Wednesday, November 17, 2021
In April 2021 we were facing a challenge. Due to the nature of our product we had to develop in a multi-framework approach. However, reality forced us to think differently. We soon realized it was unscalable, inefficient, silly even, really! The challenge was that our application is embedded within our customers’ application, which they can build on top of any framework. Beyond that, we had to expose our components’ state and to receive state from the hosting application.
At the end of the day, we had to adopt an approach that would support both our product technical requirements, while optimizing our frontend development process.
In this session we will go deeply into real life examples of how Frontegg used micro frontend strategies (to name a few…) to overcome those challenges, and how it made a significant impact over our frontend development, architecture, CI/CD, and overall processes.
To truly scale application security testing, developers need to maintain their role in the security process beyond SCA and SAST, continuing the automation you are already achieving and rely less on manual testing.
Traditional DAST scanners are a blocker to this automation. They are hard to use, impossible to integrate, not developer friendly and produce too many false positives. This results in crippling human bottlenecks that stifle CI/CD, whether it's the need for security to constantly tweak scanners or the drain of manually validating vulnerabilities.
Either way, technical and security debt is compounded, resulting in insecure product hitting production. Change is needed, and fast.
In this session with you will discover:
1. Key features that your dev-first DAST needs to enable developers to take ownership of security
2. How you can detect, prioritise and remediate security issues early, automated in the pipeline
3. Insights into reducing the noise of false alerts to remove your manual bottlenecks to shift left
4. Steps you can take to achieve security testing automation as part of your CI/CD, to test your applications and APIs.
Cassandra is an incredibly powerful, scalable and distributed open source database system. Companies with extremely high traffic use it to provide their users with consistent uptime, blazing speed, and a solid framework. However, many developers find Cassandra to be challenging because the configuration can be complex and learning a new query language (CQL) is something they just don't have time to do.
Stargate is an Open Source project which sits on top of Cassandra and provides HTTP interfaces to your data - it provides a REST API, a GraphQL API, and a document-oriented Schemaless API.
You can install it on top of your own Cassandra instance and participate in the community. During this presentation we will demo, detail purpose, capabilities and internals of the tool. We also give a working sample as a docker-ready configuration file.
Artificial intelligence, machine learning, and deep learning are intertwined capabilities that attempt to solve problems that defy traditional computational solutions — problems include fraud detection, voice recognition, and search result recommendations. While they defy simple computation, they are computationally expensive, involving computation of perhaps millions of probabilities and weights. While these computations can be done outside of the database, there are specific advantages of doing machine learning inside the database, close to where the data is stored. This presentation explains how to do machine learning inside the Postgres database.
OPEN TALK: Do Not Download Your PDF: A Story of Digital Document Usability and Security in Your Application
The usage of digital documents within an app affects basically every industry and use-case and now more than ever. Have you ever looked into incorporating documents into your app? There’s a lot to consider. And what about digital security? When it comes to thinking about the document lifecycle within an app, there are several things to think about:
- The in-app experience when working with multiple documents
- Integrating a viewer inside of the app beyond any built-in viewers
- Providing consistent behaviour across multiple browsers
- Providing customized UI for annotating PDFs, images, MS Office documents and videos
- Improving your search across multiple documents beyond just title and metadata
This talk is unique because 99% of developer productivity tools and hacks are about coding faster, better, smarter. And yet the vast majority of our time is spent doing all of this other stuff. After I started focusing on optimizing the 10 hours I spend every day on non-coding tasks, I found I my productivity went up and my frustration at annoying stuff went way down.
I cover how to save time by reducing cognitive load and by cutting menial, non-coding tasks that we have to perform 10-50 times every day.
-Bug or hotfix comes through and you want to start working on it right away so you create a branch and start fixing. What you don’t do is create a Jira ticket but then later your boss/PM/CSM yells at your due to lack of visibility. I share how I automated ticket creation in Slack by correlating Github to Jira.
-You have 20 minutes until your next meeting and you open a pull request and start a review. But you get pulled away half way through and when you come back the next day you forgot everything and have to start over. Huge waste of time. I share an ML job I wrote that tells me how long the review will take so I can pick PRs that fit the amount of time I have.
-You build. You ship it. You own it. Great. But after I merge my code I never know where it actually is. Did the CI job fail? Is it release under feature flag? Did it just go GA to everyone? I share a bot I wrote that personally tells me where my code is in the pipeline after it leaves my hands so I can actually take full ownership without spending tons of time figuring out what code is in what release.
The Agile Metrics are important to track the health of your projects. They help in tracking the project progress. There are other advanced metrics equally important, like Customer Satisfaction, Employee Satisfaction, and Innovation. Tracking these statistics many times is not easy and straightforward.
Did you ever think of applying AI (Artificial Intelligence) to measure these and come up with actionable evidence? The AI-powered with NLP (Natural language Processing) and statistical models not just help in getting a good project insight, it can also help in course corrections, and increase the rate of project success. It can help companies to understand their core strengths, weaknesses, and how to position themselves in the market.
Rohit will talk and demonstrate how you can digitally transform your Agile Program Management with AI and NLP. How it enables organizations to take proactive measures that not only make projects successful but also help companies stay competitive and thrive in the market.
Explore the relationship between customer satisfaction and handling app hangs, errors and crashes.
In this session, we'll explain how Backtrace’s next generation crash reporting can ensure top-app rankings through advanced monitoring and how to integrate Backtrace in your existing Android and iOS apps.
- How to manage app errors, hangs and crashes - and why
- Understand the unique challenges for mobile app monitoring and reporting
- Learn how Backtrace simplifies mobile crash management
There are many ways to tell when your application breaks. But figuring out what caused it to break is slow and tedious as engineers hunt through logs and dashboards, piecing together the details of what happened.
Fortunately, unsupervised machine learning can speed-up the process. It works by automatically finding the log events and metrics that describe the root cause, and it uses GPT-3 to provide a plain language summary of the problem.
Team diversity refers to differences between members of startup team. Those differences can include demographic differences (like age, race, sex, ethnicity), personality (extrovert, introvert, and differing Myers-Briggs types) and functional (as in skill sets, like engineering, design, copywriting, and marketing). How does team diversity impact your customers' experience from the moment they learn about you through their journey with you? You will attract and relate to customers how look like you. They will understand your messaging and you will understand their needs. If you don't represent the right dimensions of diversity, you are leaving an amazing experience behind.
If you're on a quest to significantly improve your diversity, equity, and inclusion efforts at your organization, this talk is for you! We'll specifically focus on how to ensure your interview process is equitable by looking at specific parts of the interview process. You'll leave the session with actionable takeaways to implement at your organization. Building an equitable interview process can be time consuming and challenging, but it paves the way for your organization to make strides towards a truly diverse, inclusive, and equitable workplace.
Thursday, November 18, 2021
Serverless development introduces a new methodology of how to build real “cloud native” applications or workloads. In monolithic and microservices architectures, it is simple to develop locally and then push the code to the CI/CD pipeline to be integrated and tested with the work of others. It is relatively simple to write and run an integration test as well and use a staging environment like the "real" environment. In some teams, developers are doing all these tasks, but in many, there are dedicated DevOps and QA engineers to continue the process after the developer checks in his code. Practicing serverless, the developer carries the entire responsibility to do all of the above. In this talk, we’ll share the process and tools we used for CI/CD to our serverless based application at Lumigo.- Dev Environment- Testing Methodology - Deployment Pipeline, combining Bash, AWS CLI, and Serverless - - Framework to create a seamless CI/CD pipeline. - Monitoring Let's discuss good serverless practices.
The IT world has evolved from the stateless 12-factor simple “Hello World!” app on Kubernetes to refactor more complex data-driven apps and incorporate newer paradigms such as microservices, service mesh, etc. However, Dev, DevOps and Ops of these distributed teams and systems are still an ongoing major challenge.
How are teams and technologies evolving to deal with this myriad of challenges and what steps are they taking to mitigate some of the issues? In this session we will start with identifying these challenges and how to solve them with a comprehensive practical example based around open sourced k8ssandra.io which relies on the cass-operator and is evolving to provide multi data center support.
After attending this session, attendees (Devs, Devops and Ops audience alike) will get a holistic perspective of the day-to-day challenges of the cloud-native approach -- gain a better understanding of data durability, routine backups and restore, observability, HA and DR. Dissecting the example with a step-by-step approach, will enable attendees to walk away with practical tips for a robust architecture and how to operationalize it.
Troubleshoot.sh is a tiny kubectl plugin that is capable of big things, including but not limited to drastically reducing the amount of time needed between problem & solution. Join our workshop to see troubleshoot.sh in action in a live demo, plus the opportunity to learn how to customize troubleshoot components to fit your needs.
Artificial Intelligence and Machine Learning are gradually making in-roads on every aspect of business and technology, so it’s no surprise that it appears in the DevOps tool chain, but what does it really do? This session discusses the state-of-the-art of applied AI technologies, and provides detailed examples of practical use-cases, including Machine Learning, Natural Language Processing and Neural Networks.