their own goals. From automations to communications, measurement and more, today's successful development teams are leveraging modern tools and all-in-one productivity platforms to better plan their agile projects and seamlessly collaborate with all teams across their organization. In this session, ClickUp's strategic solutions engineer Devin Stoker will break down the keys to successful modern Agile planning and show how many global development teams today are adapting to the future of work.
Secure software development isn’t always a top concern to the business unless you are in a highly regulated industry. Today, time to market is often more important than security, increasing the value of the product that you sell with continuous improvement and quick software releases. To create and maintain a lead on the competition, you have to be really good at Agile and DevOps.
A potential scenario: the security team has called an emergency meeting. A new vulnerability has been publicly disclosed that impacts not only your software, but your company and your customers. Will the required remediation take hours or even weeks to complete? It depends on your preparedness.
To improve your readiness and reduce impact, we will look at tips and actions you can take now.
1. Learn more about the scope of the mess that was created by the Log4j CVE.
2. Why most companies struggled to address it quickly.
3. What steps you can take now to be ready for the next one.
The buzz about quantum computing has been rapidly increasing lately, and a growing number of developers have been looking into the subject. Concepts developers typically find challenging after cursory investigation of quantum computing include: superpositions of quantum bits (qubits), quantum gates, quantum entanglement (Einstein’s “spooky actions at a distance”), and the relevance of Schrödinger’s famous cat.
In this workshop, James Weaver gives a gentle introduction to quantum computing, followed by leading the participants in hands-on activities that leverage IBM Quantum simulators and computers.
KEYNOTE (ProductWorld): UserTesting -- Leveraging Digital Transformation to Help Product Teams SucceedJoin on Hopin
The challenges of product managers are shifting. The pandemic underscored the need for digital transformation in many companies, and often product managers have often found themselves leading those changes. That increased attention is great, but it also puts additional demands on the time of product managers who were already in fully occupied. How do you fulfill the company’s needs for transformation without working nights and weekends? Michael Mace, UserTesting VP of Market Strategy, will discuss the challenges and opportunities and give practical examples of what to do. Topics will include:
• The importance of identifying customer needs beyond just features, and covering the whole customer experience
• How to avoid the order-taking trap
• Balancing the conflicting roles of product owner and product manager
• The opportunities and challenges of digital transformation, and how product managers are using the transition to help their companies succeed
• How to use real-time human insights to make high-confidence customer-driven decisions without slowing down the development process
It's estimated that somewhere between 25 and 50 million traffic tickets are issued each year. Most of these tickets are issued due to antiquated systems such as physical signage and parking meters. Commuters simply don't know that they are committing a violation.
On the enforcement side, cities struggle to collect revenue from outstanding parking tickets. It's a lengthy and inefficient process that ends up being overly punitive for their residents and expensive to follow through on from the city's perspective.
It doesn't have to be this way. Imagine a smart city ecosystem where there are fewer parking tickets only reserved for those who intentionally disregard the rules, but cities still collect more revenue from the tickets they do issue.
Like most things, the answer to the nationwide parking crisis is coders. What does scaling a smart city API across thousands of cities that all have unique needs and requirements look like? Brad Powers, CTO of a leading smart city and mobility platform, breaks down his technical learnings and offers best practices for developers tackling similar challenges across any industry.
The business demanded rapid innovation. Software development and IT figured out how to provide it. But now we have a whole host of new problems. In the resulting world of cloud-native apps, microservices, and API-driven applications, what we came to rely on for keeping it all running and secure is no longer enough.
In this new fog, we are basically “flying blind”. Modern applications are extremely hard to secure and protect as they are complex and continuously changing. Our visibility of what we have, how it is behaving, and how it is being used (and abused) has diminished tremendously. So how do we begin to see through the fog once again?
In this session you’ll learn:
- Why are we flying blind
- 4 key areas to focus on to stop flying blind
- A way to get started quickly (for free!)
Having good reliability means that incidents are nothing special, merely variations of our regular work. Such a perfect dream of Site Reliability Excellence means that there are clear paths to expertise and common grounding between teams happens frequently. To make this vision a reality, we run an open session at Blameless that builds on musical traditions of improvisation. Inspired by western jazz and Indonesian percussion orchestras, our weekly session seeks to build group intuition through a discipline of iterative collaboration. In this talk I introduce our approach to continuous learning, Practice of Practice Gamelan.
What we've created is an opportunity for coming together in a collaborative way without the anxiety of performing under pressure. We share mental models through the telling of stories, playing of games, and riffing of ideas. Different areas of our socio-technical system are explored as seen through different eyes. By learning about how our coworkers view the system we operate together, we continuously build new connections through our newly shared perspectives. We not only learn how our teammates strive towards Reliability Excellence in their daily work, we also reduce unknowns about the system itself, giving us more flexibility to adapt around inevitable ambiguity. Come see how we want incidents to be just another time to get together and jam about some fascinating part of the system that has suddenly revealed itself as a wrong note we can learn by.
Learn how developers can use Synopsys® Code Sight™ plug-in to quickly find and fix security defects in source code, open source dependencies, IaC and more, without leaving the IDE. It’s easy to try, and provides quick time to value. It helps them write better code, fix issues before code commit, and avoid costly rework caused by issues not found until downstream testing.
With testing and new releases, errors are going to creep through the cracks and new debugging approaches are needed. Nick Hodges, Developer Advocate at Rollbar, will uncover the 4 main insights that are transforming the ways we approach debugging to help return more productive time to developers.
Traditional monitoring and observability platforms continue to support the same approach: DevOps and SRE teams must centralize logs, metrics, and traces before they can start to analyze them. Faced with exploding data volumes, teams dependent on these platforms are left trying to predict which systems and datasets to monitor and centralize. What doesn’t meet the bar gets neglected or discarded altogether. You shouldn’t have to compromise data visibility to stay within budget. In this session, Edge Delta CEO and Co-Founder, Ozan Unlu will break down Edge Observability -- a novel approach to observability that aims to solve this issue. You will learn how DevOps and SRE teams can maximize visibility, optimize costs, and respond to issues orders of magnitude faster.
Implementing a search experience for a single database of content can be straightforward. However, many companies operate several distinct websites that each feature important content for their customers. For example, your marketing site, product documentation library, developer hub, and community portal may all use separate content management systems, possibly managed by different teams.
If each site has its own isolated search experience, then the information from each is siloed. As a result, your customers may not find what they're looking for when they visit one of your web properties. Or, your users may find a helpful article, but they may not be exposed to some of your other content that's relevant to their query. If you create a combined search experience that incorporates the content from each of your sites, you can address both of these problems.
This talk presents a solution for a federated search experience. The federated search will serve a content library that spans disparate content types and databases. This issue was tackled by Linode during a redevelopment of the Linode Docs website (https://www.linode.com/docs) in 2020. The presented solution is powered by Algolia. The talk will outline the technical architecture for our Algolia search indices, how they are queried, and how they are kept up-to-date with the content present in each of our web properties.
Finally, once you have implemented a federated search experience, the search backend can also be used to power interesting non-search navigation for your sites. For example, the Linode Docs site features a tree navigation that includes all of the content that we offer. The talk will explore how this was accomplished.
How do you launch a product with a bare-bones team working remotely in the middle of a pandemic?
In June 2020, I was tasked with taking an idea to launch in just eight weeks with nine engineers. I’d never met this team, and wouldn’t for almost two years: the pandemic had just locked everyone down.
But the investments had been made, and a date was set. I had to create a long-term vision with moments to spare and weeks to deliver.
There’s a saying: Take the leap, and build your wings on the way down. So that’s what we did.
But before you wonder how many 24-hour days the engineers put in? Not many. How frantically decisions were made? Not at all. How did the time crunch inform our tech stack? (Hint: we love Python, but Go was faster). And how does one cobble this all together, anyway?
The key to building and launching a product against outlandish technical constraints isn’t by grinding a small team into dust by making them row the boat until they can’t move. It’s by building that boat smartly, beginning with the end in mind, so you can build as you row with thoughtfully selected parts that move and scale with you from the get go.
The audience will learn:
How to replicate - or modify for themselves - my unique approach to tripling our remote team around the world in just two months
How to structure their organization for optimum collaboration, management, and conflict resolution during incredibly tight release schedules
Create 24/7 workflows without working your teams 24/7
How to choose the right tech stack for the project to get a massive project to market in a competitive timeline – without churning engineers or running into multiple dead-ends and refactors due to hasty decisions.
Magic is more than just a plug-and-play passwordless auth that enables a delightful onboarding experience for end-users.
Instead of usernames and passwords, Magic uses blockchain-based public and private keys to authenticate users under the hood. A decentralized identifier is signed by the private key to generate a valid authentication token that can be used to verify user identity.
Traditionally, usernames are publicly recognizable identifiers that help pinpoint a user, whereas passwords are secrets that were created by the user and are supposed to be something only they know.
You can think of public and private keys as materially improved versions of usernames and passwords. The public key is the identifier and the private key is the secret. Instead of being created by users and prone to human error (e.g. weak/reused passwords), the key pair is generated via elliptic curve cryptography that has proven itself as the algorithm used to secure immense value sitting on mainstream blockchains like Bitcoin and Ethereum.
Using blockchain key pairs for authentication gives Magic native compatibility with blockchain, supporting over a dozen of blockchains. This enables web3 developers to use Magic SDK to provide user-friendly onboarding experiences to mainstream users and tap into the potential of the rapidly expanding blockchain industry that is growing 56.1% year over year and projected to reach $69.04 billion by 2027.
The key pairs are also privacy-preserving (no personally identifiable information) and exportable. This allows user identity to be portable and owned by users themselves (self-sovereignty). The world is already moving towards this direction with novel solutions from companies like Workday and Microsoft.
As a first step, we are committed to enabling a passwordless future, by providing developers with the easiest way to integrate passwordless login methods into their apps, but having blockchain key-pairs actually connects us to other future-proof infrastructure such as IPFS for decentralized user identity data storage, which will pave the way towards worldwide adoption of decentralized identity.
If you want to see just how seamless both the developer and user experiences are with Magic, or you want to learn how Magic plans to onboard the next billion users into web3, do not sleep on this talk.
A well-crafted container or kubernetes avoids using excessive privileges, shipping unused packages, leaking credentials, and will expose a minimal attack surface. By removing known risks in advance, you’ll reduce security management and operational overhead; however, not everything can be known and prevented in advance. You cannot forget about security since the container is running.
Join this session to gain clear direction on how to:
- Image build and apply Dockerfile best practices
- Reduce the attack surface and optimize size for distribution using multistage builds
- Manage threats and vulnerabilities, like log4j
Developers know what they want and don’t want. And we are pretty sure they don’t want ops. The world is becoming serverless…Including the database.
In this session, we will deliver a deep-dive exploration into the internals of a serverless database, exploring the following, and more:
- How to automatically scale your workload with zero downtime
- How Raft and MVCC are used to guarantee serializable isolation for transactions
- How Cockroach automates scale and guarantees an always-on resilient database
- How to tie data to a location to help with performance and data privacy
- How to only pay what you use and never overspend
CockroachDB - a Distributed SQL cloud-native database designed for consistency, resiliency, located data and scale - is the core of CockroachDB Serverless. We’d love for you to join us and see how it works!
Our ability to manage infrastructure, reason about the impacts of changes and keep it secure and compliant has grown in complexity. Full stop. The proliferation of development tools in the market with a variety of teams adopting different solutions on different infrastructures creates a silo effect that is real and painful for many operators today. Choices that were once the domain of the operations team are now handed directly to application teams, with an ever increasing push to adopt new technologies. This talk will focus not only on “the why” of this complexity but more importantly on “the how” to get your team on the right path to manage this complexity in a way that allows you to continue to deliver software and services quickly but in a secure and scalable way. It will explore how tools, practices and organizational structures all play a role in not only surviving, but thriving in a world of ever expanding infrastructure complexity.
Roughly 60% of stream processing is spent doing mundane transformation tasks like format unification for ML workloads, filtering for privacy, simple enrichments like geo-ip translations, etc.
In this session, we will show you how easy it can be to do streaming data transformations while also eliminating data ping-ponging between storage and compute — thanks to Redpanda’s built-in support for WebAssembly (WASM). We’ll share best practices for data transforms using Redpanda, our Kafka API-compatible streaming data platform.
We will also cover:
- Overview of Redpanda and our WASM architecture
- Example use cases for data transforms
- Live demo of data transforms
Cadence is an exciting new technology open sourced by Uber in 2017 and that is a foundation technology for Uber and several other leading tech companies. Cadence makes it easier and much more efficient to develop and operate long-running, highly reliable process-based business logic (or workflows) at the highest levels of reliability and scale.
This session will explain the basic concepts of Cadence by walking through some simple code examples, discuss how to determine if your use-case is a good fit for Cadence, and outline some considerations for the successful adoption of Cadence in your organization.
Saying no is hard and is also what makes for good strategy. Saying no is particularly hard when we as product people are expected to build connections, lead through influence, effectively collaborate with teams that we might be saying no to (very) often, and build an amazing product that solves real user problems and achieves concrete business goals.
Product people that always say “yes” end up with monster products that do everything and nothing at the same time. They say “yes” because it is very hard to say no effectively.
If those concerns sound familiar, this talk is for you. Gabrielle will share how you can tame your monster by implementing effective & scalable product strategy. She will send you off with actionable steps so that you can immediately get to work, develop a strategic way to say no, and, most importantly, tame your monster!
Today, majority of the world’s most valuable companies by market capitalization are platform companies; to name a few are Facebook, Apple, Netflix, Google & Microsoft.
All these companies started off with a great product by claiming a substantial mass of customers and providing enough value for all the stakeholders of the ecosystem by optimizing the "network effects".
In this talk I am going to touch upon the key factors, strategies and business models which can enable transition of a product mindset to a platform mindset.
I will also highlight how some of the global product companies are rapidly transforming themselves as successful platforms using innovative methods in their respective domains
Cricket, a game of bat and ball is one of the most popular game and played in varied formats(I. Its a game of numbers with each match generating plethora of data about players and match. This data is used by analysts and data scientists to uncover meaningful insights and forecast about matches and players performance. In this session, I'll be performing some analytics and prediction on the cricket data using Microsoft ML.Net framework and C#.
Human health is complex - it's not something we can buy; it's something we have to earn! This exact approach goes for open source projects and their communities. A truly dedicated and loyal fanbase cannot be bought; it has to be nurtured. But what do we mean when we call a community and the open source project "healthy"? This question is what we are trying to answer at Facebook!
In this talk, we will look at the approach that the Facebook Open Source team takes to measure the current state of Facebook open source projects, and how we use these metrics to prioritize and to direct our DevRel focus. Ultimately, we aim to show how by looking at information about your open source communities, your team can concentrate on the quality of the projects instead of only the quantity of repositories that you make public.
It has never been more important to build secure applications from the ground up starting with developers implementing the DevSecOps framework. One facet of DevSecOps is building code that emits high quality telemetry so development teams can deliver new software and services at agile speed without compromising application security. In this session, Cribl technical evangelist Ed Bailey, will discuss three ways to instrument applications at the code level to give operations and security observability platforms enhanced data to provide next level fault detection capabilities that are not otherwise available. We have never seen a more challenging environment to monitor and secure modern applications and advanced telemetry based observability is the only way to meet this challenge.
Wednesday, February 9, 2022
Creating functional deployments for k8s is hard enough without even beginning to think about doing it securely. Part of your team are at war backing Helm vs Kustomize and your dirty secret is that you love straight up yaml!
As a security fan you’re looking for an easy win with zero budget to help make sure the “Department of No” doesn’t block the deployment regardless of your Infrastructure as Code choice.
In this live demo, we’ll see how Checkov (you love Star Trek too!), the open source IaC scanning tool by Bridgecrew, can handle all of that AND do so right in your IDE.
DevOps + Security = SomethingSomething… let’s figure it out together.
As of 2017, 90 percent of public clouds workloads ran on Linux. Linux allows organizations to make the most of their cloud-based environments and power their digital transformation strategies. Many of today’s most cutting-edge cloud-based applications and technology run on Linux, making it a critical area of modern technology to secure.
According to a recent Linux Threat Report, most threats arise from systems running end-of-life versions of Linux distributions. This includes 44 percent from CentOS versions 7.4 to 7.9. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months. This means attacks on Linux are likely taking advantage of outdated software with un-patched vulnerabilities.
This session will reveal steps you can take to ensure the security across workloads and cloud presence powered by Linux and how to effectively respond to the possible threats.
Join Aaron as he walks through the data, speaks to the threat, and highlights the top three mitigation strategies for all enterprises.
Attendees will learn:
• How to utilize free Linux native tools including Iptables, seecomp, PaX, etc., for configuration assessment, vulnerability patching and activity monitoring.
• Simple steps you can take to secure containers effectively.
• Best practices in Appsec, including testing, scanning and Open Source (SCA).
Observability has never been more important: kubernetes and distributed architectures are necessary, but they make it harder and harder to answer basic questions about system behavior. The conventional wisdom claims that Metrics, Logging and Tracing are “the three pillars” of observability… yet software organizations check these three boxes and are still grasping at straws during emergencies.
In this session, we’ll examine how we got ourselves into this predicament, and how to get ourselves out of it. We will talk briefly about the theory and then illustrate more elegant and modern approaches to common observability problems using live demos.
Spinning up exact copies of your application in multiple regions is as easy as git commit and git push. Now security policies and decisions for these applications can be just as easy. Learn how to extend your GitOps workflow to include policy-as-code. By using Open Policy Agent to write your application policy and security, you can have the benefits of GitOps for your security policies.
The rest of your application has moved to cloud-native; now it's time your application and security policies do as well. Long gone are the days of programming servers one by one. Infrastructure is now all push-button deploy powered by configurations that live in Git. The next logical step is to commit the security decisions that protect these systems into Git repositories. Becoming very popular over the last few years, GitOps has standardized application and infrastructure management processes. Within GitOps, smaller branches are starting to emerge to handle specific areas of your application. With tools like Open Policy Agent (OPA), we can define application and infrastructure security policies using Policy As Code and commit them to Git.
OPA is a general purpose policy engine that comes with a custom built dedicated policy language called Rego. Rego allows you to declaratively state the intent of your security policies using human readable expressions. It comes equipped with over 150 built-in functions tailor made for policy authoring. Together OPA and Rego allow you to supercharge your Policy As Code workflow in a Cloud Native way.
Join this talk to gain a general understanding of what policy-as-code is, the benefits in adding it to your application workflow, and see some examples of everyday use cases implemented with OPA and Rego.
So you want to be a cloud company? Making the jump to being a cloud-native rather than just a company who runs their product on the cloud requires deep changes throughout the organization. You'll need to change how your teams work together, how they think about the software development lifecycle, who you hire, how you approach reliability, and your relationship with your customers.
This talk goes through the prerequisites for becoming a cloud native company, addressing how to change not just what you do but how you do it, giving examples of other companies who have been through a similar transition. The speaker, Jordan Tigani, is a veteran who helped create one of GCP's first and most successful cloud products, and has helped SingleStore make the transition to a cloud-native company.
Access control in AWS is done via IAM policies. Policies and permissions in IAM can get really complex really fast, leaving a ton of room for mistakes and misconfigurations. To put this in perspective:- There are six types of IAM policies- Policies can have a combination of Deny and Allow statements- Each statement includes Actions, Resources, Principal, Conditions- Each statement can also have negations (exceptions) such as NotResource or StringNotEquals in Conditions- And many other details and tricksIt is best practice to configure least privileged policies. However, to get it right is often more challenging than it looks. As a result, most policies are written with wildcards (*) in Actions, or Resources, or both, with no meaningful Conditions.It is also very difficult to understand the net effective permissions of a policy that contains both Allow and Deny statements, with seemingly contradicting conditions and exceptions. AWS provides an IAM policy simulator that helps, but only helps to a limited extent. With the IAM policy simulator, you have to specify the service(s), action(s), and/or resource(s) and get a “yes/no” answer back telling you if a policy grants the permission to that known combination. It cannot answer the broader question of “given a policy, what resource permissions does it grant access to” in general.
DevOps involves integrating development, testing, deployment, and release cycles into a collaborative process. Security is often considered an afterthought; something to be inserted just before release.Thinking ahead to integrate security throughout the DevOps cycles involves intelligence, situational awareness, and collaboration. This is called DevSecOps.Join this session to learn about the importance of DevSecOps, the practicalities of implementing a strong solution and hear a couple of use cases to demonstrate why.
You just got hired! Congrats! Now what? It takes most new product managers six to eight months to reach full productivity. Most companies and managers don't have onboarding training designed specifically for product managers. This means you would spend half of your first year haphazardly gathering the bits of information you need to be an effective product manager. You need to create a learning plan to conquer your first 90 days. These first 3 months set the foundation you will build off of. Learn what to do and what not to do in your first 90 days. Join this practical session on how to navigate your new role and discover the information necessary to be successful.
KEYNOTE: CircleCI -- What We Learned about Hiring Engineers after 6,000 Technical Interviews in One YearJoin on Hopin
Last year, CircleCI hit hyper-growth and needed to hire more engineers quickly. But the process was taking too long, so we had to figure out how to improve it.
We tried many things, including outsourcing technical interviews to a third party. When we still weren’t moving fast enough or finding the right talent, we iterated on our process again and again.
After conducting more than 6,000 engineering interviews in one year, Michael Stahnke, VP of Platform at CircleCI, shares what our engineering organization learned about how to scale the technical interview process and find top tech talent for growing startups.
Good user experience requires a well performing frontend application. Code observability on a frontend application—to understand errors and their relevancy, performance of transactions, and Web Vitals to quantify website quality—is complex. By attending this session, you'll learn more about the tools that are available to aggregate and organize relevant frontend data to provide necessary visibility on errors and performance to keep users engaged.
OPEN TALK: How Beta Testing Can Support Automated Testing to Help You Release Better Mobile Apps FasterJoin on Hopin
53% of users have reported uninstalling or removing a mobile app with issues such as errors and freezes. As developers, a critical bug making it through to your end users, in turn leading to customer and revenue loss, is one of your biggest nightmares. Especially, if you never got this feedback from real users, during testing.
When application performance and stability can make or break your business, how can you prevent bugs from reaching end-users and deliver the best possible mobile app experience, every time? Well, part of the solution lies in completing your automated testing strategy with mobile app beta testing, to help you quickly deploy beta versions of your apps, get critical real-user feedback, and iterate at a faster pace.
Join Wim Selles, Lead Solutions Architect at Sauce Labs, as he discusses how you can address the key challenges inherent to mobile app development by optimizing your beta testing processes. Wim will demonstrate how a developer-centric mobile testing solution can enable you to improve both the quality and release velocity of your mobile applications.
You will take away:
- How seamless access to mobile beta testing capabilities can help you take your mobile app development to the next level
- How to implement beta testing best practices, including finding the right beta users, enabling them to report more bugs faster, and getting the most value of bug reports
- How to streamline your iOS and Android app distribution, and optimize your mobile app beta testing processes to shorten app development cycles
CI/CD success comes with iteration and continuous improvement. Harnessing the power of logs from the CI/CD process can be key to driving improvement. In this session we will demonstrate an easy path to bring CI/CD logs from Jenkins (or any platform utilizing cloud object storage in AWS or GCP) to drive success with CI/CD.
During the demonstration of the ChaosSearch Data Platform, we’ll share how you can easily access and leverage:
Velocity and Trends of CI/CD progress
Build failure trends and debugging
Visualizations & Dashboards
Alerts and Integration opportunities
The Jamstack movement has forever changed the trajectory of the web by decoupling backend and frontend technologies. Today, the Jamstack provides nearly limitless choices to developers designing the best customer experiences in web applications. Netlify’s platform unites the Jamstack ecosystem of modern web technologies with a great developer experience, helping developers create dynamic, scalable, secure apps..
To deliver the speed and agility that developers need when moving to a modern Jamstack architecture, Netlify continues to expand its platform to provide a workflow and productivity that natively integrates with every major web framework, API and developer tool. In this session, Matt will introduce the concepts of this architecture, highlight how to best utilize this integrated platform, and unveil how these workflows can unleash developer productivity for your team.
There is a widespread belief that fixed bids are not a good fit for Agile. Agile advocates flexibility. Agile principles help projects adapt to changes based on changes in priorities or market conditions. However, fixed means something that cannot be changed. Another common belief is that if we follow Agile with a fixed bid, we need to make sure the scope is crystal clear. In today’s fast-changing world this approach to project scope can significantly reduce the value a customer or a user gets when a project is delivered.
Do we know Agile can be a great fit for fixed bids?
In this session, Rohit will talk about a few tweaks that will not just make your fixed bid projects successful but can also make your project teams thrive in an Agile environment. He will share his experience on why Agile is a great methodology for fixed bids.
According to Product School’s annual State of Product Report, more than 45% of product managers say prioritization is their biggest challenge faced.
Backlog prioritization can feel like an ongoing rat race where you’re juggling a myriad of inputs and trying to keep up with demands. And yet, PMs are challenged to be the CEOs of their product and think strategically and proactively.
According to a study by Workato, a leader in enterprise automation, two-thirds of product managers report concern over managing their integration backlog and the volume of integration requests they receive.
Fortunately, product managers can have it all by leveraging the Workato Embedded Platform. Learn how the solution can help you become the hero CEO of your product and efficiently tackle integration requests that save engineering resources for building core product features, all while driving new revenue for your product.
Qt is widely recognized as a premier development framework for native, cross-platform applications and devices. But do you know what else is cross-platform? The web! Join us to see how the latest version of Qt supports the WebAssembly standard.
While the age-old choice between native vs. HTML5 development solutions will never be straightforward, we’ll show you how there can be overlap. We’ll also take a look at how you can leverage the latest Qt enhancements to expedite cross-platform deployment.
Over the last ten years the role of a software engineer has evolved drastically. Software continues to reach unprecedented scale and complexity. Organizations from all industries are now becoming software companies and with the pandemic everyone is feeling the effects of burnout. Creating an industry with healthy productivity is paramount but too much of a focus on “going faster,” without addressing burnout, is a recipe for failure. Engineering managers need to constantly balance both and as we move increasingly remote, these problems are even more acute. Ravs Kaur, CTO of Uplevel will share insights on how today’s engineering managers can ensure an efficient pipeline while making sure engineers are happy and healthy.
From your bank account to your email, APIs power your digital experiences. According to a survey by RapidAPI, 96% of developers are using more APIs in 2021 than in 2020. Are you planning on building internal APIs to be used just within your organization or external APIs for your mobile app? Whatever your API goals are, you need an API gateway to handle incoming traffic. API gateway deployments are a leading use case for NGINX Plus, our commercially supported offering based on NGINX Open Source.
In this webinar we cover what APIs and API gateways are, and how to configure and secure your API gateways using NGINX Plus and NGINX App Protect. We demo how to deploy NGINX Plus as an API gateway, and show how to secure the API gateway by using encrypted JSON Web Tokens (JWE) and importing an OpenAPI spec to NGINX App Protect. In the Q&A we answer your questions about deploying and securing your API gateway.
OPEN TALK: Fake Your Data: Mimicking Production to Maximize Testing, Shorten Sprints, and Release 5x FasterJoin on Hopin
Raise your hand if you’ve ever written a script or built a tool to generate test data for your staging environment. Keep your hand up if it was fun. And easy. And still works. If your hand (and shoulders and morale) fell, rest assured you’re not alone. Now for the good news: help is here.
With the increasing complexity of today’s data ecosystems and the expanding reach of privacy regulations, generating useful, safe test data has become more difficult and riskier than ever. An effective test data solution must work across a variety of database types and de-identify production in a way that ensures privacy. Challenging? Yes. Attainable? That, too.
Technologies now exist that integrate directly into your data ecosystem to create test data that looks, acts, and behaves just like your production data. By hydrating QA and staging with useful, safe, fake data, dev teams are upleveling testing, catching bugs faster, and shortening their development cycles by as much as 60%. Data mimicking sets a new standard of quality test data generation that combines the best aspects of anonymization, synthesis, and subsetting.
Explore these technologies in a live demo and discover how to use them to:
- Maintain consistency in your test data across tables and across databases
- Subset your data from PB down to GB without breaking referential integrity
- Achieve mathematical guarantees of data privacy
- Increase your team’s efficiency by 50%
- Realize 5x more releases per day
We don't usually set out to write a monolith...but it happens. With changes over time, and limited resources to refactor, our application can turn into a "legacy monolith" that runs for years, and years, and that we all dread working on! In this session, learn about the AWS Microservice Extractor for .NET and how it can help you identify and extract parts of your application into services. Transforming your monolithic applications into smaller, independent services makes them easier to scale, more efficient to operate, and faster to develop, accelerating time to market for new features. Then go a step further to re-platforming to ASP.NET Core running on Linux, by adding to your tool chain the Porting Assistant for .NET. Come and learn how!
In a world of tech debt, shadow IT, app sprawl, and reliability—the concept of "scale" can quickly spiral into speculative decision making, complete re-writes and delays in delivering customer value. While planning for growth is key for any organization, the methodology around how (and when) to scale an engineering org can be much more opaque. In this session, we'll cover the 4 P's of Pragmatic Scaling - People, Process, Product & Platform, and how to ensure you're maximizing the productivity and efficiency of resources through hyper-growth.
Join Shailesh Kumar, Sr. VP of Engineering, as he shares his customer-centric approach to engineering that helped scale ClickUp's platform from zero to over 800,000 teams in just four years.
Scaling design is not about throwing more designers at the problem. Scaling design effectively is about operationalizing design, aligning closer with the principals of DevOps. How do we enable product teams to successfully deliver useful and useable products to their customers. This is an evolution that they call DesignOps2.0
Nearly everything a product team deals with impacts UX. Traditional development issues like availability and latency have a significant impact the user’s experience. When viewing the problem through this lens; the entire product team is responsible for the user experience and needs to be accountable for it, not just the UX team.
Erica will discuss the philosophy and end to end methods her team has developed around DesignOps2.0 and where they are heading from here.
• Establishing tools and an environment that empowers product teams to deliver useful and useable products
• Gaining a common understanding with product teams around what impacts the user experience and who is responsible.
• Holding engineering and product teams accountable for delivering a good user experience.
As data drives new and evolving IoT opportunities across all segments of the market, the role of the developer becomes increasingly important in being able to utilize existing tools to drive new ways to create Edge AI solutions. However, solving for Edge AI can be a complex design and development process as it requires determining the right selection of sensors, hardware, deep learning frameworks, or deciding how to deploy the unique use case.
By democratizing access to AI and simplifying development, organizations can enable their developers to quickly experiment with different algorithms, processors and optimization techniques or prototype and customize without having to spend weeks obtaining and setting up development boards. In this session, Bill will discuss how organizations can achieve this and empower their developers to build innovative Edge AI solutions – solutions that will improve lives and transform industries.
OPEN TALK: IBM Developer Technology Sandbox and IBM API Hub - Removing Barriers to Exploring Technologies for DevelopersJoin on Hopin
Before taking a car out for a test drive we don’t expect to be given instructions and a box of parts and be told to build it first. Most of us expect to be handed the keys and told “let’s go!“. The same should be true when we are kicking the tires on new tech to build your next application. IBM Developer Sandbox was created with that experience in mind. This session will use micro-solutions built around IBM API Hub services and other products, and made available through our developer sandbox to create a new way to explore technology from IBM and our ecosystem partners.
Topcoder has been helping developers learn, earn and connect for over 20 years. Adam takes a look at crowdsourcing, remote work, and open talent. What was only cutting edge a few years ago is now the new way of working. What other opportunities exist in a talent-short market for developers and companies beyond the conventional full-time role?
In our days, the demand for developers is increasing with more and more companies looking to hire new developers to join their projects. Sometimes this "joining" is painful, and leads to huge costs for companies, as adapting and understanding a project is not an easy thing.
Are companies aware of that cost? What can a developer do for that? Are there any best practices?
We are going to explore some best practices from 2 main aspects: a) Project Management i.e. making a Software more comprehensible and easy to understand during the whole development process and b) From-zero-to-hero i.e. exploring a whole new project relying only on any existing documentation for example on open source projects, or any legacy project (either for maintenance or for incubation)
If you work in an organization that uses open source to develop applications, by now you are probably aware of the recently disclosed vulnerability in log4j, commonly being referred to as the Log4Shell vulnerability.
Virtually every organization that uses Java (Maven/Gradle) uses log4j and has likely been impacted. According to data tracked by Tidelift, log4j-core has over 3,600 dependent packages in the Java language ecosystem and over 20,900 dependent software repositories on public code collaboration platforms.
Tidelift solutions architect Sean Wiley breaks down the current Log4Shell situation and shares tips for remediating the issue—including ways Tidelift can help your organization prepare for the next zero day vulnerability.
Enterprise blockchain is a team sport. The technology serves as shared de facto infrastructure for stakeholders across and between organizations. Community-built DLTs serve as the foundation for decentralizing critical processes and creating transparent operations with trust built in at the core.
Increasingly, enterprises are looking to deploy blockchain platforms in larger systems and more complex solutions. This means integrating with other systems and even other blockchains. The open source development model is now delivering on a new generation of tools and technologies to make deployments simpler, to help networks interoperate and more.
In this talk, David Boswell, Senior Director of Community Architecture at the Hyperledger Foundation, will sit down with Hart Montgomery of Fujitsu and Peter Somogyvari
from Accenture, two long-time leaders in the Hyperledger developer community, to talk about how development happens in the open source community and the latest developments in the current enterprise blockchain ecosystem. Hart and Peter are contributors to Hyperledger Cactus, a blockchain integration tool designed to allow users to securely integrate different blockchains. They are also members of the Hyperledger Technical Steering committee. The discussion will cover:
- Business and technical drivers for expanding blockchain networks into extensible multiparty systems capable of exchanging data in secure, transparent ways across a mix of platforms
- The growing pipeline of technologies for cross chain, off chain and legacy system interoperability
- The value of an open ecosystem in driving innovation and trusted software
- The opportunities to get involved in the community of communities developing and deploying the increasingly diverse technologies in the enterprise blockchain space
Being a high-growth, product-led company in today’s versatile, pandemic-stricken world means you need new organizational structures for rapid innovation so you can meet the demands of the business and still come out on top.
One such trending organization model is the three legged product team owning and driving product strategy, product management and product marketing. Modern SaaS companies must organize product teams in a way that enables continuous value creation and value capture.
When scaling, companies cannot assume the market is in the same state as it was during initial product work. This means companies must continuously adjust product strategies to invest in their next opportunity in shifting markets. Adopting the “three legged” approach to products allows companies to listen to customer needs, innovate new solutions that fit neatly into industry demands, and deliver rich capabilities in a predictable way. This approach is critical to driving continuous improvements in value and, therefore, growth.
The metaverse is many things to many people, however, always involving an interface between people and things in the real world and their simulated counterparts. As experiences move beyond gaming and entertainment, the need to have trust and firm guarantees requires us to reexamine fundamental building blocks of what powers a metaverse experience. At Ably, we focus on connecting people in realtime, allowing them to chat, interact and stream data to an unlimited number of users. What we’ve found is that traditional assumptions of availability and scale don’t hold true when connecting users to the latest trends on social media, or when a whole smart city connects to its digital twin. In this talk I will walk you through how we build for sudden scale events while maintaining a level of service that can be used to drive business decisions.
Non-fungible tokens have taken the world of digital art by storm. The growth in NFTs this year is a staggering 1500%+, and is set to revolutionize art & collectibles. In this session, I present the basics of NFTs, and delve into industries disrupted by NFTs: art, collectibles, gaming. I will discuss how to dip your toes into the NFT world by minting your unique collectible as an NFT on platforms such as OpenSea.
NFTs started off on Ethereum blockchain, but soon, Ethereum ran into scalability issues since it only allowed 10-15 TPS. This sparked a surge in different blockchains designed specifically for NFTs, such as WAX, FLOW, etc. We will discuss about how they open up new types of dApps and marketplaces, such as NBA Top Shots.
Finally, we will touch upon some of the perceived environmental impacts of NFTs for users to make informed decisions about platforms they use for trading.
While modern architectural patterns encourage us to declare services in a scale-agnostic way, the fact remains that our software will always have limits. If we choose to define, document, and enforce reasonable limits based on the problem domain, then our users will benefit in diverse ways. Developers deliver services that are more stable, predictable, and easy to use. The developers will benefit directly as well, because the process of imposing constraints, such as resource quotas or rate limits, gives natural scaffolding for observability.
This talk draws from lessons learned over seven years running petabyte-scale data pipelines and their associated microservices at Foursquare.
The requirements of digital operations for businesses in any industry can stretch resources and cause stress. Keeping on top of your organization’s technical platforms is daunting. It’s easy to miss things when your team is embroiled in an incident, but one thing you can never go short on is communications with your users during an incident. Your Customer Service team is critical to not just communicating with users when things go wrong, but to the incident identification and response process itself. As the team closest to the customer, incorporating customer service teams into the DevOps lifecycle will reduce silos, shorten feedback loops, empower agents and delight your customers.
Full-Case Ownership is a methodology that brings customer service teams in line with development teams, organizational goals, and ultimately the final customer experience. In this talk, you will learn the importance of full-case ownership and customer service ops, and how to help your customer service and dev teams establish strong practices of collaboration as one team in service of your customers.
Context is a crucial component of moving from Monitoring to Observability. Attaching rich context to application tracing allows us to answer fundamental questions required for true Observability, like "What changed?" In this talk, we'll discuss what context is, how it's applied, what problems it solves, and what challenges it presents.
What does the ongoing backlog prioritization looks like for platform business model that has users on demand and supply side for example divers and riders on Uber, home owners and renters on Air BnB, etc. This is most tricky and challenging part in platform product management lifecycle. I have touched upon this topic in my book Effective platform product management. I will cover the prioritization techniques, challenges that product managers face and mistakes to avoid while feature prioritization of platform business models.
Embedding security into DevOps practices is critical for enterprises making the transition into Secure DevOps. The Secure DevOps evolution is enabling continuous security which is achieved by shifting left to the development team. Market leading application security tool HCL AppScan makes is simple for developers to scan in every stage of the process with DAST SAST IAST capabilities.
Learn how with market leading tools and the right approach, you can build applications securely, without compromising speed.
The Shift Left paradigm is broken. If companies start moving their controls to the left, they miss out on their actual security posture in production. If they deploy tools in the CI/CD in addition to the tools running in production, it creates complexity and inefficiency as they get different results from different tools and struggle with duplicate exception flows and lack of visibility across. A new approach is required!
In this talk, Ami will review Log4shell and other recent real world incidents, analyze where legacy approaches fail and present a new paradigm to cloud security: “look to the right and shift to the left.” Companies deploy a single policy across the stack, with central visibility across the process, creating a new and efficient way for security teams to work with dev teams.
Software testing requires development skills in terms of automation and CI/CD. Social skills as well. There are though responsibilities like release management. It looks like we have to be supermen holding all these qualifications. But we are human beings. It is okay to make mistakes. It is okay not to be okay.
When I refresh my memory and consider my whole testing life, I again realize that life is full of lessons. Whenever I think about this, I come up with a saying by John W. Gardner: “Life is the art of drawing without an eraser.” We are all making mistakes and it is not possible to manage each single piece of processes perfectly. Still; what we can remember is, with additional brush strokes, those mistakes can evolve into nice colors inside the big picture. Besides, in the next run, we may take precautions against possible mistakes.
In short, after the quick review of my career, I decided that I can collect the required soft skills for a tester. Of course, I do not claim to be the super person who carries all those, but at least they are the ones which I realized to be the most prominent from my experiences.
What I will talk about is:
• What I learnt from my very early testing time: As a junior tester, what I faced? Which ways to act I learnt from those experiences.
• What I learnt from switching projects/products frequently.
• How did I survive in different environments?
• What other aspects did I experience after I was a team leader?
• What were the difficulties stemming from working in global studies?
Sometimes testing is underestimated and the responsibility is not understood well. To be able to survive in the next generation testing positions, we as testers have to hold both technical and social skills.
In this talk, I collected 25 soft skills that I decided a tester should have from my personal story. But I am pretty sure all testers face these situations. The presentation aims to wrap several skills from different perspectives like communication, agility, problem solving, efficiency and others.
In this presentation and demonstration, attendees will learn about:
- Kubeflow 1.5 features and use cases
- How Kubeflow streamlines ML workflows and simplifies operations
- Why market leaders are building their ML Platform on Kubeflow
- Kubeflow Community User Survey results and benchmarking your ML Platform KPIs
- How to get involved in the Kubeflow Community
The demonstration will provide a brief review of valuable ML workflows i.e. the automated process to build a Kubeflow pipeline (directly from a Jupyter notebook) that will train and tune an ML model. It will also show how to deploy that model in an inference server and monitor it.
Talent is becoming the biggest barrier to growth for tech companies, seeing an attrition rate 3x higher than before the pandemic.In this talk, we will address the challenges and how Turing was able to build an AI-powered platform that has attracted 1M+ engineers across the globe.
The past few years have seen the appearance of different software companies promising to augment the developer through Artificial Intelligence. Within these, many have specialised on testing problems, and in particular on test generation.
In this presentation we will tell the story of AI-generated testing, and the technologies behind it. We will look at today’s main players in the industry - within different categories of testing, talk about the limitations of this technology and of its practical use cases, and explore the opportunities for the next few years.