Outline
Gaya pd muatan bergerak
Gaya pd unsur arus diferensial
Gaya antara unsur arus diferensial
Gaya dan torka
Magnetisasi
Syarat batas magnetik
Rangkaian magnetik
Induktansi & induktansi bersama
Outline
Gaya pd muatan bergerak
Gaya pd unsur arus diferensial
Gaya antara unsur arus diferensial
Gaya dan torka
Magnetisasi
Syarat batas magnetik
Rangkaian magnetik
Induktansi & induktansi bersama
Search for Vulnerabilities Using Static Code AnalysisAndrey Karpov
Vulnerabilities are the same things as common errors. Why do we distinguish them? Do this, if you want to earn more money. CWE - Common Weakness Enumeration. CVE - Common Vulnerabilities and Exposures. Now using Valgrind you're searching not for a memory leak, but for a denial of service.
Real World Single Page App - A Knockout Case Studyhousecor
This presentation explores lessons learned from building a highly complex single page application that's used by 100's of automotive dealerships to finance and sell cars. We’ll walk through how to manage a pure client-side application with 1000’s of lines of custom JavaScript and review how Web API, Knockout, Durandal, RequireJS, KendoUI, and surprisingly little jQuery can join forces to make the browser sing. You’ll gain a clear understanding of when a single page app approach makes sense and learn how to pragmatically divide responsibilities between the client and server. This session will give you an appreciation for how far you can push ultra-responsive client-side rendering in the real-world.
NodeJS: the good parts? A skeptic’s view (jmaghreb, jmaghreb2013)Chris Richardson
JavaScript used to be confined to the browser. But these days, it becoming increasingly popular in server-side applications in the form of NodeJS. NodeJS provides event-driven, non-blocking I/O model that supposedly makes it easy to build scalable network application. In this talk you will learn about the consequences of combining the event-driven programming model with a prototype-based, weakly typed, dynamic language. We will share our perspective as a server-side Java developer who wasn’t entirely happy about JavaScript in the browser, let alone on the server. You will learn how to use NodeJS effectively in modern, polyglot applications.
JavaScript, like it or not, has become the most important language on the web. Nearly every developer who builds Internet apps has to use it. But JavaScript can be tough to write and even tougher to read. So here are ten tips to help you get groovy with JavaScript.
Test driven development for infrastructure as-a-code, the future trend_Gianfr...Katherine Golovinova
We stress our developers to write tests while they write the code. We set quality gates to avoid releasing code that didn’t pass tests, or doesn’t have enough coverage.
But then, when it’s about IaaC, we do exactly the opposite. The time has come for us to discuss the challenges of testing IaaC code, from the necessity of using different languages, to the problems of deploying expensive resources in real world – analyzing the current possibilities and common best practices and looking ahead at the most promising technologies and projects, to boldly go, where no man has gone before: TDD Infra as Code.
NodeJS: the good parts? A skeptic’s view (oredev, oredev2013)Chris Richardson
JavaScript used to be confined to the browser. But these days, it becoming increasingly popular in server-side applications in the form of NodeJS. NodeJS provides event-driven, non-blocking I/O model that supposedly makes it easy to build scalable network application. In this talk you will learn about the consequences of combining the event-driven programming model with a prototype-based, weakly typed, dynamic language. We will share our perspective as a server-side Java developer who wasn’t entirely happy about JavaScript in the browser, let alone on the server. You will learn how to use NodeJS effectively in modern, polyglot applications.
My talk at the @media Ajax conference in London in November 2007 about the non-technical steps you can take to make JavaScript and Ajax work for larger teams.
Javascript is the language used the most for developing a web app or a hybrid mobile app, mainly because it can be executed directly by browsers. Java instead, can’t be run directly in a browser. On the other hand we have the language TypeScript, which is an open-source language that adds compile time type checking to Javascript, similar to Java, with the goal to prevent bugs mainly in the large code base. It is not uncommon for developers to write code using more than one programming language over time.
In this talk you will find out, how I survived adding Typescript/Javascript to the programming languages I work with, after a long experience of development with Java. Let’s go!
This afternoon I gave a very short introduction to computer programming at Trade School (tradeschool.ourgoods.org). I used JavaScript to illustrate the process of learning how to program, mainly because there's nothing to install and it has many practical uses.
AppSecCali - How Credential Stuffing is EvolvingJarrod Overson
This talk was given at AppSec California, January 2020.
Credential stuffing and other automated attacks are evolving passed every defense thrown in their way. CAPTCHAs don't work, Fingerprints don't work, Magical AI-whatevers don't work. The value is just too great.
How Credential Stuffing is Evolving - PasswordsCon 2019Jarrod Overson
Slides for talk given at PasswordsCon Sweden 2019. Credentials Stuffing is an automated attack that exploits users who reuse passwords by taking breached credentials and replaying them across sites.
Deepfakes - How they work and what it means for the futureJarrod Overson
Deepfakes originally started as cheap costing but believable video effects and have expanded into AI-generated content of every format. This session dove into the state of deepfakes and how the technology highlights an exciting but dangerous future.
Workshop slides originally given at the WOPR Summit in Atlantic City. Use JavaScript parsers and generators like Shift combined with Puppeteer and Chrome to reverse engineer web applications
The life of breached data and the attack lifecycleJarrod Overson
OWASP RTP Presentation on Data breaches, credential spills, the lifespan of data, credential stuffing, the attack lifecycle, and what you can do to protect yourself or your users.
Talk given at Mozilla's first View Source Conference in Portland, 2015. Details out the parallels between graphics and game developments compared to traditional web development.
This was a talk given at HTML5DevConf SF in 2015.
Ever wanted to write your own Browserify or Babel? Maybe have an idea for something new? This talk will get you started understanding how to use a JavaScript AST to transform and generate new code.
Riot on the web - Kenote @ QCon Sao Paulo 2014Jarrod Overson
Slides for the keynote given at QCon Sao Paulo 2014. Talk goes into the problems scaling Riot and how we've tried to solve them as well as what we've learned from the web and what lies in store next.
This talk was given on Oct 23 at HTML5DevConf in San Francisco. The topic was Continuous Delivery as it relates to JavaScript applications, using tools like grunt and jenkins.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
6. JavaScript is Dynamic
all the obvious pitfalls compounded by
Immature tooling and IDEs
Wildly variable module styles
Best practices vary as language evolves
Server & Client similar yet so different
7. The Talent Pool is ridic
Web Platform
Engineers
jQuery experts
Closures?
9. Progress is staggering
It’s hard to keep up
The next tech might not be usable yet
When it is, you want to actually
be able to use it
10. Refactoring isn’t easy
Callback hell is more than
just deep nesting
!
IDEs can’t help much, yet
!
But flexibility is more important
on the web than anywhere else
19. All code should look the same.
Style
Naming
Punctuation
Indentation
Comments
Case
20. Get everyone together
1. Agree
2. Document
3. Enforce
https://github.com/rwaldron/idiomatic.js/
https://github.com/Seravo/js-winning-style
https://github.com/airbnb/javascript
21. Coding conventions based on
Github analysis
1. >90% use last comma
2. >80% use space indents
3. >55% use single quotes
http://sideeffect.kr/popularconvention/#javascript
22. Lax enforcement begets violations.
Warnings need to fail builds.
These is as important as failed tests.
34. Complexity : ? still 2
function main(a) {
if (a > 5) {
!
} else {
!
}
}
35. Complexity : ? now 3
function main(a) {
if (a > 10) {
!
} else if(a > 5) {
!
}
}
36. Complexity : ? still 3
function main(a) {
if (a > 10) {
!
} else if(a > 5) {
!
} else {
!
}
}
37. Complexity : ? also 3
function main(a) {
if (a > 5) {
if (a > 10) {
!
}
}
}
38. Complexity : 7
function main(a) {
if (a) {
} else if (a) {
}
!
if (other) { }
!
}
for (var i = 0; i < a; i++) {
if (i % 2) {
} else if (i % 3) {
}
}
39. Don’t get hung up on numbers
!
function main() {
/*jshint maxcomplexity:12*/
!
}
//...
!
* note : jshint calculates complexity differently than
complexity-report (plato, grunt-complexity)
54. Code is a liability.
Your job is to provide value with
as little code as possible.
55. How many lines of code does
your main project have right now?
If you don’t know, within 10%,
then you’re ignoring it.
Treat SLOC like credit card debt.
Don’t add to it without knowing the balance.
69. These numbers are for
introspection and exploration
These calculations have been praised and
criticised, promoted and shot down.
(and Halstead died before
being able to defend them)