The document discusses various techniques for mastering JavaScript including event handling, DOM manipulation, optimization, and testing. It presents both inline and script-based approaches to event handling and recommends using script-based handling by default. For DOM manipulation, it discusses the DOM and innerHTML methods and notes that neither is a clear winner. The document also provides tips on script optimization, recommended tools for debugging including Firebug, and Selenium for automated testing.
Copass + Ruby on Rails = <3 - From Simplicity to ComplexityAugustin Riedinger
Presentation made at le Wagon (http://www.lewagon.org) to give tips and learnings from the experience of building Copass (http://copass.org) with Ruby on Rails.
Interesting gems, dangerous ones, tips and readings, to get started with good practices on Rails at 3 steps of a project:
- Bootstrapping
- Going on production
- Scaling
5 Quick JavaScript Performance Improvement TipsTroy Miles
JavaScript is arguably the most important language in the world. It comes included in nearly every desktop and mobile browser. It powers the client-side of apps like Facebook and GMail. It is the language of choice for mobile development environments like Apccelerator's Titanium and Apache's Cordova (aka Adobe's PhoneGap). It is even on the server now in Node.js. Yet when programmer's run into performance issue with JavaScript their first inclination is to blame its interpreted nature, not realizing that simple changes in the structure of their code can result in sometimes significant improvements in performance. In this session I will show five quick changes you can make to your JavaScript code to improve its performance and explain why they work.
Copass + Ruby on Rails = <3 - From Simplicity to ComplexityAugustin Riedinger
Presentation made at le Wagon (http://www.lewagon.org) to give tips and learnings from the experience of building Copass (http://copass.org) with Ruby on Rails.
Interesting gems, dangerous ones, tips and readings, to get started with good practices on Rails at 3 steps of a project:
- Bootstrapping
- Going on production
- Scaling
5 Quick JavaScript Performance Improvement TipsTroy Miles
JavaScript is arguably the most important language in the world. It comes included in nearly every desktop and mobile browser. It powers the client-side of apps like Facebook and GMail. It is the language of choice for mobile development environments like Apccelerator's Titanium and Apache's Cordova (aka Adobe's PhoneGap). It is even on the server now in Node.js. Yet when programmer's run into performance issue with JavaScript their first inclination is to blame its interpreted nature, not realizing that simple changes in the structure of their code can result in sometimes significant improvements in performance. In this session I will show five quick changes you can make to your JavaScript code to improve its performance and explain why they work.
Why postgres SQL deserve noSQL fan respect - Riga dev day 2016Quentin Adam
Postgres SQL is a plain old SQL DB. Very powerful and very consistent, in some case, project needs an ACID database, but schemaless… With JSON support, postgres is a very interesting tool to provide ACID and some very interesting function (time management, localisation function and data types...) and the schemaless noSQL point of view with json and indexed json. This talk show some great usage and some insigth to build some great application with postgres.
A primeira coisa que te respondem quando você diz que trabalha com JavaScript é: "Ahh.. aquela linguagem do callback hell.. sei..".
Felizmente as Promises vieram ao resgate de diversas características e funcionalidade que perdemos ao trabalhar com procedimentos assíncronos.
Nesta palestra pretendo expor o que temos feito de errado, o que podemos fazer melhor, e como utilizar alguns patterns de Promises para ter uma melhor legibilidade e qualidade de código, tanto no FrontEnd quanto no BackEnd.
How to own the world, one desktop at a timeSaumil Shah
As 2009 comes to a close, we look back on the bugs of our days. The past few months have seen some interesting attacks. This talk takes a look at some of the most effective attack vectors of 2009. These, coupled with classic web hacking, social engineering and a bit of cleverness, increase the attack surface manifold. This year, my work goes beyond just browsers and looks at examples of mass ownage, new infection vectors, advanced client-side exploitation, malicious payloads, browser infection with toolbars and more.
Why postgres SQL deserve noSQL fan respect - Riga dev day 2016Quentin Adam
Postgres SQL is a plain old SQL DB. Very powerful and very consistent, in some case, project needs an ACID database, but schemaless… With JSON support, postgres is a very interesting tool to provide ACID and some very interesting function (time management, localisation function and data types...) and the schemaless noSQL point of view with json and indexed json. This talk show some great usage and some insigth to build some great application with postgres.
A primeira coisa que te respondem quando você diz que trabalha com JavaScript é: "Ahh.. aquela linguagem do callback hell.. sei..".
Felizmente as Promises vieram ao resgate de diversas características e funcionalidade que perdemos ao trabalhar com procedimentos assíncronos.
Nesta palestra pretendo expor o que temos feito de errado, o que podemos fazer melhor, e como utilizar alguns patterns de Promises para ter uma melhor legibilidade e qualidade de código, tanto no FrontEnd quanto no BackEnd.
How to own the world, one desktop at a timeSaumil Shah
As 2009 comes to a close, we look back on the bugs of our days. The past few months have seen some interesting attacks. This talk takes a look at some of the most effective attack vectors of 2009. These, coupled with classic web hacking, social engineering and a bit of cleverness, increase the attack surface manifold. This year, my work goes beyond just browsers and looks at examples of mass ownage, new infection vectors, advanced client-side exploitation, malicious payloads, browser infection with toolbars and more.
"Today’s attacks succeed because the defense is reactive". It is time to transition defense from being reactive to proactive. This is a keynote level talk, which discusses my seven axioms for implementing proactive defense strategy and measures for the future, concluding with a blueprint of the next evolution of pro-active defense architecture.
An introduction to the principle of least privilege, ring architecture and access compartmentalization. Multiple examples for vertical and horizontal PE are given.
The lecture was given to the Israeli Tech Challenge students from around the world.
Windows privilege escalation by Dhruv ShahOWASP Delhi
Different scenarios leading to privilege escalation
Design issues , implementation flaws, untimely system updates , permission issues etc
We ain’t talking about overflows here , just logics and techniques
The Dirty Little Secrets They Didn’t Teach You In Pentesting ClassRob Fuller
This talk is about methodologies and tools that we use or have coded that make our lives and pentest schedule a little easier, and why we do things the way we do. Of course, there will be a healthy dose of Metasploit in the mix.
Writing malware while the blue team is staring at youRob Fuller
Talk given at DerbyCon 2016 and RuxCon 2016
Malware authors and reverse engineers have been playing cat and mouse for a number of years now when it comes to writing and reversing of malware. From nation state level malware to the mass malware that infects grandmas and grandpas, mothers and fathers, the different types of malware employ a myriad of techniques to stop those who look at it from guessing the true intent. This talk will be about some of the unorthodox methods employed by some malware to stay hidden from, or out right ignore the reverse engineering community.
TEDx Manchester: AI & The Future of WorkVolker Hirsch
TEDx Manchester talk on artificial intelligence (AI) and how the ascent of AI and robotics impacts our future work environments.
The video of the talk is now also available here: https://youtu.be/dRw4d2Si8LA
Slides of a talk of a seminars series I gave at WebRatio in January 2014.
I implemented many best practices and advices in this presentation in a generic app template available here: https://github.com/iivanoo/cordovaboilerplate
Drupal Perfomance. Talk given at DrupalCamp North, 25th July 2015.
This session looked at tools you can use to analyse the performance and benchmark a Drupal site. It then looked at tools and techniques that can be used to improve the site performance. The session also included a case study about the Drupal based BAFTA website that was built by Access. Focusing on the recent Film and TV awards, which saw a large amount of traffic in a short amount of time.
Slides of the talk I gave at the .NET-day 2015 @L'Aquila (Italy).
Roadmap:
Use the DOM efficiently
Master events
Be smart with the network
Take care of memory issues
Take advantage of CSS3 features
Cover the advantages of test driven development, the reasons for pushing it all the way to the browser level, and then explore the options for testing JavaScript, look at some examples, and then integrate the tests into our existing development workflow.
Madison PHP 2015 - DevOps For Small TeamsJoe Ferguson
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
DevOps is a large part of a company of any size. In the 9+ years that I have been a professional developer I have always taken an interest in DevOps and have been the "server person" for most of the teams I have been a part of. I would like to teach others how easy it is to implement modern tools to make their everyday development and development processes better. I will cover a range of topics from "Stop using WAMP/MAMP and start using Vagrant", "version control isn't renaming files", "Automate common tasks with shell scripts / command line PHP apps" and "From Vagrant to Production".
Serverless in production, an experience reportYan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
2019 StartIT - Boosting your performance with BlackfireMarko Mitranić
A workshop held in StartIT as part of Catena Media learning sessions.
We aim to dispel the notion that large PHP applications tend to be sluggish, resource-intensive and slow compared to what the likes of Python, Erlang or even Node can do. The issue is not with optimising PHP internals - it's the lack of proper introspection tools and getting them into our every day workflow that counts! In this workshop we will talk about our struggles with whipping PHP Applications into shape, as well as work together on some of the more interesting examples of CPU or IO drain.
Serverless in production, an experience report (FullStack 2018)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Serverless in Production, an experience report (AWS UG South Wales)Yan Cui
AWS Lambda has changed the way we deploy and run software, but this new serverless paradigm has created new challenges to old problems - how do you test a cloud-hosted function locally? How do you monitor them? What about logging and config management? And how do we start migrating from existing architectures?
In this talk Yan and Scott will discuss solutions to these challenges by drawing from real-world experience running Lambda in production and migrating from an existing monolithic architecture.
Similar to The Mysteries Of JavaScript-Fu (@media Europe Edition) (20)
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
8. THE ANCIENT MANUALS
OF JAVASCRIPT-FU
The Tao Of The Event Handler!
❖
5 Methods Of DOM Fist!
❖
Lightning Script Style!
❖
The 36 Chambers Of Shaolin!
❖
9. TRANSLATED...
Working with events
❖
Working with DOM elements
❖
Optimisation
❖
Testing and debugging
❖
27. WHICH WAY?
Use script-based event handling by
❖
default
If the page is large and this method
❖
results in unresponsiveness try event
delegation
If all else fails go for inline event
❖
handling
52. WHICH WAY?
No clear winner
❖
DOM is good for more surgical
❖
manipulation
innerHTML is good for replacing large
❖
amounts of content or simple jobs
81. SELENIUM
Written by ThoughtWorks
❖
Implemented in HTML/CSS
❖
Test cases define a series of user
❖
actions (using HTML)
Assertions check the correct results
❖