This document discusses Java bytecode fundamentals including:
- Bytecode is composed of one-byte instructions with ~200 opcodes in use
- The javap tool can be used to disassemble classes and view bytecode
- The Java Virtual Machine is stack-based and each thread has a stack frame containing an operand stack and local variables
- Bytecode instructions manipulate the stack and local variables to implement method calls and object initialization
Avec la version 9 sortie en septembre 2017, Java appuie sur la pédale ! Le rythme des livraisons passe à une version majeure tous les 6 mois. Java 10 est sorti en mars, prochaine version en septembre. Java 10 apporte le 'var' et l'inférence de type pour les variables locales. D'autres nouveautés sont en préparation : les constantes dynamiques, les classes de données, un nouveau switch à base de lambda, des interfaces fermées, de nouvelles choses du coté des génériques et bien plus encore.
Cela viendra-t-il en 11, 12, 15 ? Ne spéculons pas, mais quand ces nouveautés seront prêtes, elles sortiront en quelques mois. On se propose de présenter ces nouveautés, celles qui sont presque prêtes, celles qui seront prêtes bientôt, et celles qui ne seront pas prêtes avant un moment. Quels seront les impacts sur le langage, sur la JVM et donc sur les performances ? Que cela va-t-il nous apporter au quotidien, en tant que développeurs ? Quels seront les nouveaux patterns ? Voici le programme de cette présentation, avec des slides, du code, de la joie et de la bonne humeur !
Le slide deck de l'Université que nous avons donnée avec Rémi Forax à Devoxx France 2019.
Comme promis, Java sort sa version majeure tous les 6 mois. Le train passe et amène son lot de nouveautés. Parmi elles, certaines sont sorties : une nouvelle syntaxe pour les clauses switch et l'instruction de byte code CONSTANT_DYNAMIC. D'autres sont en chantier, plus ou moins avancé : une nouvelle façon d'écrire des méthodes de façon condensée, un instanceof 'intelligent', des constantes évaluées au moment où elles sont utilisées. Les projets progressent. Loom, et son nouveau modèle de programmation concurrente que l'ont peut tester avec Jetty. Amber, qui introduit les data types et des nouvelles syntaxes. Valhalla, dont les value types donnent leurs premiers résultats. S'il est difficile de prévoir une date de sortie pour ces nouveautés, on sait en revanche qu'une fois prêtes elles sortiront en moins de 6 mois. De tout ceci nous parlerons donc au futur et en public, avec des démonstrations de code, des slides, du code, de la joie et de la bonne humeur !
Talk I gave to The Coding Machine about PHP 8. Overview of the RFC process and which QoL, features and notable BC breaks before finishing on some performance improvements.
Slides from the talk we did with Maurice Naftalin for Devoxx Belgium 2019.
Functional programmers have been saying for decades that they know the way to the future.
Clearly they have been wrong, since imperative languages are still far more popular.
Clearly they have also been right, as the advantages of functional programming have become increasingly obvious. Is it possible to face both ways, and combine the two models?
Scala is one language that does this, and Java too has been on a journey, which still continues, of learning from functional languages and carefully adding features from them.
In this talk, we will review what Java has learned from functional languages, what it can still learn, and how its added features compare to Scala's original ones.
JavaScript for Unleashed a game about a robbery in London and its pretty long i do not know why you would want it but here have it :P also this is not pro its just for school because i am a loner like that and i have nothing better to do
Avec la version 9 sortie en septembre 2017, Java appuie sur la pédale ! Le rythme des livraisons passe à une version majeure tous les 6 mois. Java 10 est sorti en mars, prochaine version en septembre. Java 10 apporte le 'var' et l'inférence de type pour les variables locales. D'autres nouveautés sont en préparation : les constantes dynamiques, les classes de données, un nouveau switch à base de lambda, des interfaces fermées, de nouvelles choses du coté des génériques et bien plus encore.
Cela viendra-t-il en 11, 12, 15 ? Ne spéculons pas, mais quand ces nouveautés seront prêtes, elles sortiront en quelques mois. On se propose de présenter ces nouveautés, celles qui sont presque prêtes, celles qui seront prêtes bientôt, et celles qui ne seront pas prêtes avant un moment. Quels seront les impacts sur le langage, sur la JVM et donc sur les performances ? Que cela va-t-il nous apporter au quotidien, en tant que développeurs ? Quels seront les nouveaux patterns ? Voici le programme de cette présentation, avec des slides, du code, de la joie et de la bonne humeur !
Le slide deck de l'Université que nous avons donnée avec Rémi Forax à Devoxx France 2019.
Comme promis, Java sort sa version majeure tous les 6 mois. Le train passe et amène son lot de nouveautés. Parmi elles, certaines sont sorties : une nouvelle syntaxe pour les clauses switch et l'instruction de byte code CONSTANT_DYNAMIC. D'autres sont en chantier, plus ou moins avancé : une nouvelle façon d'écrire des méthodes de façon condensée, un instanceof 'intelligent', des constantes évaluées au moment où elles sont utilisées. Les projets progressent. Loom, et son nouveau modèle de programmation concurrente que l'ont peut tester avec Jetty. Amber, qui introduit les data types et des nouvelles syntaxes. Valhalla, dont les value types donnent leurs premiers résultats. S'il est difficile de prévoir une date de sortie pour ces nouveautés, on sait en revanche qu'une fois prêtes elles sortiront en moins de 6 mois. De tout ceci nous parlerons donc au futur et en public, avec des démonstrations de code, des slides, du code, de la joie et de la bonne humeur !
Talk I gave to The Coding Machine about PHP 8. Overview of the RFC process and which QoL, features and notable BC breaks before finishing on some performance improvements.
Slides from the talk we did with Maurice Naftalin for Devoxx Belgium 2019.
Functional programmers have been saying for decades that they know the way to the future.
Clearly they have been wrong, since imperative languages are still far more popular.
Clearly they have also been right, as the advantages of functional programming have become increasingly obvious. Is it possible to face both ways, and combine the two models?
Scala is one language that does this, and Java too has been on a journey, which still continues, of learning from functional languages and carefully adding features from them.
In this talk, we will review what Java has learned from functional languages, what it can still learn, and how its added features compare to Scala's original ones.
JavaScript for Unleashed a game about a robbery in London and its pretty long i do not know why you would want it but here have it :P also this is not pro its just for school because i am a loner like that and i have nothing better to do
A minimal collection of most wanted and widely accepted idioms and coding conventions for C++ development presented with examples and explanations. The lecture targets performance oriented codes so emphasis is on performance-friendly techiques.
Topics covered:
1) Design issues: idioms and best practices
- Resource Aquisition Is Initialization (RAII)
- Ownership semantics and smart pointers
- Header files: dependencies and decoupling
2) Objects Construction/Destruction/Copying
- Designing constructors
- Rule Of Three
- Transactional programming
3) Namespaces
- ADL/Koenig Lookup
4) Static analyzers
At first glance, Java byte code can appear to be some low level magic that is both hard to understand and effectively irrelevant to application developers. However, neither is true. With only little practice, Java byte code becomes easy to read and can give true insights into the functioning of a Java program. In this talk, we will cast light on compiled Java code and its interplay with the Java virtual machine. In the process, we will look into the evolution of byte code over the recent major releases with features such as dynamic method invocation which is the basis to Java 8 lambda expressions. Finally, we will learn about tools for the run time generation of Java classes and how these tools are used to build modern frameworks and libraries. Among those tools, I present Byte Buddy, an open source tool of my own efforts and an attempt to considerably simplify run time code generation in Java. (http://bytebuddy.net)
The slides of my JavaOne 2017 talk. It describes how you can create API using functional interfaces, default and static methods starting with Java 8. You can watch the video here: https://www.youtube.com/watch?v=64UO1YjVcZ0
Lambda and Stream Master class - part 1José Paumard
These are the slides of the talk we made with Stuart Marks at Devoxx Belgium 2018. This first part covers Lambda Expressions and API design with functional interfaces.
What is the state of lambda expressions in Java 11? Lambda expressions are the major feature of Java 8, having an impact on most of the API, including the Streams and Collections API. We are now living the Java 11 days; new features have been added and new patterns have emerged. This highly technical Deep Dive session will visit all these patterns, the well-known ones and the new ones, in an interactive hybrid of lecture and laboratory. We present a technique and show how it helps solve a problem. We then present another problem, and give you some time to solve it yourself. Finally, we present a solution, and open for questions, comments, and discussion. Bring your laptop set up with JDK 11 and your favorite IDE, and be prepared to think!
Secure Programming Practices in C++ (NDC Security 2018)Patricia Aas
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. We will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blows your whole leg off”.
Presented on 27th September 2017 to a joint meeting of 'Cork Functional Programmers' and the 'Cork Java Users Group'
Based on the Kotlin Language programming course from Instil. For more details see https://instil.co/courses/kotlin-development/
Those are the slides of the presentation we made with Maurice Naftalin à Goto: Copenhagen 2019.
Functional programmers have been saying for decades that they know the way to the future. Clearly they've been wrong, since imperative languages are still far more popular. Clearly they've also been right, as the advantages of functional programming have become increasingly obvious. Is it possible to combine the two models? Scala is one language that does this, and Java too has been on a journey, which still continues, of learning from functional languages and carefully adding features from them. In this talk, we'll review what Java has learned from functional languages, what it can still learn, and how its added features compare to Scala's original ones.
A minimal collection of most wanted and widely accepted idioms and coding conventions for C++ development presented with examples and explanations. The lecture targets performance oriented codes so emphasis is on performance-friendly techiques.
Topics covered:
1) Design issues: idioms and best practices
- Resource Aquisition Is Initialization (RAII)
- Ownership semantics and smart pointers
- Header files: dependencies and decoupling
2) Objects Construction/Destruction/Copying
- Designing constructors
- Rule Of Three
- Transactional programming
3) Namespaces
- ADL/Koenig Lookup
4) Static analyzers
At first glance, Java byte code can appear to be some low level magic that is both hard to understand and effectively irrelevant to application developers. However, neither is true. With only little practice, Java byte code becomes easy to read and can give true insights into the functioning of a Java program. In this talk, we will cast light on compiled Java code and its interplay with the Java virtual machine. In the process, we will look into the evolution of byte code over the recent major releases with features such as dynamic method invocation which is the basis to Java 8 lambda expressions. Finally, we will learn about tools for the run time generation of Java classes and how these tools are used to build modern frameworks and libraries. Among those tools, I present Byte Buddy, an open source tool of my own efforts and an attempt to considerably simplify run time code generation in Java. (http://bytebuddy.net)
The slides of my JavaOne 2017 talk. It describes how you can create API using functional interfaces, default and static methods starting with Java 8. You can watch the video here: https://www.youtube.com/watch?v=64UO1YjVcZ0
Lambda and Stream Master class - part 1José Paumard
These are the slides of the talk we made with Stuart Marks at Devoxx Belgium 2018. This first part covers Lambda Expressions and API design with functional interfaces.
What is the state of lambda expressions in Java 11? Lambda expressions are the major feature of Java 8, having an impact on most of the API, including the Streams and Collections API. We are now living the Java 11 days; new features have been added and new patterns have emerged. This highly technical Deep Dive session will visit all these patterns, the well-known ones and the new ones, in an interactive hybrid of lecture and laboratory. We present a technique and show how it helps solve a problem. We then present another problem, and give you some time to solve it yourself. Finally, we present a solution, and open for questions, comments, and discussion. Bring your laptop set up with JDK 11 and your favorite IDE, and be prepared to think!
Secure Programming Practices in C++ (NDC Security 2018)Patricia Aas
This talk is for programmers wishing to feel more comfortable navigating the C++ landscape. We will explore the programming culture that has developed around the C++ language. Specifically, we will look at programming patterns that navigate around or through some of the dangerous parts of the C++ language. The goal is to build a set of programming practices based in the “smaller and cleaner language” inside C++. And by doing so, we will also build an awareness around code constructs that can potentially “blows your whole leg off”.
Presented on 27th September 2017 to a joint meeting of 'Cork Functional Programmers' and the 'Cork Java Users Group'
Based on the Kotlin Language programming course from Instil. For more details see https://instil.co/courses/kotlin-development/
Those are the slides of the presentation we made with Maurice Naftalin à Goto: Copenhagen 2019.
Functional programmers have been saying for decades that they know the way to the future. Clearly they've been wrong, since imperative languages are still far more popular. Clearly they've also been right, as the advantages of functional programming have become increasingly obvious. Is it possible to combine the two models? Scala is one language that does this, and Java too has been on a journey, which still continues, of learning from functional languages and carefully adding features from them. In this talk, we'll review what Java has learned from functional languages, what it can still learn, and how its added features compare to Scala's original ones.
Java agents are pluggable self contained components that run embedded in a JVM and intercept the classloading process. They were introduced in Java 5 along with the powerful java.lang.instrument package. Java agents can be loaded statically at startup or dynamically (programmatically) at runtime to attach to a running process.
Java agents were an awesome addition to the JVM as it opened a lot of opportunities for tool designers and changed Java tooling landscape quite drastically. In conjunction with Java bytecode manipulation libraries it is now possible to do amazing things to Java classes: we can experiment with programming models, redefine classes at runtime, record execution flow, etc.
I’d like to give an overview of Java agents’ functionality along with the usage examples and real world experiences. You will learn, how to implement an agent and apply Instrumentation API in combination with bytecode manipulation libraries to solve interesting tasks.
No dark magic - Byte code engineering in the real worldtcurdt
ften byte code engineering is perceived as "black magic" and considered too low level. This session will not bore you with all the details of the JVM specification but provide you with a practical overview of how this byte code "swizzling" can be used in the real world instead. Several projects have sucessfully leveraged this technique to achieve some amazing things (e.g. AOP). This session will go through some of these examples and try to outline the differences between the two major libraries (BCEL and ASM). Maybe your next project can then benefit from some of this "magic".
How do we go from your Java code to the CPU assembly that actually runs it? Using high level constructs has made us forget what happens behind the scenes, which is however key to write efficient code.
Starting from a few lines of Java, we explore the different layers that constribute to running your code: JRE, byte code, structure of the OpenJDK virtual machine, HotSpot, intrinsic methds, benchmarking.
An introductory presentation to these low-level concerns, based on the practical use case of optimizing 6 lines of code, so that hopefully you to want to explore further!
Presentation given at the Toulouse (FR) Java User Group.
Video (in french) at https://www.youtube.com/watch?v=rB0ElXf05nU
Slideshow with animations at https://docs.google.com/presentation/d/1eIcROfLpdTU2_Z_IKiMG-AwqZGZgbN1Bs2E0nGShpbk/pub?start=true&loop=false&delayms=60000
Understanding bytecode and what bytecode is likely to be generated by a Java compiler helps the Java programmer in the same way that knowledge of assembler helps the C or C++ programmer. Java bytecode is the form of instructions that Java virtual machine executes. This knowledge is crucial when debugging and doing performance and memory usage tuning. The presenter will share his knowledge on what bytecode means for your platform and how to create compiler while using some awesome tools.
Inside the JVM - Follow the white rabbit! / Breizh JUGSylvain Wallez
Presentation given at the Rennes (FR) Java User Group in Feb 2019.
How do we go from your Java code to the CPU assembly that actually runs it? Using high level constructs has made us forget what happens behind the scenes, which is however key to write efficient code.
Starting from a few lines of Java, we explore the different layers that constribute to running your code: JRE, byte code, structure of the OpenJDK virtual machine, HotSpot, intrinsic methds, benchmarking.
An introductory presentation to these low-level concerns, based on the practical use case of optimizing 6 lines of code, so that hopefully you to want to explore further!
Slides containing information about my favorite features of the Ruby language. Many of these features exist in other languages, but in the context of my experience as a C, C++, and Java developer, offer a dramatic increase in expressiveness and productivity.
This slide show can also be used to teach a Ruby overview.
Practical JavaScript Programming - Session 1/8Wilson Su
JavaScript is one of the most popular skills in today’s job market. It allows you to create both client- and server-side applications quickly and easily. Having a solid understanding of this powerful and versatile language is essential to anyone who uses it.
“Practical JavaScript Programming” does not only focus on best practices, but also introduces the fundamental concepts. This course will take you from JavaScript basics to advanced. You’ll learn about topics like Data Types, Functions, Events, AJAX and more.
The LLDB Debugger in FreeBSD by Ed Masteeurobsdcon
Abstract
LLDB is a modern, high-performance debugger in the LLVM family of projects, and is built as a modular and reusable set of components on top of the Clang/LLVM foundation. It was originally developed for Mac OS X, but now supports FreeBSD and Linux as well, with ongoing work for Windows support.
This presentation will provide an overview of the design of LLDB, compare it with the existing GNU debugger in the FreeBSD base system, and present the path to importing LLDB as FreeBSD's debugger.
Speaker bio
Ed Maste manages project development for the FreeBSD Foundation and works in an engineering support role with Robert Watson's research group at the University of Cambridge Computer Laboratory. He has been a FreeBSD committer since 2005.
TeamCity is a great tool for Continuous Integration with a lot of advanced features provided out-of-the-box. In this session, we will go through how TeamCity helps the software development with the daily routine; what was added to the product in the latest releases; and what features are coming next.
You will learn why build pipelines are useful, and how the CI server can be optimized when properly configured. I will also demonstrate how to configure the builds using the special Kotlin DSL provided with TeamCity.
Devoxx Ukraine 2018 - Kotlin DSL in under an hourAnton Arhipov
Kotlin DSLLearn how to create type-safe and statically typed DSLs in Kotlin. Uncover the language features that make DSL creation possible. We’ll take a look at a few practical examples and create a simple DSL ourselves.
TestContainers is a Java library that supports JUnit tests, providing lightweight, throwaway instances of common databases, Selenium web browsers, or anything else that can run in a Docker container.
JavaOne 2017 - The hitchhiker’s guide to Java class reloadingAnton Arhipov
In Java, a typical workflow involves restarting the application with (almost) every class change. For some applications, it is not a problem at all; for others, it is a disaster, from HotSwap to agent-based reloading. This session takes a look at the options available for Java class reloading. There are plenty of tools you can use for this task: rely on standard JVM HotSwap, redesign your application to rely on dynamic class loaders, comprehend the Zen of OSGi, or integrate a reloading agent. Every option has its own drawbacks and benefits, and the presentation takes a deep dive into the subject. Come get a better understanding of class reloading technologies and become a more productive Java developer.
GeeCON 2017 - TestContainers. Integration testing without the hassleAnton Arhipov
TestContainers is a Java library that supports JUnit tests, providing lightweight, throwaway instances of common databases, Selenium web browsers, or anything else that can run in a Docker container.
JEEConf 2017 - The hitchhiker’s guide to Java class reloadingAnton Arhipov
In Java, a typical workflow involves restarting the application (almost) with every class change. For some applications it is not a problem at all, for some – it is a disaster.
From HotSwap to agent-based reloading. In this session, we are going to take a look at the options available for Java class reloading. There is plenty of tools that you can use for this task: rely on standard JVM HotSwap, redesign your application to rely on dynamic class loaders, to comprehend the Zen of OSGi, or to integrate a reloading agent. Every option has its own drawbacks and benefits and we’re going to take a deep dive on the subject.
Finally, there are also the conceptual challenges in reloading Java classes. What to do with the state? What should happen with the static initialisers? What if super class changes? Join this session to gain a better understanding of class reloading technologies and become more productive Java developer.
JEEConf 2017 - Having fun with JavassistAnton Arhipov
Javassist makes Java bytecode manipulation simple. At ZeroTurnaround we use Javassist a lot to implement the integrations for our tools.
In this talk we will go through the examples of how Javassist can be applied to alter the applications behavior and do all kind of fun stuff with it.
Why is it interesting? Because while trying to do unusual things in Java, you learn much more about the language and the platform itself and learning about Javassist will actually make you a better Java developer!
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
17. The Master Plan javap Stack Machine Objects and Methods Flow Control
18. javap Java class file disassembler Used with no options shows class structure only Methods, superclass, interfaces, etc -c – shows the bytecode -private – shows all classes and members -s – prints internal types signatures -l – prints lines numbers and local variable tables
19. C:orkuglasses>javap Hello -c Compiled from "Hello.java" public class Hello extends java.lang.Object{ public Hello(); Code: 0: aload_0 1: invokespecial #1; //Method java/lang/Object."<init>":()V 4: return public static void main(java.lang.String[]); Code: 0: getstatic #2; //Field java/lang/System.out:Ljava/io/PrintStream; 3: ldc #3; //String Hello, World! 5: invokevirtual #4; //Method java/io/PrintStream.println:(Ljava/lang/String;)V
23. Stack Machine JVM is a stack-based machine Each thread has a stack Stack stores frames Frame is created on method invocation Frame: Operand stack Array of local variables
38. Local Variables public int calculate(int); Code: Stack=2, Locals=2, Args_size=2 … LocalVariableTable: Start Length Slot Name Signature 0 5 0 this LLocalVariables; 0 5 1 value I
39. Local Variables public int calculate(int); Code: Stack=2, Locals=2, Args_size=2 … LocalVariableTable: Start Length Slot Name Signature 0 5 0 this LLocalVariables; 0 5 1 value I numbered from 0
40. Local Variables instance methods have this at 0 public int calculate(int); Code: Stack=2, Locals=2, Args_size=2 … LocalVariableTable: Start Length Slot Name Signature 0 5 0 this LLocalVariables; 0 5 1 value I
41. Local Variables The table maps numbers to names public int calculate(int); Code: Stack=2, Locals=2, Args_size=2 … LocalVariableTable: Start Length Slot Name Signature 0 5 0 this LLocalVariables; 0 5 1 value I
42. Local Variables Sized explicitly public int calculate(int); Code: Stack=2, Locals=2, Args_size=2 … LocalVariableTable: Start Length Slot Name Signature 0 5 0 this LLocalVariables; 0 5 1 value I
43. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 0 0 1 1 2 2 3 3 4 4
44. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 0 0 "Hello" 1 1 2 2 3 3 4 4
45. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 "Hello" 0 0 1 1 2 2 3 3 4 4
46. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 "Hello" 0 0 1 1 1 2 2 3 3 4 4
47. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 "Hello" 0 0 1 1 1 2 2 3 3 4 4
48. Local Variables Stack Local Variables value var value depth ldc"Hello" astore_0 iconst_1 astore_1 aload_0 "Hello" 0 0 "Hello" 1 1 1 2 2 3 3 4 4