SpringOne Platform 2017
Thomas Risberg, Pivotal
Is JDBC still a relevant API that a Java developer should bother learning? We'll review what has been happening in the world of JDBC lately and how it fits with the latest trends like Reactive, Non-Blocking APIs, Microservices, CQRS and Event Sourcing. Back in the days when we were writing monoliths it seemed like Hibernate and JPA where the obvious choices for accessing the database and JDBC was the API used by these frameworks. Now that we are moving towards different application architectures we see more and more examples using the classic `JdbcTemplate` for large portions of the database code. This talk will give a whirlwind tour of the basics of the Spring JDBC support and then give an overview how it fits in with these new architectural styles.
Not Only Reactive - Data Access with Spring DataVMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; John Blum, Pivotal
"Reactive programming is one of the Core themes supported by Spring Framework 5.0 and the other ecosystem projects. Spring Data provides non blocking, reactive support that allows Spring applications to go reactive from end to end. Still, more has happened around Spring Data.
In this session we will cover efforts made towards reactive data access for those stores supporting this approach. But we will also give an update on recent additions, changes and improvements in Spring Data. Have a detailed look at the supported stores and deep dive into some of their specifics."
Next Generation OAuth Support with Spring Security 5.0VMware Tanzu
SpringOne Platform 2017
Joe Grandja, Pivotal
"Spring Security 5.0 introduces new support for the OAuth 2.0 Authorization Framework and OpenID Connect 1.0.
This talk will provide a detailed overview of the new OAuth 2.0 Login feature, which provides the capability for authenticating the end-user against a standard OAuth 2.0 Provider or an OpenID Connect 1.0 Provider. This feature essentially realizes the use case “Login with Google” or “Login with Facebook” and is implemented by leveraging the Authorization Code Grant flow.
This talk will also walk through the necessary steps in setting up OAuth 2.0 Login using Google as the Authentication Provider."
Under the Hood of Reactive Data Access (1/2)VMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
"A huge theme in Spring Framework 5.0 and its ecosystem projects is the native reactive support that empowers you to build end-to-end reactive applications. Reactive data access especially requires a reactive infrastructure. But how is this one different from the ones used before? How does it deal with I/O?
In this session, we will demystify what happens inside the driver and give you a better understanding of their capabilities. You will learn about the inner mechanics of reactive data access by walking through reactive drivers that are used in Spring Data."
Under the Hood of Reactive Data Access (2/2)VMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
"A huge theme in Spring Framework 5.0 and its ecosystem projects is the native reactive support that empowers you to build end-to-end reactive applications. Reactive data access especially requires a reactive infrastructure. But how is this one different from the ones used before? How does it deal with I/O?
In this session, we will demystify what happens inside the driver and give you a better understanding of their capabilities. You will learn about the inner mechanics of reactive data access by walking through reactive drivers that are used in Spring Data."
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
How do you improve efficiency, reduce latency and memory footprint of your data access? Reactive Streams on top of a functional-reactive programming model are key. Both are two predominant concepts in reactive systems, that completely change how we approach data access in applications today. Reactive data access improves resource usage efficiency and eliminates several constraints of today’s imperative approaches.
This talk covers non-blocking data access using Spring Data for NoSQl data stores and Project Reactor. You will learn how to integrate Spring Data repositories in an end-to-end reactive web application. If you are a developer looking to consume data in a functional reactive style, this is your chance to gain the experience how your application can benefit from streaming data access.
As the complexity of web and mobile apps increases, so does the importance of ensuring that your client-side resources load and execute in an optimal and efficient manner. Differences in resource loading, transforming, and fingerprinting techniques can have a dramatic impact on performance and caching. These techniques can dictate whether your users have a joyful or frustrating experience. Attend this talk to learn the SpringMVC performance techniques aimed at keeping your users happy.
A video of this presentation is available from InfoQ:
http://www.infoq.com/presentations/resource-spring-mvc-4-1
The many benefits of a RESTful architecture has made it the standard way in which to design web based APIs. For example, the principles of REST state that we should leverage standard HTTP verbs which helps to keep our APIs simple. Server components that are considered RESTFul should be stateless which help to ensure that they can easily scale. We can leverage caching to gain further performance and scalability benefits.
However, the best practices of REST and security often seem to clash. How should a user be authenticated in a stateless application? How can a secured resource also support caching? Securing RESTful endpoints is further complicated by the the fact that security best practices evolve so rapidly.
In this talk Rob will discuss how to properly secure your RESTful endpoints. Along the way we will explore some common pitfalls when applying security to RESTful APIs. Finally, we will see how the new features in Spring Security can greatly simplify securing your RESTful APIs.
Marcin Grzejszczak - Contract Tests in the EnterpriseSegFaultConf
Is your legacy application talking to a service that is never up and running on your shared testing environment? Does your company waste a lot of time and money on regression testing only to see that, yet again, someone has created a typo in the API? Enough is enough. Time to fix this problem using contract tests!
In this presentation you’ll see how to migrate a legacy application to work with stubs of external applications. We’ll show different ways of increasing your test reliability by writing adding contract tests of your API. You’ll see the difference between producer and consumer driven contracts.
Not Only Reactive - Data Access with Spring DataVMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; John Blum, Pivotal
"Reactive programming is one of the Core themes supported by Spring Framework 5.0 and the other ecosystem projects. Spring Data provides non blocking, reactive support that allows Spring applications to go reactive from end to end. Still, more has happened around Spring Data.
In this session we will cover efforts made towards reactive data access for those stores supporting this approach. But we will also give an update on recent additions, changes and improvements in Spring Data. Have a detailed look at the supported stores and deep dive into some of their specifics."
Next Generation OAuth Support with Spring Security 5.0VMware Tanzu
SpringOne Platform 2017
Joe Grandja, Pivotal
"Spring Security 5.0 introduces new support for the OAuth 2.0 Authorization Framework and OpenID Connect 1.0.
This talk will provide a detailed overview of the new OAuth 2.0 Login feature, which provides the capability for authenticating the end-user against a standard OAuth 2.0 Provider or an OpenID Connect 1.0 Provider. This feature essentially realizes the use case “Login with Google” or “Login with Facebook” and is implemented by leveraging the Authorization Code Grant flow.
This talk will also walk through the necessary steps in setting up OAuth 2.0 Login using Google as the Authentication Provider."
Under the Hood of Reactive Data Access (1/2)VMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
"A huge theme in Spring Framework 5.0 and its ecosystem projects is the native reactive support that empowers you to build end-to-end reactive applications. Reactive data access especially requires a reactive infrastructure. But how is this one different from the ones used before? How does it deal with I/O?
In this session, we will demystify what happens inside the driver and give you a better understanding of their capabilities. You will learn about the inner mechanics of reactive data access by walking through reactive drivers that are used in Spring Data."
Under the Hood of Reactive Data Access (2/2)VMware Tanzu
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
"A huge theme in Spring Framework 5.0 and its ecosystem projects is the native reactive support that empowers you to build end-to-end reactive applications. Reactive data access especially requires a reactive infrastructure. But how is this one different from the ones used before? How does it deal with I/O?
In this session, we will demystify what happens inside the driver and give you a better understanding of their capabilities. You will learn about the inner mechanics of reactive data access by walking through reactive drivers that are used in Spring Data."
SpringOne Platform 2017
Christoph Strobl, Pivotal; Mark Paluch, Pivotal
How do you improve efficiency, reduce latency and memory footprint of your data access? Reactive Streams on top of a functional-reactive programming model are key. Both are two predominant concepts in reactive systems, that completely change how we approach data access in applications today. Reactive data access improves resource usage efficiency and eliminates several constraints of today’s imperative approaches.
This talk covers non-blocking data access using Spring Data for NoSQl data stores and Project Reactor. You will learn how to integrate Spring Data repositories in an end-to-end reactive web application. If you are a developer looking to consume data in a functional reactive style, this is your chance to gain the experience how your application can benefit from streaming data access.
As the complexity of web and mobile apps increases, so does the importance of ensuring that your client-side resources load and execute in an optimal and efficient manner. Differences in resource loading, transforming, and fingerprinting techniques can have a dramatic impact on performance and caching. These techniques can dictate whether your users have a joyful or frustrating experience. Attend this talk to learn the SpringMVC performance techniques aimed at keeping your users happy.
A video of this presentation is available from InfoQ:
http://www.infoq.com/presentations/resource-spring-mvc-4-1
The many benefits of a RESTful architecture has made it the standard way in which to design web based APIs. For example, the principles of REST state that we should leverage standard HTTP verbs which helps to keep our APIs simple. Server components that are considered RESTFul should be stateless which help to ensure that they can easily scale. We can leverage caching to gain further performance and scalability benefits.
However, the best practices of REST and security often seem to clash. How should a user be authenticated in a stateless application? How can a secured resource also support caching? Securing RESTful endpoints is further complicated by the the fact that security best practices evolve so rapidly.
In this talk Rob will discuss how to properly secure your RESTful endpoints. Along the way we will explore some common pitfalls when applying security to RESTful APIs. Finally, we will see how the new features in Spring Security can greatly simplify securing your RESTful APIs.
Marcin Grzejszczak - Contract Tests in the EnterpriseSegFaultConf
Is your legacy application talking to a service that is never up and running on your shared testing environment? Does your company waste a lot of time and money on regression testing only to see that, yet again, someone has created a typo in the API? Enough is enough. Time to fix this problem using contract tests!
In this presentation you’ll see how to migrate a legacy application to work with stubs of external applications. We’ll show different ways of increasing your test reliability by writing adding contract tests of your API. You’ll see the difference between producer and consumer driven contracts.
Migrating to Angular 5 for Spring DevelopersGunnar Hillert
You have the goal to migrate your project from AngularJS 1.x to Angular 4 and Angular 5. This should be straightforward, except you are realizing that your 3 year old technology stack is totally outdated (Grunt, RequireJS, Bower et al). Furthermore, you are using an older AngularJS 1.x version and your architecture does not conform with the latest 1.x architectural recommendations. At this point things start to look daunting. In this talk we discuss the challenges, experiences and reasons for migrating the Spring Cloud Data Flow Dashboard from using AngularJS 1.x to Angular 5. We also show how we effectively integrate our Angular front-end with Spring Boot.
Migrating to Angular 4 for Spring Developers VMware Tanzu
SpringOne Platform 2017
Gunnar Hillert, Pivotal
You have the goal to migrate your project from AngularJS 1.x to Angular 4. This should be straightforward, except you are realizing that your 3 year old technology stack is totally outdated (Grunt, RequireJS, Bower et al). Furthermore, you are using an older AngularJS 1.x version and your architecture does not conform with the latest 1.x architectural recommendations. At this point things start to look daunting. In this talk we discuss the challenges, experiences and reasons for migrating the Spring Cloud Data Flow Dashboard from using AngularJS 1.x to Angular 4. We also show how we effectively integrate our Angular front-end with Spring Boot.
A simple application called cvdb is used to illustrate best practices in combining AngularJS as a client browser technology with a Spring based Java server.
The server architecture utilizes the new Spring Boot module that was introduced with Spring 4 together with other Spring modules like Spring Data, Spring Security, Spring MVC.
QueryDSL is used to access a H2 in memory database.
Web frameworks are in a time of transition, as technologies like rich Ajax applications and HTML5 emerge. In this presentation, open source frameworks expert Matt Raible reveals which frameworks are fading fast and which will remain relevant for the near and far-off future.
RDBMS and Apache Geode Data Movement: Low Latency ETL Pipeline By Using Cloud...VMware Tanzu
SpringOne Platform 2017
Heather Riddle, HCSC; Paul Warren, HCSC
"Extract, transform, load (ETL) has always been complex and expensive for moving massive data sets from one data source to another. This is especially true if the source system is a traditional RDBMS with complicated relationships between tables. Most of the time, traditional ETL processes are implemented with batch, monolithic, and tightly coupled approaches. As the result, traditional ETL processes are often considered fragile, hard to maintain, not easy to tune, and often introduce high data latency between source and destination systems.
In this session, Paul and Heather will cover how to create cloud-native event driven microservices (ETL pipeline) for RDBMS and Apache Geode by using Cloud Foundry, Spring Cloud Stream, and RabbitMQ/Kafka. The pipelines can handle high volume data sets and complex database queries, yet with low data latency between the source RDBMS and Apache Geode. In addition, the design is highly tunable and scalable. The session will also cover analysis of performance metrics based on the implementations of real world use cases."
Apache Spark is one of the most exciting, active, and talked about ASF projects today, but how should Spring developers and enterprise architects view it? Is it the second coming of the Bean spec, or just another shiny distraction? This talk will introduce Spark and its core concepts, the ecosystem of services on top of it, types of problems it can solve, similarities and differences from Hadoop, integration with Spring XD, deployment topologies, and an exploration of uses in enterprise. Concepts will be illustrated with several demos covering: the programming model with Spring/Java8, development experience, “realistic” infrastructure simulation with local virtual deployments, and Spark cluster monitoring tools.
Enable SQL/JDBC Access to Apache Geode/GemFire Using Apache CalciteVMware Tanzu
SpringOne Platform 2017
Christian Tzolov, Pivotal
"When working with BigData & IoT systems we often feel the need for an established, Common Query Language.
To fill this gap some NoSql vendors are building SQL access to their systems. Building SQL engine from scratch is a daunting job and frameworks like Apache Calcite can help you with the heavy lifting. It allows you to integrate SQL parser, Cost-Based Optimizer, and JDBC with your NoSql system. Calcite has been used to empower many BigData platforms such as Hive, Spark, Flink, Drill, HBase/Phoenix to name some.
In this session I will walk you through the process of building a SQL access layer for Apache Geode (GemFire). I will share my experience, pitfalls and technical consideration like balancing between the SQL/RDBMS semantics and the design choices and limitations of In-Memory-Data-Grid systems like Geode.
Hopefully this will enable you to add SQL capabilities to your preferred NoSQL data system."
As our applications grow and need to deal with new big data challenges and global distribution we look to new data stores designed to deal with these new challenges. Cassandra is one great tool to deal with both of these problems, we will go over some of the different ways of dealing with Cassandra from Grails. I will cover the various Cassandra plugins for grails, including the Cassandra ORM, Astyanax, and Cassandra GORM. Also, I will talk about using the Cassandra Java driver directly. By the end of the talk you should have a overview of the data modeling that will working well in Cassandra paired with Grails, when to use or not use each plugin, and some of the basic connection configuration details needed.
Enable SQL/JDBC Access to Apache Geode/GemFire Using Apache CalciteChristian Tzolov
https://springoneplatform.io/sessions/enable-sql-jdbc-access-to-apache-geode-gemfire-using-apache-calcite
When working with BigData & IoT systems we often feel the need for an established, Common Query Language.
To fill this gap some NoSql vendors are building SQL access to their systems. Building SQL engine from scratch is a daunting job and frameworks like Apache Calcite can help you with the heavy lifting. It allows you to integrate SQL parser, Cost-Based Optimizer, and JDBC with your NoSql system. Calcite has been used to empower many BigData platforms such as Hive, Spark, Flink, Drill, HBase/Phoenix to name some.
In this session I will walk you through the process of building a SQL access layer for Apache Geode (GemFire). I will share my experience, pitfalls and technical consideration like balancing between the SQL/RDBMS semantics and the design choices and limitations of In-Memory-Data-Grid systems like Geode.
Hopefully this will enable you to add SQL capabilities to your preferred NoSQL data system.
Migrating to Angular 5 for Spring DevelopersGunnar Hillert
You have the goal to migrate your project from AngularJS 1.x to Angular 4 and Angular 5. This should be straightforward, except you are realizing that your 3 year old technology stack is totally outdated (Grunt, RequireJS, Bower et al). Furthermore, you are using an older AngularJS 1.x version and your architecture does not conform with the latest 1.x architectural recommendations. At this point things start to look daunting. In this talk we discuss the challenges, experiences and reasons for migrating the Spring Cloud Data Flow Dashboard from using AngularJS 1.x to Angular 5. We also show how we effectively integrate our Angular front-end with Spring Boot.
Migrating to Angular 4 for Spring Developers VMware Tanzu
SpringOne Platform 2017
Gunnar Hillert, Pivotal
You have the goal to migrate your project from AngularJS 1.x to Angular 4. This should be straightforward, except you are realizing that your 3 year old technology stack is totally outdated (Grunt, RequireJS, Bower et al). Furthermore, you are using an older AngularJS 1.x version and your architecture does not conform with the latest 1.x architectural recommendations. At this point things start to look daunting. In this talk we discuss the challenges, experiences and reasons for migrating the Spring Cloud Data Flow Dashboard from using AngularJS 1.x to Angular 4. We also show how we effectively integrate our Angular front-end with Spring Boot.
A simple application called cvdb is used to illustrate best practices in combining AngularJS as a client browser technology with a Spring based Java server.
The server architecture utilizes the new Spring Boot module that was introduced with Spring 4 together with other Spring modules like Spring Data, Spring Security, Spring MVC.
QueryDSL is used to access a H2 in memory database.
Web frameworks are in a time of transition, as technologies like rich Ajax applications and HTML5 emerge. In this presentation, open source frameworks expert Matt Raible reveals which frameworks are fading fast and which will remain relevant for the near and far-off future.
RDBMS and Apache Geode Data Movement: Low Latency ETL Pipeline By Using Cloud...VMware Tanzu
SpringOne Platform 2017
Heather Riddle, HCSC; Paul Warren, HCSC
"Extract, transform, load (ETL) has always been complex and expensive for moving massive data sets from one data source to another. This is especially true if the source system is a traditional RDBMS with complicated relationships between tables. Most of the time, traditional ETL processes are implemented with batch, monolithic, and tightly coupled approaches. As the result, traditional ETL processes are often considered fragile, hard to maintain, not easy to tune, and often introduce high data latency between source and destination systems.
In this session, Paul and Heather will cover how to create cloud-native event driven microservices (ETL pipeline) for RDBMS and Apache Geode by using Cloud Foundry, Spring Cloud Stream, and RabbitMQ/Kafka. The pipelines can handle high volume data sets and complex database queries, yet with low data latency between the source RDBMS and Apache Geode. In addition, the design is highly tunable and scalable. The session will also cover analysis of performance metrics based on the implementations of real world use cases."
Apache Spark is one of the most exciting, active, and talked about ASF projects today, but how should Spring developers and enterprise architects view it? Is it the second coming of the Bean spec, or just another shiny distraction? This talk will introduce Spark and its core concepts, the ecosystem of services on top of it, types of problems it can solve, similarities and differences from Hadoop, integration with Spring XD, deployment topologies, and an exploration of uses in enterprise. Concepts will be illustrated with several demos covering: the programming model with Spring/Java8, development experience, “realistic” infrastructure simulation with local virtual deployments, and Spark cluster monitoring tools.
Enable SQL/JDBC Access to Apache Geode/GemFire Using Apache CalciteVMware Tanzu
SpringOne Platform 2017
Christian Tzolov, Pivotal
"When working with BigData & IoT systems we often feel the need for an established, Common Query Language.
To fill this gap some NoSql vendors are building SQL access to their systems. Building SQL engine from scratch is a daunting job and frameworks like Apache Calcite can help you with the heavy lifting. It allows you to integrate SQL parser, Cost-Based Optimizer, and JDBC with your NoSql system. Calcite has been used to empower many BigData platforms such as Hive, Spark, Flink, Drill, HBase/Phoenix to name some.
In this session I will walk you through the process of building a SQL access layer for Apache Geode (GemFire). I will share my experience, pitfalls and technical consideration like balancing between the SQL/RDBMS semantics and the design choices and limitations of In-Memory-Data-Grid systems like Geode.
Hopefully this will enable you to add SQL capabilities to your preferred NoSQL data system."
As our applications grow and need to deal with new big data challenges and global distribution we look to new data stores designed to deal with these new challenges. Cassandra is one great tool to deal with both of these problems, we will go over some of the different ways of dealing with Cassandra from Grails. I will cover the various Cassandra plugins for grails, including the Cassandra ORM, Astyanax, and Cassandra GORM. Also, I will talk about using the Cassandra Java driver directly. By the end of the talk you should have a overview of the data modeling that will working well in Cassandra paired with Grails, when to use or not use each plugin, and some of the basic connection configuration details needed.
Enable SQL/JDBC Access to Apache Geode/GemFire Using Apache CalciteChristian Tzolov
https://springoneplatform.io/sessions/enable-sql-jdbc-access-to-apache-geode-gemfire-using-apache-calcite
When working with BigData & IoT systems we often feel the need for an established, Common Query Language.
To fill this gap some NoSql vendors are building SQL access to their systems. Building SQL engine from scratch is a daunting job and frameworks like Apache Calcite can help you with the heavy lifting. It allows you to integrate SQL parser, Cost-Based Optimizer, and JDBC with your NoSql system. Calcite has been used to empower many BigData platforms such as Hive, Spark, Flink, Drill, HBase/Phoenix to name some.
In this session I will walk you through the process of building a SQL access layer for Apache Geode (GemFire). I will share my experience, pitfalls and technical consideration like balancing between the SQL/RDBMS semantics and the design choices and limitations of In-Memory-Data-Grid systems like Geode.
Hopefully this will enable you to add SQL capabilities to your preferred NoSQL data system.
Deploying Spring Boot apps on KubernetesVMware Tanzu
SpringOne Platform 2017
Thomas Risberg, Pivotal
In this talk we will give an overview of the challenges involved in deploying a Spring Boot app on Kubernetes. How do you deploy the web app and a database together? How do you configure your app with the database password? We will take a look at what's needed to deploy Spring Cloud Data Flow server on Kubernetes, both for testing and for a real production deployment. We'll also discuss using Helm for app deployments.
Running Java Applications on Cloud FoundryVMware Tanzu
SpringOne Platform 2017
Ben Hale, Pivotal
From a developer's perspective, running a Java application on Cloud Foundry appears to consist of pushing a compiled artifact and getting a running process. From the platform's perspective though, there's a whole lot more going on. In this talk, the lead developer of the Java Buildpack will walk you through what goes on during application staging and what the buildpack can do for you. It will cover everything from dependency resolution to memory calculation and will even discuss how to integrate with marketplace services with no application configuration.
Today, a web page can be delivered to desktop computers, televisions, or handheld devices like tablets or phones. While a technique like responsive design helps ensure that our web sites look good across that spectrum of devices we may forget that we need to make sure that our web sites also perform well across that same spectrum. More and more of our users are shifting their Internet usage to these more varied platforms and connection speeds with some moving entirely to mobile Internet.
In this session we’ll look at the tools that can help you understand, measure and improve the web performance of your web sites and applications. The talk will also discuss how new server-side techniques might help us optimize our front-end performance. Finally, since the best way to test is to have devices in your hand, we’ll discuss some tips for getting your hands on them cheaply.
This presentation builds upon Dave’s “Optimization for Mobile” chapter in Smashing Magazine’s “The Mobile Book.”
This talk was given at the Responsive Web Design Summit hosted by Environments for Humans.
Project : Airline Reservation System
Objective : To design an Airline Reservation System application which enables the customers to search, book and cancel flights.
Description :
- Implemented using NetBeans IDE and MySQL Server
- Concepts of JAVA, DBMS and JDBC are used
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
The Tanzu Developer Connect is a hands-on workshop that dives deep into TAP. Attendees receive a hands on experience. This is a great program to leverage accounts with current TAP opportunities.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886