Microservices sind im Wesentlichen ein paar hippe JavaScript Frameworks und eine schicke Single-Page-App mit AngularJS oder React, oder? Wenn du also absolut sicher sein willst, dass dein nächstes Microservice Projekt scheitert, dann komm in diesen Vortrag und lerne wie.
Anhand echter Erfahrung aus mehreren Brownfield und Greenfield Projekten zeige ich:
- wie du die notwendigen organisatorischen Einflüsse ignorierst
- wie du Operations wahnsinnig machst, sowohl durch unreife Technologien als auch durch last-minute Monitoring
- wie du auch ohne Continuous Delivery fehlerhafte Software rasch releasen kannst
- wie du auch einfachste CRUD Anwendungen mit hyper-komplexen Architekturen zum Scheitern bringst
- …und vieles mehr
Wenn du diese Tipps beachtest, wird dein Chef nie wieder auf die Idee kommen, seine IT zu modernisieren und du kannst weiterhin deinen geliebten Monolithen pflegen.
10 tips for failing at microservices @ DevExperience 2018David Schmitz
Microservices are just a bunch hip new framework plus some AngularJS frontend or React, right? So, if you want to make sure that you absolutely and definitely fail at your Microservice project, then watch this talk and learn how.
Using real world experience from multiple green field and brown field projects, I can show you: - how to ignore the mandatory organizational impact - how to focus on the code only without any regard towards ops and testing - continuous deployment is for losers. Real projects use their meat cloud for delivery - jumping onto every new and untested framework is a must - EventSourcing and CQRS are both free lunches. So, you can add complexity without any real need - ...and more
If you mind my tips, then surely you will fail at Microservices and your boss will never again try to move away from your beloved vintage monolith.
Elixir - Easy fun for busy developers @ Devoxx 2016David Schmitz
Did you ever want to create an application that is never down?
Have you ever been jealous of those Erlang guys, that produce applications that practically never fail?
Have you tried Erlang and fled because of its baroque syntax and tooling?
Enter Elixir!
Elixir combines Ruby's love for programmers with the absolute power that is the Erlang platform.
This talk will introduce Java programmers to Elixir and OTP. You will gain an understanding of what Elixir brings to the table and how to build highly scale-able systems with a toolset that is actually fun to use.
Even if you will never use Elixir and OTP for you projects, you will learn some of the concepts, that make Erlang into such a powerful ecosystem.
Event Sourcing - You are doing it wrong @ DevoxxDavid Schmitz
"Every microservice get's its own database and then use Kafka" is a typical and naive advise, when reading about eventsourcing. If you approach this architectural style this way, you will probably have a really awful time ahead.
Eventsourcing and CQRS are two very useful and popular patterns when dealing with data and microservices. We often find in our customer's projects, that both have a severe impact on your future options and the maintainability of your architecture. Presentations and articles on both topics are often superficial and do not tackle real world problems like security and compliance requirements.
This combination of half-knowledge and technical confusion leads to many projects that either refactor back to a 'non-eventsourced' architecture or reduce eventsourcing to a message queue.
In this talk, I will summarize our experience while applying eventsourcing and CQRS accros multiple large financial and insurance companies over the last 5 years. We will cover the Good, the Not so Good, and the 'oh my god...all abandon ships!' when doing eventsourcing in the real world...and see how we solved these issues.
Braintree SDK v.zero or "A payment gateway walks into a bar..." - Devfest Nan...Alberto López Martín
Presentation of the talk given at DevFest Nantes 2014, speaking about new SDK of Braintree (a PayPal company): vZero, but also talking about the best practices for having a great experience during the payment flow using Android devices
Frameworks give you a rich toolset to do complex tasks very easy and developers all love it. But then you need to update your framework from one version to another and things are falling apart because of the tight coupling with your business logic.
In this talk I show a couple of actual scenarios that went wrong when we moved from one framework to another and the solutions we applied to abstract business logic from framework logic. Even if you're not planning on migrating frameworks yet, decoupling is a good practice that will give you less headaches in the future.
Frameworks give you a rich toolset to do complex tasks very easy and developers all love it. But then you need to update your framework from one version to another and things are falling apart because of the tight coupling with your business logic.
In this talk I show a couple of actual scenarios that went wrong when we moved from one framework to another and the solutions we applied to abstract business logic from framework logic. Even if you're not planning on migrating frameworks yet, decoupling is a good practice that will give you less headaches in the future.
10 tips for failing at microservices @ DevExperience 2018David Schmitz
Microservices are just a bunch hip new framework plus some AngularJS frontend or React, right? So, if you want to make sure that you absolutely and definitely fail at your Microservice project, then watch this talk and learn how.
Using real world experience from multiple green field and brown field projects, I can show you: - how to ignore the mandatory organizational impact - how to focus on the code only without any regard towards ops and testing - continuous deployment is for losers. Real projects use their meat cloud for delivery - jumping onto every new and untested framework is a must - EventSourcing and CQRS are both free lunches. So, you can add complexity without any real need - ...and more
If you mind my tips, then surely you will fail at Microservices and your boss will never again try to move away from your beloved vintage monolith.
Elixir - Easy fun for busy developers @ Devoxx 2016David Schmitz
Did you ever want to create an application that is never down?
Have you ever been jealous of those Erlang guys, that produce applications that practically never fail?
Have you tried Erlang and fled because of its baroque syntax and tooling?
Enter Elixir!
Elixir combines Ruby's love for programmers with the absolute power that is the Erlang platform.
This talk will introduce Java programmers to Elixir and OTP. You will gain an understanding of what Elixir brings to the table and how to build highly scale-able systems with a toolset that is actually fun to use.
Even if you will never use Elixir and OTP for you projects, you will learn some of the concepts, that make Erlang into such a powerful ecosystem.
Event Sourcing - You are doing it wrong @ DevoxxDavid Schmitz
"Every microservice get's its own database and then use Kafka" is a typical and naive advise, when reading about eventsourcing. If you approach this architectural style this way, you will probably have a really awful time ahead.
Eventsourcing and CQRS are two very useful and popular patterns when dealing with data and microservices. We often find in our customer's projects, that both have a severe impact on your future options and the maintainability of your architecture. Presentations and articles on both topics are often superficial and do not tackle real world problems like security and compliance requirements.
This combination of half-knowledge and technical confusion leads to many projects that either refactor back to a 'non-eventsourced' architecture or reduce eventsourcing to a message queue.
In this talk, I will summarize our experience while applying eventsourcing and CQRS accros multiple large financial and insurance companies over the last 5 years. We will cover the Good, the Not so Good, and the 'oh my god...all abandon ships!' when doing eventsourcing in the real world...and see how we solved these issues.
Braintree SDK v.zero or "A payment gateway walks into a bar..." - Devfest Nan...Alberto López Martín
Presentation of the talk given at DevFest Nantes 2014, speaking about new SDK of Braintree (a PayPal company): vZero, but also talking about the best practices for having a great experience during the payment flow using Android devices
Frameworks give you a rich toolset to do complex tasks very easy and developers all love it. But then you need to update your framework from one version to another and things are falling apart because of the tight coupling with your business logic.
In this talk I show a couple of actual scenarios that went wrong when we moved from one framework to another and the solutions we applied to abstract business logic from framework logic. Even if you're not planning on migrating frameworks yet, decoupling is a good practice that will give you less headaches in the future.
Frameworks give you a rich toolset to do complex tasks very easy and developers all love it. But then you need to update your framework from one version to another and things are falling apart because of the tight coupling with your business logic.
In this talk I show a couple of actual scenarios that went wrong when we moved from one framework to another and the solutions we applied to abstract business logic from framework logic. Even if you're not planning on migrating frameworks yet, decoupling is a good practice that will give you less headaches in the future.
Today it is possible to apply the Edge to Cloud pattern in the industrial world. Microsoft is putting the idea of intelligent edge into practice by providing not only IoT Edge,but a series of field transpositions of important cloud services, including:
Functions, Storage, SQL Edge, SQL Lite, Event Grid, Redis, Stream Analytics, Cognitive Services.
In addition to these, contact points are also emerging towards the old industrial world, for example with OPC-UA.
The session deals with the IoT Edge service in a focused way, compared to the concept of connected factory.
I've seen projects with shiny, new code render into unmaintainable big balls of mud within 2-3 years. Multiple times. But regardless of whether it's the code base as a whole that's rotten, or whether it's just the UI and User Experience that needs a major overhaul: the question on rewrite vs refactoring will come up sooner or later. Based on years of experience, and a plethora of bad decisions cumulating into epic failures, I'll share my experience on how to have a code base that stays maintainable - even after years. After this talk, you'll have more insight into whether you should refactor or rewrite, and how to do it right from now on.
4 Node.js Gotchas: What your ops team needs to knowDynatrace
To register for this webinar replay, click here:
https://info.dynatrace.com/apm_wc_nodejs_na_registration.html
There is no doubt that Node.js is one of the fastest growing platforms today. It can be found at start-ups and enterprises throughout all industries from high-tech to healthcare.
A lot of people have written about the reasons for its popularity and why it has made sense in “digital transformation” efforts. But when you implement Node.js, do you have to replace your mainframes and legacy software with a shiny new Node.js-based microservice architecture?
This 30-minute webinar walks in the shoes of those who oversee the whole digital value chain: Operation and performance teams. We will cover:
Node.js implementation requirements (Hint: you might not have to gut your whole system)
What challenges operations and performance teams face when they begin to implement Node.js
The big four gotchas that can make using Node.js difficult for an operations team
Gain the know-how to support your development and ops teams in implementing Node.js.
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017Codemotion
Microservices are hot! A lot of companies are experimenting with this architectural pattern that greatly benefits the software development process. When adopting new patterns we always encounter that moment where we think 'if only I knew this three months ago'. This talk will be a sneak peak into the world of microservices at Atlassian and reveal what we've learned about microservices: how to arrange, configure and build your code efficiently; deployment and testing; and how to operate effectively in this environment. In this talk you will learn how to immediately apply five simple strategies.
Microservices: 5 Things I Wish I'd Known - Code Motion Milan 2017Vincent Kok
Microservices are still the rage—and for good reason. However, like any other emerging architecture, they’re not a silver bullet and anyone who adopts this architecture will need to learn and identify new patterns, patterns you didn’t need to know about in a monolithic world. This session discusses when to make the switch to a microservice architecture and the patterns Atlassian has identified in building microservices. They include patterns in code organization, configuration management, deployment, resilience, and decomposition. After this session, you will be able to identify whether you should give microservice architecture a try and if so, you will have a toolbox full of patterns to apply to your own situation.
How do Things talk? IoT Application Protocols 101Christian Götz
Analysts predict that in 2020 50 billion devices are connected to the internet. Together with the fact that more and more of these "things" are connected over the cellular network, new challenges are introduced to the communication of Internet of Things (IoT) and machine-to-machine (M2M) scenarios. There are a lot of protocols which claim to be ideal for these use cases, for example MQTT and COAP. In this talk you will get an overview of commonly used protocols and their underlying architectural styles. We will also look at advantages/disadvantages, use cases and the eco-system around them for Java developers.
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsPROIDEA
There is a big bunch of tools offering HTTP/SSL traffic interception. However, when it comes to penetration tests of specialized embedded software or thick clients, we often encounter proprietary protocols with no documentation at all. Binary TCP connections, unlike anything, impossible to be adapted by a well-known local proxy. Without disassembling the protocol, pentesting the server backend is very limited. Though, based on our experience, it very often hides a shameful secret - completely unsecured mechanisms breaking all secure coding practices.
To demonstrate, we will show a few case-studies - most interesting examples from real-life industry software, which in our opinion are a quintessence of "security by obscurity". We will challenge the security of proprietary protocols in pull printing solutions, FOREX trading software, remote desktops and home automation technologies.
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Jakub Kałużny
When it comes to penetration tests of specialized embedded software or thick clients, we often encounter proprietary protocols with no documentation at all. Binary TCP connections, unlike anything, impossible to be adapted by a well-known local proxy. Without disassembling the protocol, pentesting the server backend is very limited. Though, based on our experience, it very often hides a shameful secret - completely unsecured mechanisms breaking all secure coding practices.
vensoft technologies http://www.ieeedeveloperslabs.in/ pc controlled pick an...Vensoft Technologies
IEEE Developers Labs (A Division of Vensoft Technologies) is a Electronic Design Services (EDS) for VLSI / EMBEDDED and MATLAB, delivering a wide variety of end- to -end services, including design, development, & testing for customers around the world. With proven expertise across multiple domains such as Consumer Electronics Market, Infotainment, Office Automation, Mobility and Equipment Controls.
IEEE Developers Labs (A Division of Vensoft Technologies) is managed by Engineers / Professionals possessing significant industrial experience across various application domains and engineering horizontals.Our engineers have expertise across a wide range of technologies, to the engineering efforts of our clients. Leveraging standards based components and investments in dedicated test lab infrastructure, we offer innovative, flexible and cost-effective services and solutions.
Covers building a malware analysis environment for enterprises that don't currently have a dedicated team for such purposes. Presented at Blackhat DC 2010.
JS Fest 2018. Никита Галкин. Микросервисная архитектура с переиспользуемыми к...JSFestUA
Нарушение DRY принципа особенно часто возникает в микросервисах. Чтобы избежать этой проблемы, вы можете использовать повторно используемые компоненты, например, приватные пакеты npm. Лучшие практики, которые помогут вам достичь этого включают в себя паттерн ECB для организации кода, манифест 12-ти факторного приложения, использование генерации кода. В нашем проекте мы используем технический стек на основе Node.js, Docker, RabbitMQ, но идеи из этого доклада могут быть использованы для любого технического стека микросервисов
Owasp Juice Shop: Achieving sustainability for open source projectsBjörn Kimminich
OWASP Juice Shop is a "shooting star" among broken web applications. To make sure it does not end as a "one-hit wonder", the project embraces principles and techniques that enhance its sustainability, e.g. Clean Code, TDD, CI/CD, Quality Metrics and Mutation Testing.
In this session you will see how
- even a horrible language such as Javascript can be written in a maintainable manner
- a complete and reliable test suite eliminates the "fear of change"
- automation is a key to increased productivity - even for small open source projects
- free-for-open-source SaaS tools can improve your development process
Where is light, there is shadow! You will also learn
- about some limitations in the automation processes
- the pain keeping Javascript dependencies up to date
- why some 3rd party services had to be dropped
If the Internet gods are with us, we will even perform a production release of OWASP Juice Shop during the session!
A fully web-based solution for calculating & displaying real-time data on large screens in contact centers (wallboards) and also directly on computer screens of supervisors, agents and even on mobile devices of executives (dashboards). Schedule a demo at 2Ring.com/Demo.
The impact of moving to the public cloud is severe for organisations and working culture. Here I explore some of the lessons we learned in several projects in the financial industry.
Wolltest du schon immer die Vorteile und Ideen von Scala in deinen Java oder Kotlin Projekten nutzen? Dann ist Vavr (ehemals Javaslang) genau die richtige Bibliothek für dich.
Anhand echter Projektbeispiele schauen wir uns den Nutzen an, den Vavr mit seinen syntaktischen Erweiterungen und Features bei der täglichen Arbeit bietet. Wir schauen uns Value Types, echte funktionale Datentypen an und werden lernen, wie wir Exceptions sinnvoller behandeln können. Alles für besser wartbaren und sauberen Code!
Vavr bietet die Möglichkeit, die Vorteile objekt-funktionaler Programmierung zu nutzen, ohne Java den Rücken kehren zu müssen.
More Related Content
Similar to 10 Tips for failing at microservices - badly (BedCon 2017)
Today it is possible to apply the Edge to Cloud pattern in the industrial world. Microsoft is putting the idea of intelligent edge into practice by providing not only IoT Edge,but a series of field transpositions of important cloud services, including:
Functions, Storage, SQL Edge, SQL Lite, Event Grid, Redis, Stream Analytics, Cognitive Services.
In addition to these, contact points are also emerging towards the old industrial world, for example with OPC-UA.
The session deals with the IoT Edge service in a focused way, compared to the concept of connected factory.
I've seen projects with shiny, new code render into unmaintainable big balls of mud within 2-3 years. Multiple times. But regardless of whether it's the code base as a whole that's rotten, or whether it's just the UI and User Experience that needs a major overhaul: the question on rewrite vs refactoring will come up sooner or later. Based on years of experience, and a plethora of bad decisions cumulating into epic failures, I'll share my experience on how to have a code base that stays maintainable - even after years. After this talk, you'll have more insight into whether you should refactor or rewrite, and how to do it right from now on.
4 Node.js Gotchas: What your ops team needs to knowDynatrace
To register for this webinar replay, click here:
https://info.dynatrace.com/apm_wc_nodejs_na_registration.html
There is no doubt that Node.js is one of the fastest growing platforms today. It can be found at start-ups and enterprises throughout all industries from high-tech to healthcare.
A lot of people have written about the reasons for its popularity and why it has made sense in “digital transformation” efforts. But when you implement Node.js, do you have to replace your mainframes and legacy software with a shiny new Node.js-based microservice architecture?
This 30-minute webinar walks in the shoes of those who oversee the whole digital value chain: Operation and performance teams. We will cover:
Node.js implementation requirements (Hint: you might not have to gut your whole system)
What challenges operations and performance teams face when they begin to implement Node.js
The big four gotchas that can make using Node.js difficult for an operations team
Gain the know-how to support your development and ops teams in implementing Node.js.
Vincent Kok - Microservices 5 things I wish I'd known - Codemotion Milan 2017Codemotion
Microservices are hot! A lot of companies are experimenting with this architectural pattern that greatly benefits the software development process. When adopting new patterns we always encounter that moment where we think 'if only I knew this three months ago'. This talk will be a sneak peak into the world of microservices at Atlassian and reveal what we've learned about microservices: how to arrange, configure and build your code efficiently; deployment and testing; and how to operate effectively in this environment. In this talk you will learn how to immediately apply five simple strategies.
Microservices: 5 Things I Wish I'd Known - Code Motion Milan 2017Vincent Kok
Microservices are still the rage—and for good reason. However, like any other emerging architecture, they’re not a silver bullet and anyone who adopts this architecture will need to learn and identify new patterns, patterns you didn’t need to know about in a monolithic world. This session discusses when to make the switch to a microservice architecture and the patterns Atlassian has identified in building microservices. They include patterns in code organization, configuration management, deployment, resilience, and decomposition. After this session, you will be able to identify whether you should give microservice architecture a try and if so, you will have a toolbox full of patterns to apply to your own situation.
How do Things talk? IoT Application Protocols 101Christian Götz
Analysts predict that in 2020 50 billion devices are connected to the internet. Together with the fact that more and more of these "things" are connected over the cellular network, new challenges are introduced to the communication of Internet of Things (IoT) and machine-to-machine (M2M) scenarios. There are a lot of protocols which claim to be ideal for these use cases, for example MQTT and COAP. In this talk you will get an overview of commonly used protocols and their underlying architectural styles. We will also look at advantages/disadvantages, use cases and the eco-system around them for Java developers.
CONFidence 2014: Jakub Kałużny: Shameful secrets of proprietary protocolsPROIDEA
There is a big bunch of tools offering HTTP/SSL traffic interception. However, when it comes to penetration tests of specialized embedded software or thick clients, we often encounter proprietary protocols with no documentation at all. Binary TCP connections, unlike anything, impossible to be adapted by a well-known local proxy. Without disassembling the protocol, pentesting the server backend is very limited. Though, based on our experience, it very often hides a shameful secret - completely unsecured mechanisms breaking all secure coding practices.
To demonstrate, we will show a few case-studies - most interesting examples from real-life industry software, which in our opinion are a quintessence of "security by obscurity". We will challenge the security of proprietary protocols in pull printing solutions, FOREX trading software, remote desktops and home automation technologies.
Shameful Secrets of Proprietary Network Protocols - OWASP AppSec EU 2014Jakub Kałużny
When it comes to penetration tests of specialized embedded software or thick clients, we often encounter proprietary protocols with no documentation at all. Binary TCP connections, unlike anything, impossible to be adapted by a well-known local proxy. Without disassembling the protocol, pentesting the server backend is very limited. Though, based on our experience, it very often hides a shameful secret - completely unsecured mechanisms breaking all secure coding practices.
vensoft technologies http://www.ieeedeveloperslabs.in/ pc controlled pick an...Vensoft Technologies
IEEE Developers Labs (A Division of Vensoft Technologies) is a Electronic Design Services (EDS) for VLSI / EMBEDDED and MATLAB, delivering a wide variety of end- to -end services, including design, development, & testing for customers around the world. With proven expertise across multiple domains such as Consumer Electronics Market, Infotainment, Office Automation, Mobility and Equipment Controls.
IEEE Developers Labs (A Division of Vensoft Technologies) is managed by Engineers / Professionals possessing significant industrial experience across various application domains and engineering horizontals.Our engineers have expertise across a wide range of technologies, to the engineering efforts of our clients. Leveraging standards based components and investments in dedicated test lab infrastructure, we offer innovative, flexible and cost-effective services and solutions.
Covers building a malware analysis environment for enterprises that don't currently have a dedicated team for such purposes. Presented at Blackhat DC 2010.
JS Fest 2018. Никита Галкин. Микросервисная архитектура с переиспользуемыми к...JSFestUA
Нарушение DRY принципа особенно часто возникает в микросервисах. Чтобы избежать этой проблемы, вы можете использовать повторно используемые компоненты, например, приватные пакеты npm. Лучшие практики, которые помогут вам достичь этого включают в себя паттерн ECB для организации кода, манифест 12-ти факторного приложения, использование генерации кода. В нашем проекте мы используем технический стек на основе Node.js, Docker, RabbitMQ, но идеи из этого доклада могут быть использованы для любого технического стека микросервисов
Owasp Juice Shop: Achieving sustainability for open source projectsBjörn Kimminich
OWASP Juice Shop is a "shooting star" among broken web applications. To make sure it does not end as a "one-hit wonder", the project embraces principles and techniques that enhance its sustainability, e.g. Clean Code, TDD, CI/CD, Quality Metrics and Mutation Testing.
In this session you will see how
- even a horrible language such as Javascript can be written in a maintainable manner
- a complete and reliable test suite eliminates the "fear of change"
- automation is a key to increased productivity - even for small open source projects
- free-for-open-source SaaS tools can improve your development process
Where is light, there is shadow! You will also learn
- about some limitations in the automation processes
- the pain keeping Javascript dependencies up to date
- why some 3rd party services had to be dropped
If the Internet gods are with us, we will even perform a production release of OWASP Juice Shop during the session!
A fully web-based solution for calculating & displaying real-time data on large screens in contact centers (wallboards) and also directly on computer screens of supervisors, agents and even on mobile devices of executives (dashboards). Schedule a demo at 2Ring.com/Demo.
Similar to 10 Tips for failing at microservices - badly (BedCon 2017) (20)
The impact of moving to the public cloud is severe for organisations and working culture. Here I explore some of the lessons we learned in several projects in the financial industry.
Wolltest du schon immer die Vorteile und Ideen von Scala in deinen Java oder Kotlin Projekten nutzen? Dann ist Vavr (ehemals Javaslang) genau die richtige Bibliothek für dich.
Anhand echter Projektbeispiele schauen wir uns den Nutzen an, den Vavr mit seinen syntaktischen Erweiterungen und Features bei der täglichen Arbeit bietet. Wir schauen uns Value Types, echte funktionale Datentypen an und werden lernen, wie wir Exceptions sinnvoller behandeln können. Alles für besser wartbaren und sauberen Code!
Vavr bietet die Möglichkeit, die Vorteile objekt-funktionaler Programmierung zu nutzen, ohne Java den Rücken kehren zu müssen.
10 Tipps für ein absolutes Microservice-DesasterDavid Schmitz
Microservices sind im Wesentlichen ein paar hippe JavaScript-Frameworks und eine schicke Single-Page-App mit AngularJS oder React, oder? Wenn du also absolut sicher sein willst, dass dein nächstes Microservice-Projekt scheitert, dann komm in diesen Vortrag und lerne wie.
Anhand echter Erfahrungen aus mehreren Brownfield- und Greenfield- Projekten zeigt David Schmitz wie du die notwendigen organisatorischen Einflüsse ignorierst; wie du Operations wahnsinnig machst, sowohl durch unreife Technologien als auch durch last-minute Monitoring; wie du auch ohne Continuous Delivery fehlerhafte Software rasch releasen kannst; wie du auch einfachste CRUD-Anwendungen mit hyper-komplexen Architekturen zum Scheitern bringst und vieles mehr.
Wenn du diese Tipps beachtest, wird dein Chef nie wieder auf die Idee kommen, seine IT zu modernisieren und du kannst weiterhin deinen geliebten Monolithen pflegen.
Real world serverless - architecture, patterns and lessons learnedDavid Schmitz
Serverless computing is quite the rage today. It enables companies to move to a platform with basically limitless capacity and it allows teams to embrace DevOps right from the start. So, this is literally the silver bullet we have waited for and everybody should embrace it. Right?
Well, it depends…
In this talk we will look at different scenarios and approaches to building and designing complex Serverless applications on AWS beyond your basic “Hello World”. We will cover architectures and patterns that help in adopting Serverless, for example how to design your Serverless landscape without getting lost in event-driven-chaos. Covering the whole development process, we will look at real world problems like testing, debugging, monitoring and securing your Serverless applications. Furthermore, we will use some of the essential tools that make working with AWS Lambda easier, such using Claudia.JS. Finally, we will discuss the drawbacks and misconceptions, like potential vendor lock-in and the illusion of NoOps.
If you find Serverless computing interesting, then this talk will show you how to adapt this architectural style without getting burned too much.
Serverless Computing ist der nächste logische Schritt, um Anwendungen in die Cloud zu bringen. Im Kern von Amazons Serverless Computing Angebots liegt AWS Lambda. AWS Lambda ist unter anderem durch den Sprachassistenten Alexa populär geworden, wird aber in unterschiedlichen Bereichen für innovative Produkte verwendet. Dieser Vortrag stellt Serverless Computing anhand eines Amazon Alexa Skills vor, der das Konferenzprogramm der Devcon 2017 als Sprachassistent anbietet. Wir schauen im Rahmen des Beispiels auf die architekturellen und infrastrukturellen Herausforderungen diese Event-Driven Ansatzes und lernen, wo Serverless Computing sinnvoll ist und wo andere Ansätze besser geeignet sein können. Schliesslich werfen wir noch einen kurzen Blick auf Alternativen zu AWS Lambda und bewerten die Vor- und Nachteile.
@Devoxx 2016
This talk will introduce you to Javaslang, a library that borrows heavily from Scala and applies Scala's ideas to plain old Java. We will cover some of the productivity enhancements and syntactic sugar that Javaslang offers, such as pattern matching aka. structural composition, value types and functional data types. Javaslang can be a building block for functional business code, that is easy to maintain and understand.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Welcome to the first live UiPath Community Day Dubai! Join us for this unique occasion to meet our local and global UiPath Community and leaders. You will get a full view of the MEA region's automation landscape and the AI Powered automation technology capabilities of UiPath. Also, hosted by our local partners Marc Ellis, you will enjoy a half-day packed with industry insights and automation peers networking.
📕 Curious on our agenda? Wait no more!
10:00 Welcome note - UiPath Community in Dubai
Lovely Sinha, UiPath Community Chapter Leader, UiPath MVPx3, Hyper-automation Consultant, First Abu Dhabi Bank
10:20 A UiPath cross-region MEA overview
Ashraf El Zarka, VP and Managing Director MEA, UiPath
10:35: Customer Success Journey
Deepthi Deepak, Head of Intelligent Automation CoE, First Abu Dhabi Bank
11:15 The UiPath approach to GenAI with our three principles: improve accuracy, supercharge productivity, and automate more
Boris Krumrey, Global VP, Automation Innovation, UiPath
12:15 To discover how Marc Ellis leverages tech-driven solutions in recruitment and managed services.
Brendan Lingam, Director of Sales and Business Development, Marc Ellis
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
37. @koenighotze
Sharing is a Good ThingTM
Avoid table or schema ownership
Ubiquitous domain modelling paralysis
Keep people awake at night with
insidious dependencies
50. @koenighotze
Don’t come up with a data cleansing strategy
WET is the new DRY
Never question the design
All systems should be eventsourced
Eventual consistency = “Eventuell konsistent”
64. @koenighotze
Dependencies as social tools
Job insurance via invasive frameworks
Building frameworks is fun!
Ideas: collections, string-utils, logging,
ORM, JavaScript frontend framework!
87. @koenighotze
Infrastructure is expensive…be proud to
take care of it
Microsoft Word is some kind of automation
Play the “we are not Google” card
Combine with polyglot ops for maximum
chaos
105. @koenighotze
Checklists (Excel or PPT!)
Arbitrary naming conventions
External (but unknown)
stakeholders
Last minute documents
(Templates, Fonts!)
106. @koenighotze
Be proud of complexity, we are
engineers for a reason
Ops tooling puts JavaScript to
shame
If Twitter runs on it, so should you
Combine with Meat cloud
118. @koenighotze
Microservices are REST only (hint: service!)
Meet people while discussion ownership
and conflicting features
Keep the testers busy with side effects
Single point of failure - blame the script
kids working on the UI
125. @koenighotze
Frustrate your coworkers
Irritate motivated colleagues
Do not play around with technology
If you are older than 30…play the “This is
_real_ enterprise, kid” card
Ivory towers are beautiful
140. @koenighotze
Avoid X-functional teams
Slow means more time for Twitter!
The servant of many kings is a free man
Change / Requirement mgmt. are your
allies
Conway’s law works both ways
162. @koenighotze
Programmers do not like other people
Nobody should have a big picture, keep
them in the dark
“War rooms” sound really important
Avoid real ownership