An introduction to Marshmallows library for Python (https://marshmallow.readthedocs.io/en/latest/). Shown in the context of Python Flask API and how the library enables easier testing.
Some advice from the guy who handle your applications uptime - scalaIO 2013Quentin Adam
This document provides advice on how to scale applications from Quentin Adam, who handles app uptime at Scala.io. It discusses two approaches to scaling: scaling up using a single large instance, which has single point of failure issues; and scaling out by splitting work across multiple instances. Key recommendations include: using statelessness, splitting processes and storage, choosing data stores wisely based on needs, avoiding files systems and memory as databases, respecting HTTP standards, making hard computations asynchronous, splitting code into modules, always using a reverse proxy, keeping documentation and deployments simple, tracking bugs and metrics.
WP-CLI is a great companion for developers who can leverage many of its features/functionality in their day-to-day development. In this session, I’ll give an introduction to WP-CLI, the basics command it provides and how we can use it. I will also discuss the other benefits, common useful commands in WP-CLI, installing external commands and a quick introduction to creating a custom command.
This document discusses tools and techniques for optimizing Ruby performance. It begins by looking at common expensive tasks like database operations, network access, and inefficient algorithms. It then discusses tools for benchmarking and profiling Ruby code like Benchmark, benchmark-ips, and stackprof. The document provides examples of optimizing ActiveRecord queries and using caching and memoization. It also discusses optimizing the environment through server, database, and caching configuration. Finally, it notes that in some CPU-intensive or async tasks, Ruby may not be the best tool.
Lessons from the Trenches - Building Enterprise Applications with RavenDBOren Eini
It's easy, fun, and simple to get a prototype application built with RavenDB, but what happens when you get to the point of shipping v1.0 into Production? Many of the subtle decisions made during development can have undesirable consequences in Production. In this session, Dan Bishop will explore some of the pain points that arise when building, deploying, and supporting enterprise-grade applications with RavenDB.
Taylor Lovett presented on the new JSON REST API for WordPress. The API uses JSON and REST principles to provide an intuitive and easy to use interface for WordPress content. It allows users to create, read, update and delete WordPress content like posts, pages, users and media through HTTP requests. The API is extensible and developers can build custom routes and endpoints. It provides a powerful way to interact with WordPress programmatically and will soon be integrated into the WordPress core.
The document discusses options for optimizing server performance including using alternative databases like MariaDB instead of MySQL, implementing caching at the page level and web server level using techniques like mod_pagespeed, using Nginx as a web server or reverse proxy, and load balancing. It promotes using these advanced techniques to achieve wicked fast website performance.
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)Cliff Seal
Did you know that running multiple instances of WordPress on a single server doesn’t actually require multiple instances of the codebase? In fact, as of WordPress 3.9, you don’t even need multiple instances of a plugin or a theme! Multitenancy can eliminate massive maintenance overhead in the right situations, think server-wide, near-instant updates that let you stay secure without keeping up with multiple sites. And that’s just the beginning of how it can help. In this session, I’ll show you how multitenancy can save time and energy while empowering your users. It’s simple, but powerful.
ClojureScript: I can't believe this is JavaScriptEric Normand
There are 6 difficult problems frameworks and libraries try to solve in JavaScript, but never quite get there. Learn how these problems (and more!) are solved by ClojureScript and how it can provide a platform for new solutions.
Some advice from the guy who handle your applications uptime - scalaIO 2013Quentin Adam
This document provides advice on how to scale applications from Quentin Adam, who handles app uptime at Scala.io. It discusses two approaches to scaling: scaling up using a single large instance, which has single point of failure issues; and scaling out by splitting work across multiple instances. Key recommendations include: using statelessness, splitting processes and storage, choosing data stores wisely based on needs, avoiding files systems and memory as databases, respecting HTTP standards, making hard computations asynchronous, splitting code into modules, always using a reverse proxy, keeping documentation and deployments simple, tracking bugs and metrics.
WP-CLI is a great companion for developers who can leverage many of its features/functionality in their day-to-day development. In this session, I’ll give an introduction to WP-CLI, the basics command it provides and how we can use it. I will also discuss the other benefits, common useful commands in WP-CLI, installing external commands and a quick introduction to creating a custom command.
This document discusses tools and techniques for optimizing Ruby performance. It begins by looking at common expensive tasks like database operations, network access, and inefficient algorithms. It then discusses tools for benchmarking and profiling Ruby code like Benchmark, benchmark-ips, and stackprof. The document provides examples of optimizing ActiveRecord queries and using caching and memoization. It also discusses optimizing the environment through server, database, and caching configuration. Finally, it notes that in some CPU-intensive or async tasks, Ruby may not be the best tool.
Lessons from the Trenches - Building Enterprise Applications with RavenDBOren Eini
It's easy, fun, and simple to get a prototype application built with RavenDB, but what happens when you get to the point of shipping v1.0 into Production? Many of the subtle decisions made during development can have undesirable consequences in Production. In this session, Dan Bishop will explore some of the pain points that arise when building, deploying, and supporting enterprise-grade applications with RavenDB.
Taylor Lovett presented on the new JSON REST API for WordPress. The API uses JSON and REST principles to provide an intuitive and easy to use interface for WordPress content. It allows users to create, read, update and delete WordPress content like posts, pages, users and media through HTTP requests. The API is extensible and developers can build custom routes and endpoints. It provides a powerful way to interact with WordPress programmatically and will soon be integrated into the WordPress core.
The document discusses options for optimizing server performance including using alternative databases like MariaDB instead of MySQL, implementing caching at the page level and web server level using techniques like mod_pagespeed, using Nginx as a web server or reverse proxy, and load balancing. It promotes using these advanced techniques to achieve wicked fast website performance.
Introducing WordPress Multitenancy (Wordcamp Vegas/Orlando 2015/WPCampus)Cliff Seal
Did you know that running multiple instances of WordPress on a single server doesn’t actually require multiple instances of the codebase? In fact, as of WordPress 3.9, you don’t even need multiple instances of a plugin or a theme! Multitenancy can eliminate massive maintenance overhead in the right situations, think server-wide, near-instant updates that let you stay secure without keeping up with multiple sites. And that’s just the beginning of how it can help. In this session, I’ll show you how multitenancy can save time and energy while empowering your users. It’s simple, but powerful.
ClojureScript: I can't believe this is JavaScriptEric Normand
There are 6 difficult problems frameworks and libraries try to solve in JavaScript, but never quite get there. Learn how these problems (and more!) are solved by ClojureScript and how it can provide a platform for new solutions.
Oren Eini discusses the next major version of RavenDB 4.0, running on the CoreCLR, and skim over topics of performance (much higher), flexibility and ease of use.
(WEB203) Building a Website That Costs Pennies to Operate | AWS re:Invent 2014Amazon Web Services
Amazon S3 gives you the ability to serve files from your Amazon S3 buckets. This session shows you how to set up a website with Amazon S3 to serve your static content. We show how you can use open source tools like Jekyll and Octopress to run a blog on your static site. Finally, you see how you can make that site more dynamic using other AWS products and the AWS SDK for JavaScript.
Zapping ever faster: how Zap sped up by two orders of magnitude using RavenDBOren Eini
Join a real uplift experience with Hagay Albo, the CTO of the Zap/Yellow Page Group in Israel, in which he explains how his team was able to take a legacy (slow and hard to modify) group of sites and make them easier to work with, MUCH faster and greatly simplified the operational environment.
By prioritizing high availability, flexible data modeling and focusing on raw speed Zap was able to reduce its load times by Two Orders of Magnitudes. Using RavenDB as the core engine behind Zap's new sites had improved site traffic, reduced time to market and made it possible to implement the next-gen features that were previously beyond reach.
From the new consensus based clustering to active data exploration, RavenDB 3.5 contains quite a lot of new features, improvement and fixes. In this keynote Oren Eini will showcase RavenDB 3.5 new features. Including SLAs, I/O monitoring, improved performance and stability, smarter replication, and more.
1) RDI uses RavenDB embedded in over 36,000 restaurants with around 500,000 individual machines processing $50,000 per second in payments.
2) RavenDB allows for unit testing without mocking the database, advanced statistics on data persistence, and transparent replication with high availability.
3) The challenges of using RavenDB on specialized older hardware with low memory and ESENT include fine-tuning memory usage, disabling caching, and automating recovery from unclean shutdowns with ESENTUTL.EXE.
WP-CLI is an awesome WordPress plugin that can be used to automate a bunch of difficult WordPress tasks. This presentation walks you through basic WP-CLI commands and creating custom commands.
A Gentle Introduction to Functions-as-a-ServiceValeri Karpov
Slides from my talk on functions-as-a-service at Wyncode Academy in Miami in April '18. Provides an overview of the tradeoffs between different FaaS providers
This document discusses using a multitenancy approach for WordPress where a single codebase is used to run multiple independent WordPress sites. The key aspects are symlinking the plugins, themes, and mu-plugins directories to a shared location, while each site has its own uploads and content directories. This reduces server footprint and makes code deployment and updates easier. The document provides details on how the file structure and configuration works to enable this multitenant setup.
Best Practices for WordPress in EnterpriseTaylor Lovett
10up open sourced their WordPress Best Practices (PHP, JavaScript, tools, and workflows) in late 2014. As the Director of Web Engineering at 10up, I drove this project and am the lead contributor to the docs. These Best Practices allow developers to build sites that scale, perform, and are secure one sites receiving millions of page views per day. They also standardize development practices in such a way that facilitates team collaboration. This talk will highlight some important parts of the Best Practices and reveal some valuable tips about how we (10up) engineer some of the most complex and most viewed WordPress sites in the world.
This document discusses multi-tenanted content management systems (CMS) where a single installation of software can be used to power multiple separate websites or domains. Key points include that each site has its own configuration file detailing database and theme settings. Maintaining a single codebase is cheaper and easier than separate installations. Popular CMS like Drupal, Joomla and WordPress have built-in or plugin support for multi-tenancy. Configuration files can be stored in a database or file system. Requests are routed through a proxy to determine the actual file locations based on domain.
Isomorphic WordPress Applications with NodeifyWPTaylor Lovett
- NodeifyWP is a framework that allows developers to build isomorphic web applications using WordPress, PHP, and Node.js.
- It uses PHP to execute JavaScript (Node.js) on the server, enabling the use of modern front-end technologies like React while retaining WordPress for content management.
- Setting up NodeifyWP in a theme involves requiring the framework, registering server-side and post-specific JavaScript, and rendering content through a REST API endpoint.
This document provides instructions for installing WordPress locally using XAMPP for testing and development purposes. It explains that local installation allows for easy troubleshooting, avoids security risks compared to a live server, and allows offline access. It then outlines the specific steps to install WordPress in XAMPP, including using the correct XAMPP and WordPress versions, copying WordPress files to the htdocs folder, creating a database in the XAMPP MySQL instance, renaming and editing the wp-config.php file to connect to the new database.
Know thy cost (or where performance problems lurk)Oren Eini
Performance happens. Whether you're designed for it or not it doesn’t matter, she is always invited to the party (and you better find her in a good mood). Knowing the cost of every operation, and how it distributes on every subsystem will ensure that when you are building that proof-of-concept (that always ends up in production) or designing the latest’s enterprise-grade application; you will know where those pesky performance bugs like to inhabit. In this session, we will go deep into the inner working of every performance sensitive subsystem. From the relative safety of the client to the binary world of Voron.
Best Practices for Building WordPress ApplicationsTaylor Lovett
This document provides best practices for WordPress applications, covering topics like caching, database reads/writes, search queries, maintainability, security, third-party code, teams, and workflows. It recommends tools and techniques to optimize performance, including using Redis for caching, Elasticsearch for complex queries, feature plugins, documentation, testing, linting, and managing dependencies with Composer.
The Mysteries Of JavaScript-Fu (@media Europe Edition)danwrong
The document discusses various techniques for mastering JavaScript including event handling, DOM manipulation, optimization, and testing. It presents both inline and script-based approaches to event handling and recommends using script-based handling by default. For DOM manipulation, it discusses the DOM and innerHTML methods and notes that neither is a clear winner. The document also provides tips on script optimization, recommended tools for debugging including Firebug, and Selenium for automated testing.
These are the slides from WpCampus 2016 presentation Varying WordPress Development Environment . This is a presentation and demo of what VVV is, how to install and how to use it.
Using multi-tenant WordPress to simplify developmentcoderaaron
Do you want to do development on multiple sites with different setups concurrently, but do not have to update core in each install every time a new version is released? Are you developing for a single site environment, but don not want to spin up a new development server for every site so you do not have to worry about multisite quirks?
If you answered yes to either of these questions, a multi-tenant WordPress install is just what you need!
Come learn how I adapted Cliff Seal's talk from WPCampus 2016 into a simple VVV site that allows you to develop for as many sites as you want while still maintaining the flexibility of having a separate directory structure and separate databases (not just tables) and still only have to update plugins/themes/core once for all of your sites.
The Mysteries Of JavaScript-Fu (@media SF Edition)danwrong
The document discusses techniques for mastering JavaScript known as JavaScript-Fu. It covers topics like event handling, DOM manipulation, performance optimization, and testing. It recommends using script-based event handling by default, and DOM or innerHTML methods depending on the specific task. The document also provides resources for learning more like the author's website and tools like Firebug and Selenium.
This document provides best practices for WordPress development including caching, database reads/writes, search, browser performance, maintainability, security, third party code, and teams. It recommends using Redis for caching, understanding WP_Query parameters, writing modular feature plugins, thorough documentation, testing, sanitizing inputs, using nonces, and conducting internal code reviews.
I'm Using WordPress, Now What? Starter EditionThom Allen
Hosting your own website requires commitment and planning. You must choose a theme that shows your personality, have easy navigation with categories and search, and know your visitors through analytics. Most importantly, backups are crucial - have daily, weekly, and monthly backups of your files and database in at least three offsite locations like Amazon, Dropbox, or email to ensure quick recovery from disasters. Promoting your site through advertising and guest writers will help get the word out.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Oren Eini discusses the next major version of RavenDB 4.0, running on the CoreCLR, and skim over topics of performance (much higher), flexibility and ease of use.
(WEB203) Building a Website That Costs Pennies to Operate | AWS re:Invent 2014Amazon Web Services
Amazon S3 gives you the ability to serve files from your Amazon S3 buckets. This session shows you how to set up a website with Amazon S3 to serve your static content. We show how you can use open source tools like Jekyll and Octopress to run a blog on your static site. Finally, you see how you can make that site more dynamic using other AWS products and the AWS SDK for JavaScript.
Zapping ever faster: how Zap sped up by two orders of magnitude using RavenDBOren Eini
Join a real uplift experience with Hagay Albo, the CTO of the Zap/Yellow Page Group in Israel, in which he explains how his team was able to take a legacy (slow and hard to modify) group of sites and make them easier to work with, MUCH faster and greatly simplified the operational environment.
By prioritizing high availability, flexible data modeling and focusing on raw speed Zap was able to reduce its load times by Two Orders of Magnitudes. Using RavenDB as the core engine behind Zap's new sites had improved site traffic, reduced time to market and made it possible to implement the next-gen features that were previously beyond reach.
From the new consensus based clustering to active data exploration, RavenDB 3.5 contains quite a lot of new features, improvement and fixes. In this keynote Oren Eini will showcase RavenDB 3.5 new features. Including SLAs, I/O monitoring, improved performance and stability, smarter replication, and more.
1) RDI uses RavenDB embedded in over 36,000 restaurants with around 500,000 individual machines processing $50,000 per second in payments.
2) RavenDB allows for unit testing without mocking the database, advanced statistics on data persistence, and transparent replication with high availability.
3) The challenges of using RavenDB on specialized older hardware with low memory and ESENT include fine-tuning memory usage, disabling caching, and automating recovery from unclean shutdowns with ESENTUTL.EXE.
WP-CLI is an awesome WordPress plugin that can be used to automate a bunch of difficult WordPress tasks. This presentation walks you through basic WP-CLI commands and creating custom commands.
A Gentle Introduction to Functions-as-a-ServiceValeri Karpov
Slides from my talk on functions-as-a-service at Wyncode Academy in Miami in April '18. Provides an overview of the tradeoffs between different FaaS providers
This document discusses using a multitenancy approach for WordPress where a single codebase is used to run multiple independent WordPress sites. The key aspects are symlinking the plugins, themes, and mu-plugins directories to a shared location, while each site has its own uploads and content directories. This reduces server footprint and makes code deployment and updates easier. The document provides details on how the file structure and configuration works to enable this multitenant setup.
Best Practices for WordPress in EnterpriseTaylor Lovett
10up open sourced their WordPress Best Practices (PHP, JavaScript, tools, and workflows) in late 2014. As the Director of Web Engineering at 10up, I drove this project and am the lead contributor to the docs. These Best Practices allow developers to build sites that scale, perform, and are secure one sites receiving millions of page views per day. They also standardize development practices in such a way that facilitates team collaboration. This talk will highlight some important parts of the Best Practices and reveal some valuable tips about how we (10up) engineer some of the most complex and most viewed WordPress sites in the world.
This document discusses multi-tenanted content management systems (CMS) where a single installation of software can be used to power multiple separate websites or domains. Key points include that each site has its own configuration file detailing database and theme settings. Maintaining a single codebase is cheaper and easier than separate installations. Popular CMS like Drupal, Joomla and WordPress have built-in or plugin support for multi-tenancy. Configuration files can be stored in a database or file system. Requests are routed through a proxy to determine the actual file locations based on domain.
Isomorphic WordPress Applications with NodeifyWPTaylor Lovett
- NodeifyWP is a framework that allows developers to build isomorphic web applications using WordPress, PHP, and Node.js.
- It uses PHP to execute JavaScript (Node.js) on the server, enabling the use of modern front-end technologies like React while retaining WordPress for content management.
- Setting up NodeifyWP in a theme involves requiring the framework, registering server-side and post-specific JavaScript, and rendering content through a REST API endpoint.
This document provides instructions for installing WordPress locally using XAMPP for testing and development purposes. It explains that local installation allows for easy troubleshooting, avoids security risks compared to a live server, and allows offline access. It then outlines the specific steps to install WordPress in XAMPP, including using the correct XAMPP and WordPress versions, copying WordPress files to the htdocs folder, creating a database in the XAMPP MySQL instance, renaming and editing the wp-config.php file to connect to the new database.
Know thy cost (or where performance problems lurk)Oren Eini
Performance happens. Whether you're designed for it or not it doesn’t matter, she is always invited to the party (and you better find her in a good mood). Knowing the cost of every operation, and how it distributes on every subsystem will ensure that when you are building that proof-of-concept (that always ends up in production) or designing the latest’s enterprise-grade application; you will know where those pesky performance bugs like to inhabit. In this session, we will go deep into the inner working of every performance sensitive subsystem. From the relative safety of the client to the binary world of Voron.
Best Practices for Building WordPress ApplicationsTaylor Lovett
This document provides best practices for WordPress applications, covering topics like caching, database reads/writes, search queries, maintainability, security, third-party code, teams, and workflows. It recommends tools and techniques to optimize performance, including using Redis for caching, Elasticsearch for complex queries, feature plugins, documentation, testing, linting, and managing dependencies with Composer.
The Mysteries Of JavaScript-Fu (@media Europe Edition)danwrong
The document discusses various techniques for mastering JavaScript including event handling, DOM manipulation, optimization, and testing. It presents both inline and script-based approaches to event handling and recommends using script-based handling by default. For DOM manipulation, it discusses the DOM and innerHTML methods and notes that neither is a clear winner. The document also provides tips on script optimization, recommended tools for debugging including Firebug, and Selenium for automated testing.
These are the slides from WpCampus 2016 presentation Varying WordPress Development Environment . This is a presentation and demo of what VVV is, how to install and how to use it.
Using multi-tenant WordPress to simplify developmentcoderaaron
Do you want to do development on multiple sites with different setups concurrently, but do not have to update core in each install every time a new version is released? Are you developing for a single site environment, but don not want to spin up a new development server for every site so you do not have to worry about multisite quirks?
If you answered yes to either of these questions, a multi-tenant WordPress install is just what you need!
Come learn how I adapted Cliff Seal's talk from WPCampus 2016 into a simple VVV site that allows you to develop for as many sites as you want while still maintaining the flexibility of having a separate directory structure and separate databases (not just tables) and still only have to update plugins/themes/core once for all of your sites.
The Mysteries Of JavaScript-Fu (@media SF Edition)danwrong
The document discusses techniques for mastering JavaScript known as JavaScript-Fu. It covers topics like event handling, DOM manipulation, performance optimization, and testing. It recommends using script-based event handling by default, and DOM or innerHTML methods depending on the specific task. The document also provides resources for learning more like the author's website and tools like Firebug and Selenium.
This document provides best practices for WordPress development including caching, database reads/writes, search, browser performance, maintainability, security, third party code, and teams. It recommends using Redis for caching, understanding WP_Query parameters, writing modular feature plugins, thorough documentation, testing, sanitizing inputs, using nonces, and conducting internal code reviews.
I'm Using WordPress, Now What? Starter EditionThom Allen
Hosting your own website requires commitment and planning. You must choose a theme that shows your personality, have easy navigation with categories and search, and know your visitors through analytics. Most importantly, backups are crucial - have daily, weekly, and monthly backups of your files and database in at least three offsite locations like Amazon, Dropbox, or email to ensure quick recovery from disasters. Promoting your site through advertising and guest writers will help get the word out.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
6. WHY MARSHMALLOW FOR US
➔ Maintaining a custom framework is
tiresome
➔ Above had no type validation
➔ Missing keys makes our clients :(
➔ Testing was difficult
22. FLOW W/ ERROR RESPONSES
➔ Receive JSON string from backend
➔ Validate or Load
◆ Raise `Exception` if errors exist
➔ Send payload
23. TESTING
➔ Test the Schemas in isolation
➔ Any deviation in a known input and
expected output for that Schema
➔ Individually test methods
◆ Identify where a Schema is failing