Wednesday, November 17, 2021
In April 2021 we were facing a challenge. Due to the nature of our product we had to develop in a multi-framework approach. However, reality forced us to think differently. We soon realized it was unscalable, inefficient, silly even, really! The challenge was that our application is embedded within our customers’ application, which they can build on top of any framework. Beyond that, we had to expose our components’ state and to receive state from the hosting application.
At the end of the day, we had to adopt an approach that would support both our product technical requirements, while optimizing our frontend development process.
In this session we will go deeply into real life examples of how Frontegg used micro frontend strategies (to name a few…) to overcome those challenges, and how it made a significant impact over our frontend development, architecture, CI/CD, and overall processes.
To truly scale application security testing, developers need to maintain their role in the security process beyond SCA and SAST, continuing the automation you are already achieving and rely less on manual testing.
Traditional DAST scanners are a blocker to this automation. They are hard to use, impossible to integrate, not developer friendly and produce too many false positives. This results in crippling human bottlenecks that stifle CI/CD, whether it's the need for security to constantly tweak scanners or the drain of manually validating vulnerabilities.
Either way, technical and security debt is compounded, resulting in insecure product hitting production. Change is needed, and fast.
In this session with you will discover:
1. Key features that your dev-first DAST needs to enable developers to take ownership of security
2. How you can detect, prioritise and remediate security issues early, automated in the pipeline
3. Insights into reducing the noise of false alerts to remove your manual bottlenecks to shift left
4. Steps you can take to achieve security testing automation as part of your CI/CD, to test your applications and APIs.
Cassandra is an incredibly powerful, scalable and distributed open source database system. Companies with extremely high traffic use it to provide their users with consistent uptime, blazing speed, and a solid framework. However, many developers find Cassandra to be challenging because the configuration can be complex and learning a new query language (CQL) is something they just don't have time to do.
Stargate is an Open Source project which sits on top of Cassandra and provides HTTP interfaces to your data - it provides a REST API, a GraphQL API, and a document-oriented Schemaless API.
You can install it on top of your own Cassandra instance and participate in the community. During this presentation we will demo, detail purpose, capabilities and internals of the tool. We also give a working sample as a docker-ready configuration file.
Artificial intelligence, machine learning, and deep learning are intertwined capabilities that attempt to solve problems that defy traditional computational solutions — problems include fraud detection, voice recognition, and search result recommendations. While they defy simple computation, they are computationally expensive, involving computation of perhaps millions of probabilities and weights. While these computations can be done outside of the database, there are specific advantages of doing machine learning inside the database, close to where the data is stored. This presentation explains how to do machine learning inside the Postgres database.
OPEN TALK: Do Not Download Your PDF: A Story of Digital Document Usability and Security in Your ApplicationJoin on Hopin
The usage of digital documents within an app affects basically every industry and use-case and now more than ever. Have you ever looked into incorporating documents into your app? There’s a lot to consider. And what about digital security? When it comes to thinking about the document lifecycle within an app, there are several things to think about:
- The in-app experience when working with multiple documents
- Integrating a viewer inside of the app beyond any built-in viewers
- Providing consistent behaviour across multiple browsers
- Providing customized UI for annotating PDFs, images, MS Office documents and videos
- Improving your search across multiple documents beyond just title and metadata
This talk is unique because 99% of developer productivity tools and hacks are about coding faster, better, smarter. And yet the vast majority of our time is spent doing all of this other stuff. After I started focusing on optimizing the 10 hours I spend every day on non-coding tasks, I found I my productivity went up and my frustration at annoying stuff went way down.
I cover how to save time by reducing cognitive load and by cutting menial, non-coding tasks that we have to perform 10-50 times every day.
-Bug or hotfix comes through and you want to start working on it right away so you create a branch and start fixing. What you don’t do is create a Jira ticket but then later your boss/PM/CSM yells at your due to lack of visibility. I share how I automated ticket creation in Slack by correlating Github to Jira.
-You have 20 minutes until your next meeting and you open a pull request and start a review. But you get pulled away half way through and when you come back the next day you forgot everything and have to start over. Huge waste of time. I share an ML job I wrote that tells me how long the review will take so I can pick PRs that fit the amount of time I have.
-You build. You ship it. You own it. Great. But after I merge my code I never know where it actually is. Did the CI job fail? Is it release under feature flag? Did it just go GA to everyone? I share a bot I wrote that personally tells me where my code is in the pipeline after it leaves my hands so I can actually take full ownership without spending tons of time figuring out what code is in what release.
The Agile Metrics are important to track the health of your projects. They help in tracking the project progress. There are other advanced metrics equally important, like Customer Satisfaction, Employee Satisfaction, and Innovation. Tracking these statistics many times is not easy and straightforward.
Did you ever think of applying AI (Artificial Intelligence) to measure these and come up with actionable evidence? The AI-powered with NLP (Natural language Processing) and statistical models not just help in getting a good project insight, it can also help in course corrections, and increase the rate of project success. It can help companies to understand their core strengths, weaknesses, and how to position themselves in the market.
Rohit will talk and demonstrate how you can digitally transform your Agile Program Management with AI and NLP. How it enables organizations to take proactive measures that not only make projects successful but also help companies stay competitive and thrive in the market.
Explore the relationship between customer satisfaction and handling app hangs, errors and crashes.
In this session, we'll explain how Backtrace’s next generation crash reporting can ensure top-app rankings through advanced monitoring and how to integrate Backtrace in your existing Android and iOS apps.
- How to manage app errors, hangs and crashes - and why
- Understand the unique challenges for mobile app monitoring and reporting
- Learn how Backtrace simplifies mobile crash management
Introducing Continuous Design/Continuous Integration Agile processes have become mature contributors to the evolution of developer operations for the build to deploy stage, but what about design? After all, creating the user interface typically takes up to 60% of the total development time, easily representing the most attractive opportunity since Agile itself to redefine how apps are built. Not only is it an enormous expense, but mistakes between designers & developers can impact an app well after launch. Since design is now largely digitized it seems like a no-brainer to build automated conversion tools that integrate designer/developer workflow into what we could call “Continuous Design/Continuous Integration”. So where are they? In this talk, Parabeac CEO Ivan Huerta describes the reasons why it is much harder than you might expect, and what CD/CI would need to look like to be truly functional. Ivan outlines the major challenges that have kept CD/CI from coming to fruition and the new pathways within which CD/CI tools could now be on the near horizon. He predicts how the CD/CI market may present itself over time, and what the substantial and surprising long-term impact might be. Agile gave adaptive energy to the build and deploy stages of app development. CD/CI simply extends that backward to include the design stage as well. But when CD/CI platforms become an integral part of automating developer workflows, the reduction in development costs may only be a small part of the story compared to CD/CI’s impact on the transformation of traditional developer roles. Ivan closes his talk with a discussion of the potential implications of that transformation. A more detailed outline of the talk is available on request.
Looking into the trade-offs a lot of teams make to move into containers and Kubernetes and how they should plan to address those that keep them from the velocity they are seeking... and make sure they do so securely.
Thursday, November 18, 2021
The IT world has evolved from the stateless 12-factor simple “Hello World!” app on Kubernetes to refactor more complex data-driven apps and incorporate newer paradigms such as microservices, service mesh, etc. However, Dev, DevOps and Ops of these distributed teams and systems are still an ongoing major challenge.
How are teams and technologies evolving to deal with this myriad of challenges and what steps are they taking to mitigate some of the issues? In this session we will start with identifying these challenges and how to solve them with a comprehensive practical example based around open sourced k8ssandra.io which relies on the cass-operator and is evolving to provide multi data center support.
After attending this session, attendees (Devs, Devops and Ops audience alike) will get a holistic perspective of the day-to-day challenges of the cloud-native approach -- gain a better understanding of data durability, routine backups and restore, observability, HA and DR. Dissecting the example with a step-by-step approach, will enable attendees to walk away with practical tips for a robust architecture and how to operationalize it.
Over the past decade, graph databases have become an indispensable asset in dealing with networked and non-relational data. However, as the amount of data ingested into graph databases has exploded, performance has become a key criterion when determining which one to use. In addition, it is critical for organizations to understand the type of use cases in which graph databases can add business value relative to more traditional SQL or other types of NoSQL databases. During the workshop, we will dig into the fundamentals of Labeled Property Graphs and highlight use cases, ranging from fraud detection, money laundering, and complex manufacturing to real-time analytics for Customer 360. We will show where graph databases are not simply an option but perhaps the only choice available. Lastly, we will explore how to use Python to interact with the graph databases to extract features to be used in ML models. This hands-on workshop will cover: - Graph Fundamentals - Graph Use-Cases - Introduction to TigerGraph Cloud - Integrating Python with TigerGraph Cloud - Feature Generation for Supervised Machine Learning
Nobody complains that the database is too fast. But when things slow down they do complain. The two most popular ways of speeding up queries in a relational database are indexes and histograms, This talks covers when to use one over the other, how to properly construct an index, where histograms fail, and much more.
Artificial Intelligence and Machine Learning are gradually making in-roads on every aspect of business and technology, so it’s no surprise that it appears in the DevOps tool chain, but what does it really do? This session discusses the state-of-the-art of applied AI technologies, and provides detailed examples of practical use-cases, including Machine Learning, Natural Language Processing and Neural Networks.
In 2019, Zhamak Dehghani published a thought-provoking article highlighting common failure modes of centralized data architectures and advocated instead for a decentralized, domain-oriented approach in which data is managed as a product. This paradigm is described as a Data Mesh and it builds upon prior architectural concepts such as microservices, domain bounded contexts and elastic platform infrastructure solutions that unlock scalability. In this talk, we will discuss how Data Mesh can be applied by organizations that are looking to expand their product offerings, perhaps even through growth strategies that include mergers and acquisitions. If you are struggling to derive value from your organization’s data due to overly complex and coupled ETL pipelines or monolithic big data stores, Data Mesh will likely be a refreshing new take that intuitively resonates with teams who need agility in managing, serving and composing novel insights from their product offerings. Additionally, if you are leading development teams, Data Mesh can provide the missing blueprint that allows you to escape an org chart in which data engineers are siloed from the subject matters experts who can best articulate how your organization’s data can be utilized to great effect.