Presentation from "tech-talk-teach' meet ups series. In this presentation I present 7 bad CSS\JS practices and how to avoid it via tools\automation or just being careful.
Angels versus demons: balancing shiny and inclusiveChris Mills
The modern web developer faces a moral choice when creating sites and apps. The angel on your shoulder tells you to use standards and respect accessibility across users of AT, older browsers, mobile, etc. The devil on your other shoulder meanwhile tells you to use all the shiny, satisfy your ego, and leave user agents over two weeks old in the dust.
This talk walks you through the dilemma, looking at the perils of embracing the serpent and presenting solutions that will allow you to achieve a satisfactory compromise. We know the devil has all the good albums, and we want to rock out as much as you do! But not at the expense of the Web’s greatest strengths!
Rails security: above and beyond the defaultsMatias Korhonen
In a world with increasingly sophisticated adversaries employing both targeted and automated attacks, what can we do to keep our users and our web apps safe?
While Rails provides pretty decent security options straight out of the box, we can go further and make attacks more difficult to accomplish.
For example, why and how to implement a Content Security Policy. Should you use HTTP Public Key Pinning? How do you know if you've configured HTTPS correctly?
GWTcon 2015 - Best development practices for GWT web applications Arcbees
Best development practices for GWT web applications
Conference by Christian Goudreau, at GWT Con 2015.
Christian Goudreau is BEE-EO AND CO-FOUNDER
at Arcbees.
You can follow Christian on Twitter : @imchrisgoudreau
Angels versus demons: balancing shiny and inclusiveChris Mills
The modern web developer faces a moral choice when creating sites and apps. The angel on your shoulder tells you to use standards and respect accessibility across users of AT, older browsers, mobile, etc. The devil on your other shoulder meanwhile tells you to use all the shiny, satisfy your ego, and leave user agents over two weeks old in the dust.
This talk walks you through the dilemma, looking at the perils of embracing the serpent and presenting solutions that will allow you to achieve a satisfactory compromise. We know the devil has all the good albums, and we want to rock out as much as you do! But not at the expense of the Web’s greatest strengths!
Rails security: above and beyond the defaultsMatias Korhonen
In a world with increasingly sophisticated adversaries employing both targeted and automated attacks, what can we do to keep our users and our web apps safe?
While Rails provides pretty decent security options straight out of the box, we can go further and make attacks more difficult to accomplish.
For example, why and how to implement a Content Security Policy. Should you use HTTP Public Key Pinning? How do you know if you've configured HTTPS correctly?
GWTcon 2015 - Best development practices for GWT web applications Arcbees
Best development practices for GWT web applications
Conference by Christian Goudreau, at GWT Con 2015.
Christian Goudreau is BEE-EO AND CO-FOUNDER
at Arcbees.
You can follow Christian on Twitter : @imchrisgoudreau
Rapid Prototyping with Sass, Compass and Middleman by Bermon PainterCodemotion
This talk will cover some of the benefits of building a rapid prototyping framework with Sass & Compass along with the static site generator, Nanoc. you’ll discover how to rapid prototype pages, widgets and interactions that can be used for usability testing and to help concept ideas. Since it’s all built on Ruby it’s easy to migrate over to the real application later or toss away
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013Bastian Grimm
My talk at #SMX Sydney 2013 featuring 40 tips on WordPress security, WordPress SEO as well as a huge set of plug-in recommendation to get the maximum out of WordPress.
Introduction to Paul Irish and Divya Manian's HTML5 Boilerplate project. HTML5 Boilerplate helps you to quickly get up and running with front-end web project.
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Bastian Grimm
My talk at #SAScon Manchester 2013 about WordPress security and how to make your WordPress (a bit) safer. Including two factor authentification, a lot of security specific settings and much more :)
Rugged Software Using Rugged Driven DevelopmentJames Wickett
Security testing is often done at the cadence of auditors and not at the pace of the development team which hurts delivery time in agile teams. Rugged Driven Development (RDD) utilizes security and other stress testing methodologies during the development process to impact the end product so that you create software that is secure, reliable and resilient.
Using the Gauntlt open source framework to help implement RDD you will find it fun to live by the Gauntlt motto, “be mean to your code.” You will be equipped to deliver and release ruggedized software faster as well as span the communication gaps that exist between dev, ops and security teams. This talk will help you implement RDD your projects with plenty of real world examples.
At the end of the workshop, you should:
Be Rugged Driven Dev savvy and ready to ruggedize your next project with some new practices and tooling
Know how to use gauntlt and the security tools it hooks into
Take some of the pre-built gauntlt attacks and modify them to your own project
Write your own gauntlt attacks and put them in practice
The web has evolved, and now it’s time our themes do the same. WP Rig is an evolution on the tried and true starter theme model: a modern build process and WordPress starter theme bundled together, created to simplify the process of building advanced, accessible, performant, progressive themes. WP Rig does the heavy lifting of optimization so developers can focus on what they do best: designing and building great user experiences. In this talk you’ll learn how to supercharge your theme development process with WP Rig.
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
Code Coverage for Total Security in Application MigrationsDana Luther
So the time has come to take the leap and upgrade your application to a new major version of the underlying framework, or, perhaps, to an entirely different framework... how do you ensure that none of your functionality or usability is impacted by a potentially drastic rewrite of the underlying systems? How can you move forward with 100% confidence in your migrated codebase? Testing, testing and more testing. Using a combination of unit, functional and acceptance tests can give you the certainty you need. In this talk, we will go over key strategies for ensuring that you begin with full code coverage and move forward with confidence.
Stefan Judis "HTTP headers for the responsible developer"Fwdays
To build inclusive websites, developers have to consider accessibility, performance and user flows. Crafted source code forms the foundation for thought-through UIs, but it’s not only about the code. Let’s have a look at HTTP, and to be specific, its headers that can have a direct impact on user experience.
How users are being tracked? How Facebook, Google, and other tech giants can use flaws in web browsers and web architecture to track users? In this session. made in Reversim 2019 convention. I explained and showed several of those flaws and the exploitation of those flaws to track all users.
Static code analysis - introduction, how to implement it in development process and in the git flow. Also, a little bit about the new prettier and HTML\CSS static code analysis.
Rapid Prototyping with Sass, Compass and Middleman by Bermon PainterCodemotion
This talk will cover some of the benefits of building a rapid prototyping framework with Sass & Compass along with the static site generator, Nanoc. you’ll discover how to rapid prototype pages, widgets and interactions that can be used for usability testing and to help concept ideas. Since it’s all built on Ruby it’s easy to migrate over to the real application later or toss away
40 WordPress Tips: Security, Engagement, SEO & Performance - SMX Sydney 2013Bastian Grimm
My talk at #SMX Sydney 2013 featuring 40 tips on WordPress security, WordPress SEO as well as a huge set of plug-in recommendation to get the maximum out of WordPress.
Introduction to Paul Irish and Divya Manian's HTML5 Boilerplate project. HTML5 Boilerplate helps you to quickly get up and running with front-end web project.
Hardening WordPress - SAScon Manchester 2013 (WordPress Security)Bastian Grimm
My talk at #SAScon Manchester 2013 about WordPress security and how to make your WordPress (a bit) safer. Including two factor authentification, a lot of security specific settings and much more :)
Rugged Software Using Rugged Driven DevelopmentJames Wickett
Security testing is often done at the cadence of auditors and not at the pace of the development team which hurts delivery time in agile teams. Rugged Driven Development (RDD) utilizes security and other stress testing methodologies during the development process to impact the end product so that you create software that is secure, reliable and resilient.
Using the Gauntlt open source framework to help implement RDD you will find it fun to live by the Gauntlt motto, “be mean to your code.” You will be equipped to deliver and release ruggedized software faster as well as span the communication gaps that exist between dev, ops and security teams. This talk will help you implement RDD your projects with plenty of real world examples.
At the end of the workshop, you should:
Be Rugged Driven Dev savvy and ready to ruggedize your next project with some new practices and tooling
Know how to use gauntlt and the security tools it hooks into
Take some of the pre-built gauntlt attacks and modify them to your own project
Write your own gauntlt attacks and put them in practice
The web has evolved, and now it’s time our themes do the same. WP Rig is an evolution on the tried and true starter theme model: a modern build process and WordPress starter theme bundled together, created to simplify the process of building advanced, accessible, performant, progressive themes. WP Rig does the heavy lifting of optimization so developers can focus on what they do best: designing and building great user experiences. In this talk you’ll learn how to supercharge your theme development process with WP Rig.
Symfony Live NYC 2014 - Rock Solid Deployment of Symfony AppsPablo Godel
Web applications are becoming increasingly more complex, so deployment is not just transferring files with FTP anymore. We will go over the different challenges and how to deploy our PHP applications effectively, safely and consistently with the latest tools and techniques. We will also look at tools that complement deployment with management, configuration and monitoring.
Code Coverage for Total Security in Application MigrationsDana Luther
So the time has come to take the leap and upgrade your application to a new major version of the underlying framework, or, perhaps, to an entirely different framework... how do you ensure that none of your functionality or usability is impacted by a potentially drastic rewrite of the underlying systems? How can you move forward with 100% confidence in your migrated codebase? Testing, testing and more testing. Using a combination of unit, functional and acceptance tests can give you the certainty you need. In this talk, we will go over key strategies for ensuring that you begin with full code coverage and move forward with confidence.
Stefan Judis "HTTP headers for the responsible developer"Fwdays
To build inclusive websites, developers have to consider accessibility, performance and user flows. Crafted source code forms the foundation for thought-through UIs, but it’s not only about the code. Let’s have a look at HTTP, and to be specific, its headers that can have a direct impact on user experience.
How users are being tracked? How Facebook, Google, and other tech giants can use flaws in web browsers and web architecture to track users? In this session. made in Reversim 2019 convention. I explained and showed several of those flaws and the exploitation of those flaws to track all users.
Static code analysis - introduction, how to implement it in development process and in the git flow. Also, a little bit about the new prettier and HTML\CSS static code analysis.
How to create quality code in WordPress plugins and themes using static code analysis, automatic unit testing, E2E testing, TravisCI\Jenkins and other tools.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. Hello!
I am Ran Bar-Zik
I am here because I hate front end. Let’s make it suck less!
You can find me at @barzik (twitter), or LinkedIn, or Facebook
OR at my site: internet-israel.com
7. How to use stylelint
✣ Install with `npm install -g stylelint`
✣ Create .stylelintrc file with your rules
(you can extend)
✣ Run it with
stylelint sinful.css --config
.stylelint.rc
25. examples?
1. Heard about CSS media queries?
2. Heard about JS media query?
https://developer.mozilla.org/en-
US/docs/Web/API/Window/matchMe
dia
3. It can be used on all browsers!
4. Demo:
https://codepen.io/svinkle/pen/owmg
y?page=1&
28. You have simple icons? Use
those techniques:
Web Fonts
Implement web
fonts
CSS drawings
Use Plain old CSS to
draw images. Wrap
it up in mixins.
SVG
You can use even
this.
31. Do test to see vulnerability
AngularReactVue
have it from the box
You can use sanitise.js
https://github.com/gb
irke/Sanitize.js
or use
createTextNode