Our Amoniac OU CEO Alexander Simonov inspired everyone with an original report and even played a bottle of rum on Ruby Meditation Conference in Kyiv.
Get more how really you need to clean the deck in your long Ruby's journey.
These slides cover 30-40 different ways to do privilege escalation and become root. There were presented at Null Bhopal. Details on this link: https://null.co.in/events/491-bhopal-null-bhopal-meet-16-september-2018-monthly-meet
An introduction for beginning programmer's to version control and git. After following this presentation a person should be able to set up their own local git repo as well as collaborate with others through github.
Building Good Containers for Python ApplicationsAll Things Open
Presented by: Moshe Zadka
Presented at the All Things Open 2021
Raleigh, NC, USA
Raleigh Convention Center
Abstract: Building good containers for Python applications means dealing with several niggling pieces. Where do you get your Python? How do you install third-party packages? What kind of pinning should, and shouldn't you do? How do you configure your app?
I will go over all of the answers, indicating trade-offs where necessary and pointing out best practices where a clear answer exists.
These slides cover 30-40 different ways to do privilege escalation and become root. There were presented at Null Bhopal. Details on this link: https://null.co.in/events/491-bhopal-null-bhopal-meet-16-september-2018-monthly-meet
An introduction for beginning programmer's to version control and git. After following this presentation a person should be able to set up their own local git repo as well as collaborate with others through github.
Building Good Containers for Python ApplicationsAll Things Open
Presented by: Moshe Zadka
Presented at the All Things Open 2021
Raleigh, NC, USA
Raleigh Convention Center
Abstract: Building good containers for Python applications means dealing with several niggling pieces. Where do you get your Python? How do you install third-party packages? What kind of pinning should, and shouldn't you do? How do you configure your app?
I will go over all of the answers, indicating trade-offs where necessary and pointing out best practices where a clear answer exists.
What happens when we teach a computer how to learn? Pablo shared surprising developments in the fast-paced field of Deep Learning, a family of techniques that can give computers the ability to learn Chinese, or to recognize objects in photos, or to help think through a medical diagnosis. We took a look at a field that will change the way the computers around us behave… sooner that we probably think. Pablo showed how Future Processing wants to play its role in helping doctors worldwide in their fight against cancer, through the ECONIB project.
A lot of people use Docker/rkt, but very often we do not have time to actually understand how they work. So today in half-hour I will show you in a nutshell how that works. My hope is that even after you know how to build a container engine, I can still convince you that the existing tools are worth spending $MM to create and use.
Development environments are a necessary part of every developer's workflow. They can also be a great source of friction. What may begin as simply running python my_app.py eventually bloats as you add more apps, more databases, more testing frameworks, and more developers. We'll talk about the evolution of a typical development environment, how it lets us down, and how we try to make it better. We'll end with an introduction to Dusty, a new tool which uses Docker containers to take our development environments to the next level.
Originally presented at PyGotham 2015.
Puppet Camp Düsseldorf 2014: Continuously Deliver Your Puppet Code with Jenki...Puppet
Continuously Deliver Your Puppet Code with Jenkins, r10k and Git (Intermediate) - Toni Schmidbauer, IT Solutions at Spardat GmbH given at Puppet Camp Düsseldorf 2014
Puppet Camp Duesseldorf 2014: Toni Schmidbauer - Continuously deliver your pu...NETWAYS
At s-IT solutions we manage a diverse environment of about 1000 linux (redhat), solaris 10/11 and AIX hosts with the help of puppet open source.
In this talk we give a brief introduction of continuous delivery and explain how we manage our current puppet infrastructure with a focus on the deployment process. We introduce jenkins, a continuous integration server and how we use it to continuously deliver our puppet code base. We also explain how we use git and r10k to manage internal and external (github/forge) puppet modules.
Furthermore, we discuss current shortcomings of our setup and how we plan to improve.
I was asked to talk in front of Computer science students at the Bar-Ilan university about "what happens" when you don't care about writing "secured" or "safe" code. A perfect example for that, in my opinion, was the world of embedded computing AKA the IoT. I talked about the history of consumer embedded devices and showed a live demo of an 0day I found in one of the most popular routers in the country.
Speaker:
Alex Cruise (Dir. Architecture, Metafor Software)
Abstract:
The rise of the DevOps movement has brought into welcome focus something that is often learned only through painful experience and expense: the success of a software product critically depends not only on its implementation, maintenance and enhancement, but also on how it’s deployed and operated.
Distributed systems are hard, but you can’t escape them: you need to scale out, but wrapping proxy interfaces around remote resources so they look local is a recipe for a fragile system. Plus, as the complexity of components and services increases, local systems aren’t actually as reliable as we think! Concurrency is hard, but you can’t escape it: whether you’re using threads in a single process, or multiple processes on a single machine, you still need to synchronize state between them somehow. Fault tolerance is hard, but you can’t escape it: parts will fail, you need to cope without rebooting the whole application. Correctness is hard, but you can’t escape it: whether through laborious testing or a Sufficiently Advanced Compiler, you need to have some assurance that the software will work as intended.
Let’s talk about a set of architectural patterns (and, yes, frameworks) that can really help us achieve the goals of concurrency, fault tolerance and correctness, while affording us the flexibility we need to scale our deployments when we achieve terrifying success.
GO in Heterogeneous Language EnvironmentsAmoniac OÜ
How to work with the Go language in heterogeneous language environments and how you can run Go, Ruby, PHP and other languages together in the latest presentation from Amoniac's CEO Alexander Simonov.
What happens when we teach a computer how to learn? Pablo shared surprising developments in the fast-paced field of Deep Learning, a family of techniques that can give computers the ability to learn Chinese, or to recognize objects in photos, or to help think through a medical diagnosis. We took a look at a field that will change the way the computers around us behave… sooner that we probably think. Pablo showed how Future Processing wants to play its role in helping doctors worldwide in their fight against cancer, through the ECONIB project.
A lot of people use Docker/rkt, but very often we do not have time to actually understand how they work. So today in half-hour I will show you in a nutshell how that works. My hope is that even after you know how to build a container engine, I can still convince you that the existing tools are worth spending $MM to create and use.
Development environments are a necessary part of every developer's workflow. They can also be a great source of friction. What may begin as simply running python my_app.py eventually bloats as you add more apps, more databases, more testing frameworks, and more developers. We'll talk about the evolution of a typical development environment, how it lets us down, and how we try to make it better. We'll end with an introduction to Dusty, a new tool which uses Docker containers to take our development environments to the next level.
Originally presented at PyGotham 2015.
Puppet Camp Düsseldorf 2014: Continuously Deliver Your Puppet Code with Jenki...Puppet
Continuously Deliver Your Puppet Code with Jenkins, r10k and Git (Intermediate) - Toni Schmidbauer, IT Solutions at Spardat GmbH given at Puppet Camp Düsseldorf 2014
Puppet Camp Duesseldorf 2014: Toni Schmidbauer - Continuously deliver your pu...NETWAYS
At s-IT solutions we manage a diverse environment of about 1000 linux (redhat), solaris 10/11 and AIX hosts with the help of puppet open source.
In this talk we give a brief introduction of continuous delivery and explain how we manage our current puppet infrastructure with a focus on the deployment process. We introduce jenkins, a continuous integration server and how we use it to continuously deliver our puppet code base. We also explain how we use git and r10k to manage internal and external (github/forge) puppet modules.
Furthermore, we discuss current shortcomings of our setup and how we plan to improve.
I was asked to talk in front of Computer science students at the Bar-Ilan university about "what happens" when you don't care about writing "secured" or "safe" code. A perfect example for that, in my opinion, was the world of embedded computing AKA the IoT. I talked about the history of consumer embedded devices and showed a live demo of an 0day I found in one of the most popular routers in the country.
Speaker:
Alex Cruise (Dir. Architecture, Metafor Software)
Abstract:
The rise of the DevOps movement has brought into welcome focus something that is often learned only through painful experience and expense: the success of a software product critically depends not only on its implementation, maintenance and enhancement, but also on how it’s deployed and operated.
Distributed systems are hard, but you can’t escape them: you need to scale out, but wrapping proxy interfaces around remote resources so they look local is a recipe for a fragile system. Plus, as the complexity of components and services increases, local systems aren’t actually as reliable as we think! Concurrency is hard, but you can’t escape it: whether you’re using threads in a single process, or multiple processes on a single machine, you still need to synchronize state between them somehow. Fault tolerance is hard, but you can’t escape it: parts will fail, you need to cope without rebooting the whole application. Correctness is hard, but you can’t escape it: whether through laborious testing or a Sufficiently Advanced Compiler, you need to have some assurance that the software will work as intended.
Let’s talk about a set of architectural patterns (and, yes, frameworks) that can really help us achieve the goals of concurrency, fault tolerance and correctness, while affording us the flexibility we need to scale our deployments when we achieve terrifying success.
GO in Heterogeneous Language EnvironmentsAmoniac OÜ
How to work with the Go language in heterogeneous language environments and how you can run Go, Ruby, PHP and other languages together in the latest presentation from Amoniac's CEO Alexander Simonov.
Ruby JIT Compilation - the talk and presentation prepared by the experienced developer and lecturer Mykhailo Bortnyk for the Ruby Meditation conference. The presentation contains JIT definition, known Ruby JIT implementations, demonstration, and some considerations on the future of JIT in Ruby.
The story about difficulties, surprises, and workarounds using Sinatra for complex projects. The presentation prepared by Vadim Evseev for the Ruby Meditation Conference, Kyiv.
Different Ways of Integrating React into Rails - Pros and ConsAmoniac OÜ
Applications these days appear to become more specific and role-divided. However, we want to deploy frontend and backend as one unit so Mikhail Bortnyk is going to research and to tell how modern JS frameworks are integrating into Rails, with pros, cons, blackjack, and dancers. Prepared for Ruby Meditation #16.
Functional Web Apps with WebMachine FrameworkAmoniac OÜ
The presentation is about WebMachine web framework from Ruby - port from Erlang's WebMachine framework. It explains specialties of this framework step by step and teaches how to create web apps in a functional style. Prepared by Mikhail Bortnyk for Ruby Meditation #13.
Mikhail Bortnyk, a senior developer at the Amoniac company, tells how to forget the pain of side effects and start to write your Erlang in Ruby.The presentation has been prepared for the Ruby Meditation conference #12.
Let's Count Bytes! Launching Ruby in 32K of RAMAmoniac OÜ
This presentation will discover how Ruby can be launched even on MCUs. It covers implementation of Ruby virtual machine, a timeline of porting experiences and some shiny demo with blinking LEDs - now in Ruby. Author - Mikhail Bortnyk, a senior developer, who has spoken with this presentation at RubyMeditation #9.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
2. about me
In IT from 1998
My first OS was CP/M
My first computer was without
monitor
My first contribution into
OpenSource was a support of
Cyrillic and UTF-8 in Gentoo
17. What did we do?
we have already begun to pollute our
system
18. What did we do?
we have already begun to pollute our
system
we have made our system unstable
19. What did we do?
we have already begun to pollute our
system
we have made our system unstable
we have made our system unpredictable
20. What did we do?
we have already begun to pollute our
system
we have made our system unstable
we have made our system unpredictable
we have made our system unmaintainable
31. Use a standard libraries
net/http instead of rest-client/faraday/etc
json instead of multi_json/oj/yajl/etc
You don't need cancancan for limiting one controller
You don't need rolify for 2 roles
You don't need trailblazer for 2 actions