The idea of designing an API first, then having both the publishing developer teams and consuming client developer teams do their work in parallel is a pattern that the standards & tooling of the Open API ecosystem make worth considering. However, this approach is not without its challenges especially when it comes to governance and communication.
This session will present a real-world case study where this approach was executed successfully, going over how the work, teams, and deliverables were structured and presenting lessons learned that will be useful to anyone else considering this working model.
Andrzej Wysoczański: Przyśpiesz swój projekt z użyciem Apiary jako mock serwera. Dzięki utworzonej na początku, przemyślanej strukturze, wszyscy będą wiedzieli co robić i ominiecie korki do swoich endpointów. Związani kontraktem, przejedziecie cały wyścig wspólnie, jako zgrany team, a na mecie spotka was wieczna chwała. ;)
Andrzej Wysoczański: Przyśpiesz swój projekt z użyciem Apiary jako mock serwera. Dzięki utworzonej na początku, przemyślanej strukturze, wszyscy będą wiedzieli co robić i ominiecie korki do swoich endpointów. Związani kontraktem, przejedziecie cały wyścig wspólnie, jako zgrany team, a na mecie spotka was wieczna chwała. ;)
How to Leverage Serverless to Optimize for Cost and PerformanceDevOps.com
Serverless technology is growing in popularity and is often lauded as a “hands free” solution with benefits like unlimited scale, less operational staff -- and of course, lower cost. But like any new technology, reaping the benefits requires a more strategic approach than it may seem. Just as when companies moved from on-premise to the cloud, “lifting and shifting” existing applications to serverless can lead to less than optimal performance and price.
In this webinar, Bill Buckley, VP of Engineering at CloudZero, will discuss considerations when a group is building or moving to serverless infrastructure, so that you can experience the cost, cultural and performance benefits. He’ll cover:
Cultural considerations to get the most out of a severless transformation
Architectural considerations when leveraging serverless technologies that will keep your costs in check
How to implement serverless cost and performance monitoring to gain visibility into your systems
How the CloudZero engineering team built their product on serverless infrastructure and was able to reduce their AWS bill, even as they added more customers
In this session, we will understand how to create your first pipeline and build an environment to restore dependencies and how to run tests in Azure DevOps followed by building an image and pushing it to container registry.
Here is a slidedeck for the training offerings from CodeOps Technologies. Interested in organizing a training in your organization? Contact us at: reachus@codeops.tech
I walk us through an example of UX issues that have arisen from gaps in Alfresco's UX strategy & suggest a series of steps that Alfresco, partners and community members can take to mitigate that for our end users.
In this session, we will discuss a use case where we need to quickly develop web and mobile front end applications which are using several different frameworks, hosting options, and complex integrations between systems under the hood. Let’s see how we can leverage serverless technologies (Azure Functions and logic apps) and Low Code/No code platform to achieve the goal. During the session we will go though the code followed by a demonstration.
2017 September Golang Sydney meetup https://www.meetup.com/golang-syd/events/243263974/
Yun Zhi Lin wrote serverless-golang to bring about the perfect combination of strongly typed idiomatic Golang with the simplicity of Serverless Framework.
Serverless Golang currently forms the backbone of amaysim’s Serverless Realtime Event Driven Architecture, Anti-Corruption Layer and Single Customer View across 4 business verticals.
The library comes with easy to follow real world examples, and is entirely built and deployed immutably via Docker.
Azure Functions: Beginners to Advanced – Part 1BizTalk360
This is going to be a multi part series in which we will start from the basics to advanced concepts in Azure Function. The objective of this series is to provide one-stop place for the community to start learning about Azure Functions, from basic to some of the advanced concepts and feel comfortable to start working with Azure Functions. In this part of the series, we are going to set the basics firm. Covering concepts like
What is Azure Functions?
Serverless Computing
How to try Azure Functions without MSDN Subscription
Anatomy of Azure Functions
How to author Azure Function in Azure Portal and in Visual Studio
Pricing details of Azure Function
Demos from hello World to Using Azure Functions in Logic Apps and more
Presented at ServerlessConf NYC 2016.
In this session, Joe will describe the architectures of two serverless applications he has recently launched, PropertyTourPro.com and CommercialSearch.com, as well as talk through lessons learned during the development and deployment of both applications.
Imagine a scenario, where you can launch a video call or chat with an advisor, agent, or clinician in just one-click. We will explore application patterns that will enable you to write event-driven, resilient and highly scalable applications with Functions that too with power of engaging communication experience at scale. During the session, we will go through the use case along with code walkthrough and demonstration.
Slide presentasi ini dibuat oleh Petra Novandi Barus sebagai pemateri di acara Dapur Startup Bandung Developer Day pada 29 Juli 2016 di Dicoding Space Bandung
ESPC 2016 - From SharePoint to Office 365 Development - The path to your new ...Sébastien Levert
The world around the Office Developer is changing and for someone with a heavy SharePoint background, it can be somewhat scary to make the move to the cloud. But don’t be scared SharePoint Developer – From SharePoint to Office Development, become an added-value Office Developer and contribute to maximise the productivity of your enterprise. In this session, we will cover every aspect of the new Office Developer paradigm and we will ensure that you can make yourself at home in such a new world. The topics covered will be :
– SharePoint Add-In
– Office 365 Apps
– Office Add-In
– Microsoft Graph
Benefits of Attending this Session:
Learn what an Office Developer is
See code in action representing the Office Developer day-to-day
Leverage the most active community around productivity development
AWS Community Day Kochi 2019 - Technical Session
Rapid development, CI/CD for Chatbots on AWS by Muthukumar Oman, , Senior Architect - AWS Cloud & Big Data Solutions - Agilisium
Serverless Orchestration with Azure Durable FunctionsCallon Campbell
Durable Functions is an open source framework for Azure Functions. It allows you to write long-running orchestration as a single function while maintaining local state. All in code with no JSON schemas or UI designers.
API-First Redesign of a Legacy ApplicationNordic APIs
The classic text-based computer game “Lemonade Stand” was a favorite among elementary school students growing up in the 80s. It presented a simple model to teach business and economics. In this we’ll use it as the “legacy application” we’ve been asked by our client to turn into an API-first application.
Starting with the overall taxonomy of the game and working our way down to the resource and payload level, we’ll take a look at what needs to be represented in the game – from user inputs to IoT weather sensors – and define an API specification that could be used to faithfully recreate the logic from the original.
This talk will be both fun and educational. Participants will leave with a better appreciation of what it takes to reorganize real-world legacy applications into a RESTful model represented by an Open API Specification.
API-first Redesign of a Legacy Application - Nordic APIs Platform Summit 2018Chris Busse
My keynote talk from the Nordic APIs 2018 Platform Summit in Stockholm, Sweden (October 24, 2018). Covers the concepts of API-first / Design-first / Contract-first / API products, legacy application redesign, customer empathy, developer experience, recruiting developers, and team diversity.
How to Leverage Serverless to Optimize for Cost and PerformanceDevOps.com
Serverless technology is growing in popularity and is often lauded as a “hands free” solution with benefits like unlimited scale, less operational staff -- and of course, lower cost. But like any new technology, reaping the benefits requires a more strategic approach than it may seem. Just as when companies moved from on-premise to the cloud, “lifting and shifting” existing applications to serverless can lead to less than optimal performance and price.
In this webinar, Bill Buckley, VP of Engineering at CloudZero, will discuss considerations when a group is building or moving to serverless infrastructure, so that you can experience the cost, cultural and performance benefits. He’ll cover:
Cultural considerations to get the most out of a severless transformation
Architectural considerations when leveraging serverless technologies that will keep your costs in check
How to implement serverless cost and performance monitoring to gain visibility into your systems
How the CloudZero engineering team built their product on serverless infrastructure and was able to reduce their AWS bill, even as they added more customers
In this session, we will understand how to create your first pipeline and build an environment to restore dependencies and how to run tests in Azure DevOps followed by building an image and pushing it to container registry.
Here is a slidedeck for the training offerings from CodeOps Technologies. Interested in organizing a training in your organization? Contact us at: reachus@codeops.tech
I walk us through an example of UX issues that have arisen from gaps in Alfresco's UX strategy & suggest a series of steps that Alfresco, partners and community members can take to mitigate that for our end users.
In this session, we will discuss a use case where we need to quickly develop web and mobile front end applications which are using several different frameworks, hosting options, and complex integrations between systems under the hood. Let’s see how we can leverage serverless technologies (Azure Functions and logic apps) and Low Code/No code platform to achieve the goal. During the session we will go though the code followed by a demonstration.
2017 September Golang Sydney meetup https://www.meetup.com/golang-syd/events/243263974/
Yun Zhi Lin wrote serverless-golang to bring about the perfect combination of strongly typed idiomatic Golang with the simplicity of Serverless Framework.
Serverless Golang currently forms the backbone of amaysim’s Serverless Realtime Event Driven Architecture, Anti-Corruption Layer and Single Customer View across 4 business verticals.
The library comes with easy to follow real world examples, and is entirely built and deployed immutably via Docker.
Azure Functions: Beginners to Advanced – Part 1BizTalk360
This is going to be a multi part series in which we will start from the basics to advanced concepts in Azure Function. The objective of this series is to provide one-stop place for the community to start learning about Azure Functions, from basic to some of the advanced concepts and feel comfortable to start working with Azure Functions. In this part of the series, we are going to set the basics firm. Covering concepts like
What is Azure Functions?
Serverless Computing
How to try Azure Functions without MSDN Subscription
Anatomy of Azure Functions
How to author Azure Function in Azure Portal and in Visual Studio
Pricing details of Azure Function
Demos from hello World to Using Azure Functions in Logic Apps and more
Presented at ServerlessConf NYC 2016.
In this session, Joe will describe the architectures of two serverless applications he has recently launched, PropertyTourPro.com and CommercialSearch.com, as well as talk through lessons learned during the development and deployment of both applications.
Imagine a scenario, where you can launch a video call or chat with an advisor, agent, or clinician in just one-click. We will explore application patterns that will enable you to write event-driven, resilient and highly scalable applications with Functions that too with power of engaging communication experience at scale. During the session, we will go through the use case along with code walkthrough and demonstration.
Slide presentasi ini dibuat oleh Petra Novandi Barus sebagai pemateri di acara Dapur Startup Bandung Developer Day pada 29 Juli 2016 di Dicoding Space Bandung
ESPC 2016 - From SharePoint to Office 365 Development - The path to your new ...Sébastien Levert
The world around the Office Developer is changing and for someone with a heavy SharePoint background, it can be somewhat scary to make the move to the cloud. But don’t be scared SharePoint Developer – From SharePoint to Office Development, become an added-value Office Developer and contribute to maximise the productivity of your enterprise. In this session, we will cover every aspect of the new Office Developer paradigm and we will ensure that you can make yourself at home in such a new world. The topics covered will be :
– SharePoint Add-In
– Office 365 Apps
– Office Add-In
– Microsoft Graph
Benefits of Attending this Session:
Learn what an Office Developer is
See code in action representing the Office Developer day-to-day
Leverage the most active community around productivity development
AWS Community Day Kochi 2019 - Technical Session
Rapid development, CI/CD for Chatbots on AWS by Muthukumar Oman, , Senior Architect - AWS Cloud & Big Data Solutions - Agilisium
Serverless Orchestration with Azure Durable FunctionsCallon Campbell
Durable Functions is an open source framework for Azure Functions. It allows you to write long-running orchestration as a single function while maintaining local state. All in code with no JSON schemas or UI designers.
API-First Redesign of a Legacy ApplicationNordic APIs
The classic text-based computer game “Lemonade Stand” was a favorite among elementary school students growing up in the 80s. It presented a simple model to teach business and economics. In this we’ll use it as the “legacy application” we’ve been asked by our client to turn into an API-first application.
Starting with the overall taxonomy of the game and working our way down to the resource and payload level, we’ll take a look at what needs to be represented in the game – from user inputs to IoT weather sensors – and define an API specification that could be used to faithfully recreate the logic from the original.
This talk will be both fun and educational. Participants will leave with a better appreciation of what it takes to reorganize real-world legacy applications into a RESTful model represented by an Open API Specification.
API-first Redesign of a Legacy Application - Nordic APIs Platform Summit 2018Chris Busse
My keynote talk from the Nordic APIs 2018 Platform Summit in Stockholm, Sweden (October 24, 2018). Covers the concepts of API-first / Design-first / Contract-first / API products, legacy application redesign, customer empathy, developer experience, recruiting developers, and team diversity.
DevOps on AWS: Accelerating Software Delivery with AWS Developer Tools | AWS ...Amazon Web Services
Software release cycles are now measured in days instead of months. Cutting-edge companies are continuously delivering high-quality software at a fast pace. In this session, you will learn how to begin your DevOps journey through best practices and tools used by the "two pizza" engineering teams at Amazon. We will showcase how you can accelerate developer productivity by implementing continuous integration and delivery workflows. We will also cover an introduction to AWS CodeStar, AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, and AWS CodeDeploy - the services inspired by Amazon's internal developer tools and DevOps practice. Learn More: https://aws.amazon.com/government-education/
Alfresco Digital Business Platform Builder ExperienceRay Gauss
Ideas around providing developers with frameworks and tools that enable performant, upgrade-safe extensions to the Alfresco Digital Business Platform, including design, event consumption, REST APIs, and deployment.
Lessons learned on the Azure API Stewardship Journey.pptxapidays
apidays LIVE Singapore 2022: Digitising at scale with APIs
April 20 & 21, 2022
Lessons learned on the Azure API Stewardship Journey
Adrian Hall, Principal Product Manager at Microsoft
------------
Check out our conferences at https://www.apidays.global/
Do you want to sponsor or talk at one of our conferences?
https://apidays.typeform.com/to/ILJeAaV8
Learn more on APIscene, the global media made by the community for the community:
https://www.apiscene.io
Explore the API ecosystem with the API Landscape:
https://apilandscape.apiscene.io/
Deep dive into the API industry with our reports:
https://www.apidays.global/industry-reports/
Subscribe to our global newsletter:
https://apidays.typeform.com/to/i1MPEW
CI and CD with Visual Studio Team Services and AzureLennart Passig
This Slideset shows the Microsoft toolsets for continous integration and continous delivery. In the Takeaway slide are a bunch of demo meterials to be able to configure VSTS yourself.
Refining Your API Design - Architecture and Modeling Learning EventLaunchAny
APIs are a conversation that involves everyone, from developers to end-users and even machine-to-machine. Yet, we can miss the mark when designing an API that delivers on the desired outcomes of the end user. In this talk, James discusses the factors that ensure an API delivers value to the end user. He will explore some techniques on refining your API design before it goes live. He will also explore the challenges of microservices and why they may not be what you think they are. Along the way, we will discuss techniques that can accelerate the API design and delivery process.
SPFx- A modern development model for SharePointKirti Prajapati
SharePoint Framework (SPFx) promoted as "the future of SharePoint development" has been released in developer preview. The framework might be new, but that is a framework that we all have been longing for quite some time. Client-side development has been here for years and we all built our own frameworks. This model leverages techniques we are used to such as CSOM, the SharePoint REST API's, the Microsoft Graph etc. and at the same time embraces open source technologies such as node.js, Gulp, Yeoman and more.
I will talk about SharePoint Development Model Evolution and demonstrate use of Light Weight Components with SPFx by developing client side Web Parts.
App dev and partner ecosystem for pink social connections 2017Heath McCarthy
This presentation was used at the SocialConnections.info 11 event. Contains the core elements of the Connections Pink app dev strategy, including how to build and integrate into Connections, how to customize Cloud experiences, and how to build user-based situational applications
Turning the IBM Collaboration Ecosystem PinkLetsConnect
The future of Connections is looking bright (and apparently Pink). With a significant emphasis on the Application Developer ecosystem, including partners and customers, the IBM Connections team is making improvements in our resources for the developer community. We’d like to share where we are and where we are going, and we’d like your feedback. As we make significant strides in the Connections catalog, both developers, partners, and ORG admins will want to understand how the new catalog works and how we are removing friction from the processes to create, deploy, and provision apps. Lastly, developers will want to understand more about the first in a series of new tools, like LiveGrid and the Connections Cloud Proxy, that accelerate customization, application development, and situational business applications.
POST/CON 2019 Workshop: Design, Develop, and Mock APIs with PostmanPostman
Learn how to collaboratively plan and design APIs to establish a single source of truth for your API lifecycle. This workshop will focus on building Collections to represent APIs from the point of view of both producers and consumers of an API. We will show how you can use API schemas (OpenAPI/RAML/GraphQL) in Postman, manage versions of collections, and document them. We will also deep-dive into Mock Servers, and show how you can use them in your development.
apidays LIVE Paris 2021 - Lessons from the API Stewardship Journey in Azure b...apidays
apidays LIVE Paris 2021 - APIs and the Future of Software
December 7, 8 & 9, 2021
Lessons from the API Stewardship Journey in Azure
Ryan Sweet, Principal Architect at Microsoft
Beyond DevOps: How Netflix Bridges the Gap?C4Media
Video and slides synchronized, mp3 and slide download available at URL http://bit.ly/1mv6Kpr.
Josh Evans uses the Netflix Operations Engineering as a case study to explore the challenges faced by centralized engineering teams and approaches to addressing those challenges. Filmed at qconsf.com.
Josh Evans is Director of Operations Engineering at Netflix, with experience in e-commerce, playback control services, infrastructure, tools, testing, and operations.
Sign up for our beta today! http://datadipity.com/register
Datadipity reduces time to launch by promoting the “Virtualized API stack” with a set of APIs in place, there is no need to architect complex distributed systems. 3rd party APIs are leveraged so that the architecture can be reduced to one code base. This reduces development time. Usability is much easier to maintain during beta release and user acceptance changes are easier to apply.
Similar to LF_APIStrat17_Contract-first API Development: A Case Study in Parallel API Publishing & Consumption (20)
LF_APIStrat17_OWASP’s Latest Category: API UnderprotectionLF_APIStrat
OWASP’s 2017 top ten adds a new category called 'underprotected APIs', reflecting the growth of RESTful Web APIs and richer front-end clients which stress current security and access authorization approaches. You’ll learn about potential threats resulting from undersecured Web APIs and techniques to strengthen your API security posture. You'll gain a clear understanding of user authorization via OAuth2, software authorization via static API keys and the critical interplay between them. Of particular concern are mobile API consumers whose code is statically published with secrets which are often poorly concealed. Practical advice with code examples will show how to improve mobile API security. TLS is necessary but insufficient to fully secure client-server communications. Certificate pinning is explained with code examples to show how to strengthen channel communications. Some advanced techniques will be discussed such as app hardening, white box cryptography and mobile app attestation. You should gain a good understanding of the underprotected API problem, with some immediately practical tips to improve your API security posture and a sense of emerging tools and technologies that enable a significant step change in API security.
LF_APIStrat17_Creating Communication Applications using the Asterisk RESTFul ...LF_APIStrat
People often tend to think of Asterisk as an "open source PBX" because that was the focus of the original development effort. But calling Asterisk a PBX is both selling it short (it is much more) and overstating it (it can be much less). Asterisk is to communications applications what the Apache web server is to web applications. Apache is a web server. Asterisk is a communication server. When you install Asterisk, you have a communications server but it is up to you to create the communications applications.
The Asterisk RESTFul Interface (ARI) is an asynchronous API that allows developers to build communications applications by exposing the raw primitive objects in Asterisk - channels, bridges, endpoints, media, etc. The state of the objects being controlled by the user are conveyed via JSON events over a WebSocket. These resources were traditionally the purview of Asterisk's C modules. By handing control of these resources via ARI to all developers regardless of their language choice Asterisk has become an engine of communication, with the business logic of how things should communicate deferred to the application using Asterisk.
This presentation will provide information on getting started using ARI and will provide a working demonstration of using the ARI to create a telephone application.
LF_APIStrat17_Super-Powered REST API TestingLF_APIStrat
Let's talk testing. You know you should do it, but you probably don't enjoy it very much. I'll try to change your mind about that by showing you just how easy – and fun – it can be to test REST APIs. Whether you prefer the command line, a text editor, or a GUI, I'll show you tools that will fit nicely into your workflow.
In this workshop, you'll get hands-on experience with multiple API testing tools. We'll test the same API in each tool to compare the differences between them, including features, limitations, and ease of use. So bring your laptop, or just watch me. Either way, I'll send you home with sample code, working demos, and a better understanding of API testing.
LF_APIStrat17_How Mature are You? A Developer Experience Maturity ModelLF_APIStrat
How confident are you that your developer experience matches the expectations of your customers? How can you judge if you’re providing an adequate or best-in-class experience? What about your competition? How do you compare?
We had the same questions at Arity, and so developed a maturity model for API programs. Based on a year of user testing with developers, this model covers categories such as support and documentation.
This maturity model helps you focus your time and effort on the areas that will provide the greatest value for your customers. It’s a way to distill all the elements of the developer experience into an easily consumable document to give to stakeholders, helping you explain why the things you do as a manager of the developer community translate to increased sales for your organization.
We’ll go through the model together so you can score your company’s program. You’ll leave the session with a score and roadmap of how this can help you influence your stakeholders.
LF_APIStrat17_Connect Your RESTful API to Hundreds of Others in Minutes (Zapi...LF_APIStrat
You may have seen the articles or blog posts claiming something outrageous like how you can connect to hundreds of other Apps and enable thousands of use cases within a few hours of development.
They’re true. In this workshop, the Left Hook team will walk you through how to connect your App to hundreds of others on Zapier’s platform in a matter of minutes. There are a few big asterisks to achieve this speed: 1) Your API needs to be RESTful using either API token or OAuth2.0; 2) You’ll need to choose only a few basic use cases; 3) You need to be comfortable in a Node.js environment; 4) You need to be comfortable using a CLI tool.
LF_APIStrat17_Things I Wish People Told Me About Writing DocsLF_APIStrat
"Have you ever read a piece of API documentation and thought it was a mess? Maybe it was incomplete, badly organized, or in general just not great. There’s a good chance it was quickly thrown together by someone who had no idea what they were doing. In this talk, we will discuss the things Taylor wished she knew before starting to dive into the world of writing docs and developer focused content.
We will discuss how people actually read documentation, different types of docs and when they are appropriate, and docs navigation techniques using design principles. Also, we will learn more about the importance of focusing on language, including why naming matters and error messages as a form of documentation. Lastly, we will talk about tools and tactics to enable other team members to write documentation."
LF_APIStrat17_Lifting Legacy to the Cloud on API BoostersLF_APIStrat
Congratulations, you have a project to migrate a large legacy software system to the cloud. Also it needs some updates and the clients have a whole list of feature requests. Are you experiencing feelings of dread or exciting visions of the possibilities? The good news is that it can and should be the latter. The Open API ecosystem makes it easier than ever to take on a project like this and be successful. In this talk Seth will introduce his team’s ongoing migration project as a case study. He will discuss the primary benefits of open APIs as part of the migration and how they contribute to velocity, visibility, team focus, and feature development. He will examine strategies for identifying APIs, validating APIs, and integrating APIs into a legacy migration project. He will then discuss the layers of a legacy application that APIs can be used to address (hint: more than you may think).
LF_APIStrat17_Don't Repeat Yourself - Your API is Your DocumentationLF_APIStrat
"If you find yourself maintaining a set of documents explaining the use of your API, you haven't finished it's design yet. This talk will compare various strategies with examples, while discussing ways to determine the most appropriate method for your API.
We will explore OAS (Swagger), Json-LD, Schema.org, HAL, Hydra, Siren, Semantic profiles, and other formats while comparing their relative strengths and weaknesses. After these options, we will arm you with a series of questions which direct you to the appropriate tool for your API.
Discover how you can save considerable time and headaches by incorporating a self documenting method in your API design."
LF_APIStrat17_How We Doubled the Velocity of Our Developer Experience TeamLF_APIStrat
We ruthlessly prioritize everything we do and automate away anything we have to do more than a couple times. This has helped the SendGrid DX team to maintain libraries for 7 different programming languages and their github communities with a single engineer. We challenge ourselves to always be working on the highest impact items for our users. Our goals are to maintain engagement with our developer community, manage our libraries at the highest possible level, all while sustaining our lean team.
LF_APIStrat17_API Marketing: First Comes Usability, then DiscoverabilityLF_APIStrat
How would you market an API? Well, first you must design a usable service that caters to your developer experience. But even the best API needs a promotional boost. One way to do this is to maximize all routes toward making your interface naturally discoverable. In this presentation, I’ll outline strategies and tools that can be used to increase the exposure of an API, covering things like: * Examples of sandboxes, API playgrounds, and other types of usable interfaces found in well-designed dev portals throughout the API space. * Discoverability benefits of using machine readable API definitions. * Tooling that can aid in generating beautiful documentation and test consoles to appeal to developers. * Directory profiling: Increasing exposure in web API-specific directories like ProgrammableWeb, APIs.guru, and 10 others. * Content generation: Crafting search-engine-optimized descriptions of APIs from a copywriting sensibility and the power of graphic design trends and thought leadership to reinforce credibility. * Many other ideas on establishing communities and marketing APIs and SaaS on integral developer social channels.
LF_APIStrat17_Standing Taller with Technology: APIs, IoT, and the Digital Wor...LF_APIStrat
How can we extend everyone's technological reach, no matter where they're starting from? How can IT become a platform that lets everyone stand taller? I'll talk about the critical role APIs play in creating more digital workforces. As organizations spend billions on various digital transformation efforts, they need to empower more of their people, not just developers and IT staff, to understand and interact with their data and technologies through APIs. The key is providing tools to people that make APIs more accessible to more people. APIs enable all sorts of combinations and linkages between data and technologies, and giving people streamlined access to APIs enables them to combine and extend their own expertise in innovative ways. Illustrative examples from working in IoT and APIs include academic research projects in many disciplines and business implementations across industries.
OpenStack ran into a challenge: how do you balance the ability to evolve a REST API, with backwards compatibility guarantees, and have it work the same across different deployments, when you have no control over when they are going to upgrade. The answer we came up with was labeled "Microversions", inspired by HTTP content negotiation. This talk will dig into the challenges of versioning REST APIs, as well as the unique challenges of versioning ones that expect to exist in interoperable public clouds. It will dive through ideas that were tried and retired in OpenStack, and describe in depth the microversion system that many OpenStack services now use. We'll look at what's been learned in 2 years of this in the field, and suggest how related approaches might be applied to other open source projects.
LF_APIStrat17_I Believe You But My Enterprise Don't: Adopting Open Standards ...LF_APIStrat
To many of us in the API community, open standards seem like a no-brainer: they promote interoperability, extensibility, and longevity, all while helping you reap the benefits of being part of a larger ecosystem. These benefits include greater and more rapid adoption by developers and being in sync with and a contributor to best practices. But what happens when the clients consuming your APIs are enterprise healthcare companies, whose teams will develop integrations with your APIs regardless of best practices and who want things done their way rather than the open standard way? This talk draws on the speaker’s experiences integrating with enterprise healthcare systems to illustrate the value of projects such as the Open API Specification, open data model standards (e.g. Open Referral), and hypermedia formats, and how to communicate these benefits to reluctant enterprise clients.
Disclaimer: This talk is about the models, processes, and algorithms that power machine learning APIs rather than about the API itself.
Machine learning is fast becoming ubiquitous, from large enterprises to small startups. In this talk, we’ll embark on a journey with a small risk management startup, and we’ll talk about how snowflakes & trees and chickens & eggs came together to help the startup implement its own flavor of machine learning. This is the story of the cold decision tree and how it solved the cold start problem.
LF_APIStrat17_Getting Your API House In OrderLF_APIStrat
"Is your organization getting maximum impact from the technical talent and API experience that you already have? What is stopping you from turning that potential into results?
Ryan will share some of the steps that that GSA is taking in implementing an agency-wide API Strategy. Early successes include publishing API Standards, reviving an internal API Working Group, and creating an API documentation template and reference prototype API.
Learn about the journey that GSA is on, and how you can apply similar strategies across your organization."
LF_APIStrat17_Diving Deep into the API Ocean with Open Source Deep Learning T...LF_APIStrat
"The world is full of seas of data. Some of these seas are created and exchanged by APIs; some of them are even about APIs. Since 2014, APImetrics has accumulated over 100 GB of data on API test calls made to over 5000 API endpoints by agents deployed in cloud locations on 5 continents.
There's a huge amount of insight trapped at the bottom of that sea of (in our case unlabelled) data. Getting at it would've been nearly impossible before the emergence of powerful open source deep learning libraries in the mid-2010s.
APImetrics will share how we chose a deep learning library and the data munging we did to get our data to work with the library. We will explain how we were able carry out unsupervised and semi-supervised learning and discuss the insights on global API performance and quality we were able to dredge from the bottom of our sea of data. We'll provide pointers on how organizations, from startups like APImetrics to megacorporations, can use deep learning to create oceans of knowledge from their own seas of data."
LF_APIStrat17_Supporting SDKs in 7 Different Programming Languages While Main...LF_APIStrat
Many companies that provide an API also include SDKs. In this talk, learn from SendGrid’s Developer Experience Engineer, Elmer Thomas about how he re-built their 7 open source SDKs (Python, PHP, C#, Ruby, Node.js, Java and Go) to support 233 API endpoints. This tale involves automated integration test creation and execution with a Swagger/OAI powered mock API server, documentation, code, examples, CLAs, backlogs and sending out swag along with some insights on what should not be automated, like HTTP clients. He will dig into the technologies that made these automations possible along with lessons learned from the various programming communities.
"Despite open data's potential to change the world, it seems that developers and open data providers are constantly in an uphill battle to make open data not only available, but usable and actively used. The obstacles facing open data’s growth and adoption vary from technical infrastructure concerns, including maintenance, APIs, open data formats, to societal ones, including the ethical and security challenges of open data and the political climate shift in some countries causing antagonism towards open data.
In this talk, Shelby Switzer will dive into the origins and current state of open data globally and in the US, using concrete stories to illustrate the value of open data and its potential impact on our communities, governments, and businesses. She will explore the challenges facing the open data ecosystem, and discuss how key open source projects and standards, including Open API, have the potential to be instrumental in changing the game and positively impacting the open data movement."
LF_APIStrat17_Practical DevSecOps for APIsLF_APIStrat
In DevSecOps “shift left” applies to application security too: developers should commit to provide API security at the earliest stages of development.
In this session, Isabelle will propose an innovative strategy to address API security, in which developers collaborate with security teams and bring their business knowledge of the APIs to:
1/ Assess the API risk in terms of data and operation sensitivity
2/ Specify the input/output data formats
3/ Describe the application flow logic From the data gathered previously, tools can then generate automatically the appropriate security policies, respecting the rules set by the security teams.
Isabelle will also explain how the CI/CD pipeline can leverage a containerized PEP (Policy Enforcement Point) in the different testing / QA / Pre-Production / Production environments.
LF_APIStrat17_Bulletproofing Your API'sLF_APIStrat
In today’s inter-connected world, the statistics are against you for a secure API. It is not a matter of if but when one simple breach can make front page news, tarnish your organization’s reputation, and cause problems not only for your organization but for external consumers of your API as well.
With such loaded consequences, testing and validating access to your application or device for security vulnerabilities needs to become an industry standard.
In this session, you'll learn:
Shift left your security testing efforts and establish a continuous security testing process
Perform API security penetration testing
Extend existing functional tests with security scenarios
Correlate security vulnerabilities to business requirements
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
5. Contract-first API Development
Chris Busse | @busse | #apistrat
One day my Web Designer friend Lisa called me
• She had a new client, TidalScale, and needed help
building a functional demo based on her UI design
• The front-end would be Angular
• Very advanced & capable dev team on a fast moving
project…
“They said if I can tell them what APIs I need,
they’ll build them!”
6. Contract-first API Development
Chris Busse | @busse | #apistrat
Let’s use the Open API
Specification and design with
a Contract-first approach.
Everything will be
AWESOME!
7. Contract-first API Development
Chris Busse | @busse | #apistrat
The Team
Lisa
Designer
Chuck
Product Manager
Leon
Back-end Dev
James
Front-end Dev
…and Chris (me), wrangling the API Spec!
10. Contract-first API Development
Chris Busse | @busse | #apistrat
“I wrote up this JSON blob..”
• This model was derived from the paper prototype
• ~300 lines, 8 levels deep, representing their entire architecture
• This was a very important artifact – it represented well-
organized, thought out and a unified view from the Product
and Back-End Dev teams
• In an Enterprise, we’d call this “Governance” and a lot of
effort is put into this process
12. Contract-first API Development
Chris Busse | @busse | #apistrat
Back-end Dev built Mock Services in Go
• Mock Service backed the demo and were easy to begin
populating with real data as it became available
• Willingness to expose this to whitelisted IPs enabled
better distributed development & “Try It Out”
• This could be considered “throw away” work by some,
but it was critical to getting the Front-end developer
working in parallel
14. Contract-first API Development
Chris Busse | @busse | #apistrat
Now we were doing parallel development
Back-end Dev
- Validate Data Structures
- Create Initial Mock Services
- Make them functional
Front-end Dev
- Build first from Spec
- Test against Mock Services
- Provide validation and feedback
Product Team
Sees the demo in action sooner
Able to facilitate product feedback quicker
15. Contract-first API Development
Chris Busse | @busse | #apistrat
Used Spec + GitHub to Organize a Feedback Loop
Parallel
Development
Collaborate
Modify Spec
After a few iterations the
TidalScale team was
making Spec edits too
16. Contract-first API Development
Chris Busse | @busse | #apistrat
This enabled very rapid iteration
• We versioned the spec (arguably a misuse of that field)
• Kept a CHANGELOG.md in the repo to make changes
human-readable
• Used Semantic-ish Versioning (http://semver.org/)
17. Contract-first API Development
Chris Busse | @busse | #apistrat
Moving fast!
• Communicating in code
• Spotting issues with the spec quickly
• Realtime collaboration was happening
18. Contract-first API Development
Chris Busse | @busse | #apistrat
“Now we need to document the WebSockets!”
• The overall solution architecture used WebSockets in addition to REST
• We discovered that we wanted all-encompassing developer
documentation across different types of APIs, which went beyond what
Open API Spec/Swagger supported
• Open API Spec is really about REST - How as practitioners do we
handle a mix of WebSockets, GraphQL, etc in the Developer
Documentation Experience?
19. Contract-first API Development
Chris Busse | @busse | #apistrat
“Now we want to publish as ASCIIDOC…”
• “The industry” generally accepts that “online interactive”
documentation is “what developers want”
• Client & business needs may dictate other channels
• OAS’s ecosystem was very helpful here – someone had already
built a tool that simplified ASCIIDOC conversion
21. Contract-first API Development
Chris Busse | @busse | #apistrat
General Takeaways
1. Good communication is often the best tool to solve a
problem
2. Governance to align stakeholders pays dividends (and
helps create a positive SNR for Devs)
3. There’s more than one way to version – do what’s best
for you – it’s about effectively communicating change
4. Not every API is REST - understand the limitations of
any tooling you bring in to your solution
22. Contract-first API Development
Chris Busse | @busse | #apistrat
Contract-first Parallel Development
• Can enable rapid innovation and change
• Create a page to be the “same page” – Open API Spec
was that for us – align everyone on the “contract’
• There must be a give & get from both sides
– Back End: Willing to spend time building Mocks
– Front End: Willingness to change when data
structures change
24. Contract-first API Development
Chris Busse | @busse | #apistrat
Thank you!
Chris Busse
chris.busse@apivista.com
http://apivista.com
@busse
http://busse.io