WorldFestival 2022
Wednesday, August 3, 2022
Unravelling Cloud Security Posture Management for Public Cloud
This session will aim to introduce the audience to the basics of cloud security and the security model for Public clouds. Further, the emphasis will be mostly on Cloud Security Posture management, introduction and overview of cloud native CSPM services (like AWS Security Hub, Azure Defender ) and a short demo on how these services help automate best practice checks, aggregates alerts, and support automated remediation.
Rebuilding Security Culture with Security Champions: Our experience at IBM, Red Hat & NatWest Group
A Security Champions program is key to a modern cybersecurity strategy. Learn how to start your own.
Known vulnerabilities are a fact of life, especially with open source software. Cyber Security Intelligence tracked over 18,000 CVEs and at least 66 Zero-Day Vulnerabilities in 2021. According to the Sonatype 2020 DevSecOps Community Survey, 24% of organizations surveyed revealed a breach within one of their web applications in the prior 12 months. The average cost of a data breach was $4.24 million, according to the IBM 2021 Cost of a Data Breach Report.
The only way to keep up with the fast pace and demands of cybersecurity today is to scale up the security expertise of your technical workforce. This talk explains why setting up a Security Champions program is such an important part of an overall security strategy. Then it goes into detail on how to get your own Security Champions program running, the realistic costs of such a program, and what benefits you can expect from it. We’ll talk about grassroots programs at three companies: IBM, Red Hat, and NatWest Group.
A Security Champions program is repeatable, cost effective, and can be applied to a broad range of industries. Attendees will come away with a step by step approach that can improve cybersecurity practices at their own companies.
KISS - Building a Consistent Developer Experience
Simplicity certainly has its virtues. The KISS Principle [keep it super simple] favors simplicity over complexity in system design and operation. As software engineers are vanguarding into innovation work to deliver features, from the outside they might seem like they thrive on complexity constantly solving unknowns. Though there is a long road between the idea and production. Even when developers are on and off-boarded to different teams, mileage might vary in the same organization due to very different paths to production.
Cognitive load and context switching can really slow feature velocity down. Also having overly complex routes to production puts a damper on Developer Experience [DX]. With what seems like a bulk share of the technology verticals shifting left since they can be provided as code/configuration e.g YAML, expertise can be lost without a proper platform engineering domain. A major goal of platform engineering is to keep the experience similar across teams.
Learn in this session about keeping goals to KISS and how that can be achieved to even create a “consistent one-line developer experience” [they say the easy button is hard to create]. Reducing toil and complexity can lower the bar of entry for software engineers to focus more on innovation. As technologies and ecosystems change, providing a consistent experience is key. Supporting faster iteration allows organizations to consume new technology and build internal expertise quicker and provide a quicker time to value.
Demystifying Git - Version Control From First Principles
Git is the defacto standard version control system in use today. Every developer learns the basics of add, commit, branch, merge, pull, and push, and that is about all they learn about Git.
However, if you ask how Git actually works under the covers, most people will tell you they don't really know. Worse yet, when most developers see Git output messages like "detached HEAD state" or "CONFLICT (content): Merge conflict", they get a stress-induced panic.
This session will peel back the shroud of mystery that envelops Git, showing that there is nothing overly complex or terrifying about the inner workings of the world's most popular version control system. This talk is for everyone, from the complete Git novice to folks who have been pushing code for years but maybe have never stopped to look at how Git does its thing.
KEYNOTE: Iterate.ai -- Don’t Let Outdated Low-Code Fallacies Stall App Dev Progres
Developers who still thumb their nose at low-code application development probably harbor a number of misconceptions that are quickly becoming outdated. False notions that low-code “is only for non-professionals or ‘citizen developers’,” “is just for prototyping,” or “can’t handle enterprise-grade scalability, performance and security needs” only postpone developers from realizing its actual potential. In truth, low-code done right can multiply efficiency and put advanced emerging technological capabilities within any developer’s grasp.
The key advantage of low-code? API connectivity. The best low-code strategy will give developers a drag-and-drop UI for assembling Lego-like code blocks into complete applications. Get humming and you can make initial application development and iterative improvements 10x faster (at a minimum) than hardcoding. Low-code also automates away the block-and-tackle busywork of application development (read: a more enjoyable developer experience), while making access to emerging capabilities like AI/ML, big data, IoT, voice and messaging, blockchain, and APIs as simple as dragging an icon across a screen.
This Dev Innovation Summit talk will dig into the latest ideas and best practices that developers should know about low-code as they overcome still-common misconceptions, and as they vet potential paths forward for production use cases.
From Idea to Product in an Hour
This is a live coding talk on building a solution for a real-world problem. In this 20 min of talk, let's challenge ourselves to build a (simplified) ToDo application that is accessible to the entire world! To build this we will use Serverless Backend with (API Gateway, DynamoDB) and Vue.js (with Nuxt.js) for the frontend. Finally, we will use Amplify for deploying the application.
Why You Need Your ITOps to Be Engineering Led in Multicloud World
While infrastructure has evolved from on-prem to cloud, application architectures have evolved from client-server to Cloud-native and development practices have evolved from Waterfall to Lean Agile/ DevOps, operations is still siloed and stuck in the past at many organizations. In this session we will explore how to build an integrated approach to cloud workload management that is built on Site Reliability Engineering principles and a product-oriented approach to run operations. If you are already on Cloud or thinking to migrate to cloud, join us to hear how you should be thinking about designing for reliability, cost and performance while you run cloud workloads to optimize.
The Developer Productivity Manifesto
With the explosion of various developer tools and services in recent years, it's tempting to think that we've entered a golden age for software development productivity. However, contrary to popular belief, developer productivity is in fact declining, and this phenomenon risks bringing modern software development to a grinding halt in many organizations. In this talk, Nnamdi Iregbulem reveals a framework for thinking about developer productivity and charts a path toward reversing this dire trend.
What Transforms a Developer into a High Performance Developer?
This session highlights salient learnings from speaker’s long experience of managing software engineers and managers. The session covers various software engineering habits and attitudes that can propel any software developer into a high performance state. Various elements of engineering practices about operational excellence, innovation, product-thinking, and technical leadership are discussed with examples.
Data Science for Observability
There are immutable laws and rules for many things, from nature to physics to karma. Observability, with its innate complexity, also has its own immutable rules, which transform elastic and ephemeral rote reactions to a clear and concise approach and understanding of your environment.
Join us to learn the rules you should understand with your approach to observability, including:
The impact of open and flexible data ingest and instrumentation
The impact of data retention and aggregation on blind spot analysis
The impact of data accuracy and precision on observability
The innate drive for seamless workflow integration, from alerts to resolution
Why drift and skew could lead to erroneous conclusions
KEYNOTE: Passport -- AI for Intracity Mobility
As cities and towns across the country continue to grow, traffic, congestion, and the lack of parking are becoming more common. Although improving infrastructure, investing in roads, and adopting common sense policies can help alleviate the problem—in our day and age, technology can be a crucial tool in our efforts to address these challenges. How can machine learning facilitate commutes across the country while making our country’s roads more efficient? In the same breath, how can we help local municipalities tackle the challenges of outdated infrastructure and modus operandi? By using various data sets—from weather, traffic, and parking—machine learning is a crucial tool in unlocking our country’s roads for more efficient rides and overall smooth road experiences. These data points, along with the strengths of machine learning, have the potential to empower local governments across the country to address the challenges they face in terms of intra-city transportation. Likewise, the key to adopting policies that benefit commuters and citizens lies within these learnings. Creating efficient roads and setting riders free is possible by collecting key data and machine learning.
Thursday, August 4, 2022
Stop Polling, Let’s Go Streaming – A More Efficient API Paradigm
For many years APIs have been implemented so that the client has to keep calling the server for the latest data. The API version of needing to refresh your browser. But this can be inefficient, and wasteful in addition to risking clients using old data.
Techniques like Webhooks and network sockets have been around for a while, but new ways to implement API streams have come along.
In this session, we’ll look at how the different common options are, how they work, and their drawbacks. By the end of this session, you will have the knowledge to make a more informed decision on whether streaming APIs are right for you and which approach may support your needs best.
KEYNOTE: Blockchain.com -- Leading Engineerings Teams During the Crypto Age
Lewis will discuss what it takes to lead engineering teams building blockchain-powered products to keep up with mainstream demand. From implementing effective hiring methods to strategizing team roles and responsibilities, Lewis will share how technical leaders can hire and inspire high-impact teams to build industry-leading products. He will integrate key lessons learned while scaling the engineering team at Blockchain.com and increasing technical headcount.
The Right Data at the Right Time: Personalized Real-Time Data at Internet Scale
As applications and devices integrate deeper into our professional and personal lives, being able to deliver personalized real-time experiences is no longer a “nice-to-have” – it’s a competitive necessity for any digital service. But with new experiences come new challenges, especially at the volume of data needed for real-time delivery.
This talk will cover the ways in which traditional methods of data distribution are transitioning to event-driven architectures, and walk through examples of how wrangling-at-the-edge augments traditional stream processing to provide efficient, personalized data at Internet scale.
Container Orchestration Best Practices
This session talks about container orchestration best including Kubernetes and AWS EKS
Web for All. The Power of Progressive Web Apps
As web performance and user experience across both mobile and desktop devices continue to increase in importance, so do progressive web apps (PWAs). PWAs are becoming more popular because they have lots of enhancements that help your application perform better and they make apps accessible even to users with limited internet connection. In this talk, you are going to learn the advantages of using PWAs and how to turn your web application into a PWA.
Improve Customer Experience with AI Cognitive Services
Using cloud based Cognitive Services to translate a very large volume of documents in multiple languages and of multiple formats with high performance.