DeveloperWeek Enterprise 2021 DeveloperWeek Enterprise 2021

Workshop Stage 1

Join on Hopin

Tuesday, December 7, 2021

- PST
Stay Ahead of the Game: Automate Your Threat Hunting Workflows
Christopher Van Der Made
Christopher Van Der Made
Cisco, Security Developer Advocate

It is very important nowadays to stay up to date with all of the cyber threats that are posing all over the world. It is widely known that there are not enough resources to be found to fill up every Security Operation Center (i.e. SOC). Therefore, many organizations struggle with coping with the massive amount of new type of attacks and generated alerts from their tooling.During this session, you will learn how to hunt (and automate your hunt) for active cyber threats in your environment and contain them using integrated connections to network, endpoint, and cloud products. This session is targeted at SOC management, cyber security engineers, threat hunters, and analysts. It will touch on threat detection, investigation and response. All the code will be made available after the session.

- PST
OPEN TALK: Product Manager’s Extra Credit Guide to Building an A++ Enterprise API
Kyle Fowler
Kyle Fowler
Foursquare, Director of the Developer and Consumer Experience

Building an exceptional enterprise API is no easy feat. Earlier this year, Foursquare launched the new Places Enterprise API, built from the foundation of our renowned Developer API. In this session, we'll take you through every step of the process to create a delivery method that can meet enterprise standards and upgrade the developer experience - from understanding your customer's UX criteria and auditing the performance and security of your API infrastructure, to best SLA practices and everything in between.

- PST
App Modernization
Yamini Lakshmipathy
Yamini Lakshmipathy
Fourkites, Engineering Manager

A detailed talk on how to approach app modernization covering the following --

how to move web apps running on plain virtual machines to a containerized setup and how to orchestrate those with a managed kubernetes service
how to scale these out?
Why IaC (Infrastructure as code) is important and a sample show casing resource spin off.
How to continously integrate and deliver these applications?
And finally touch base a little bit on security aspects

- PST
5 Tips for Navigating API Security Noise
Lebin Cheng
Lebin Cheng
Imperva, Head of API Security, Office of the CTO

APIs are the data fabrics connecting modern applications. While it is a powerful tool for Dev and DevOps, it has also become a new attack surface for bad actors to gain access to sensitive data. Many existing API security solutions today are so inflexible and rule driven that they risk slowing down the development process. Lebin Cheng, Imperva’s Head of API Security, will help you navigate through the API Security noise with insights on:DevSecOps does not mean Dev and Sec need to slow each other down. How automated SecOps can speed up Dev and DevOps? What is the right DevSecOps approach to implement API Security?First hand insight into how a DigitalFirst organization took the first steps towards DevSecOps API Security, and how you can too?Other DevSecOps best practices.

- PST
OPEN TALK: Infrastructure as Code for Cloud Security
Josh Stella
Josh Stella
Fugue, Co-Founder, CEO and CTO

Cloud engineers need tools that help them check that the infrastructure as code templates they’re developing adhere with all applicable industry compliance standards and custom security policies. And the organization needs to ensure their developers are using those tools, and that they’re using the correct policies.In this session, Josh Stella will talk about how to establish effective, efficient, and consistent IaC security, which is critical to preventing cloud misconfiguration vulnerabilities from reaching the runtime without slowing teams down. But if teams are using a completely different system and set of policies for checking the runtime for security and compliance, things start to fall apart.  He will review: -How to prevent Critical vulnerabilities from slipping through the cracks -How to use policies to govern your cloud environment -Suggestions on how to prioritize and remediate issues

- PST
Service Mesh Is for SREs
Tobias Kunze
Tobias Kunze
Glasnostic, Co-founder & CEO

Cloud is complex. We are running ever more services in ever more places with ever more dependencies. As a result, we see deployments stir up failures and breaches go undetected. Service meshes help manage the explosion in east-west traffic but running a complex environment is not a matter of better routing or tracing requests. It must be controlled at runtime.This talk recounts the learnings from running a service mesh for reliability and security engineers at a large managed-services provider.

- PST
Simplify Microservices Using a Unified ‘Service’ Catalog
Tracy Ragan
Tracy Ragan
DeployHub, CEO

Microservices are complex, but don't need to be. Simplifying a microservice architecture is all about knowing who wrote them, who is using them and where they are running across all clusters. This is the purpose of a microservice catalog where microservice developers and application teams can share and collaborate around microservices, and provide support teams the information they need to respond to an incident quickly. In this presentation, Tracy Ragan, CEO of DeployHub and Ortelius Community Director will introduce the concepts of a microservice catalog along with the Continuous Delivery Foundation's Ortelius Open Source project focused on delivering a unified solution for all to use, automated via the CD Pipeline.

- PST
Protect Your Data Rich Kubernetes Applications
Gunna Marripudi
Gunna Marripudi
NetApp, Senior Director, Product Management

Kubernetes is hard. Running your data rich applications on Kubernetes platform does not make it any easier. One of the key challenges with cloud native applications is data management.

Join this session to learn:

1. Common challenges with provisioning and protecting data used in Kubernetes applications
2. How to define application 'state' in holistic terms
3. How to seamlessly provision and protect data to Kubernetes applications

- PST
2 Node APIs and a Frontend
Chris Sev
Chris Sev
DigitalOcean, Sr Developer Advocate

Microservices architecture is prevalent in web development. Let's take a look at building a JavaScript application that consists of 2 Node APIs and a React frontend.

Wednesday, December 8, 2021

- PST
Demystifying Event-Driven Architectures with Apache Kafka
Bogdan Sucaciu
Bogdan Sucaciu
Tech Lead | Author

Event-Driven Architectures (EDA ) are perceived as mythical objects that instantly transform your systems into "real-time" ones! BUT, come to think of it, aren't they already "real-time"? I mean, adding an item to the cart is pretty much instant in ( most ) webshops. In fact, EDA solves an entirely different set of problems and with the help of Apache Kafka, we will walk through the (re)evolution path.  Microservices are easy to get started with, but once we do, we keep stumbling across the same issues: data access, consistency, and failures ( sounds familiar? ).The solution? Patterns, patterns, patterns … You’ve probably heard about terms such as “Event Notification”, “Event-carried State Transfer”, or even “Event Sourcing”, but how can they be used to solve our problems? And more importantly, how can we use Apache Kafka to take advantage of these patterns I guess we will find out soon!

- PST
OPEN TALK: 5 Things to Help Your Team Succeed at Kubernetes
Rachel Sweeney
Rachel Sweeney
Fairwinds, Product Advocate SRE

As you adopt cloud native technologies and Kubernetes, you will face a myriad of technology, process, policy and people decisions. What tools and patterns are needed to be successful? How can you ensure Kubernetes is a success across your DevOps team and organization?Rachel Sweeney, Product Advocate SRE at Fairwinds, discusses why Kubernetes plays an important role in your DevOps experience and the 5 things to help your team succeed at Kubernetes. Learn a few critical steps to achieving your Kubernetes Maturity around technology, security, visibility and consistency.

- PST
No More Conflicts - Jamstack That Works for Developers & Business Users With Gatsby.js
Arisa Fukuzaki
Arisa Fukuzaki
Storyblok, Developer Relations Engineer

Experience a combination of a blazing-fast React-based framework (Gatsby) and the headless CMS (Storyblok) that works for developers & business users.You'll learn how to develop & deploy a blazing fast blog using the real-time visual editor & component-based approach which makes content editing easier. All in less than 30 minutes! I promise you - your marketers & content editors will love it and you will finally develop without any restrictions or hidden traps. Long live Jamstack!

- PST
Self-Programming Artificial Intelligence
Kory Becker
Kory Becker
Bloomberg, Software Engineer

Is it possible for a computer program to write its own programs? While this kind of idea could seem far-fetched, it may actually be closer than we think. This presentation introduces “AI Programmer”, a machine learning system, which can automatically generate full software programs requiring only minimal human guidance. The system uses genetic algorithms coupled with a tightly constrained programming language. We’ll cover an overview of the system design and see examples of its software-generation capabilities.

- PST
Text Mining: A Deep Dive on Applications and Solutions
Anuj Saini
Anuj Saini
Publicis Sapient, Manager Data Science

An introduction to Natural language processing. Current developments and solutions available along with best practices in Industry. With a practical application demo on NLP