A talk presenting an opinionated introduction to Node.js, proving a simple introduction to the async model, some common async patterns and some other interesting Node.js tricks.
The Sad Story of the Server that Tries to Please EveryoneIulian Dogariu
Presentation for http://iasi.codecamp.ro
You're a VIP. Everyone wants a bit of your time, to help with this and that. Let's say you try to promptly serve everyone that asks for your help. What would happen to your life? We will see how to apply these learnings to build services that behave gracefully under heavy load.
A talk presenting an opinionated introduction to Node.js, proving a simple introduction to the async model, some common async patterns and some other interesting Node.js tricks.
The Sad Story of the Server that Tries to Please EveryoneIulian Dogariu
Presentation for http://iasi.codecamp.ro
You're a VIP. Everyone wants a bit of your time, to help with this and that. Let's say you try to promptly serve everyone that asks for your help. What would happen to your life? We will see how to apply these learnings to build services that behave gracefully under heavy load.
Machine Learning Experimentation at Sift ScienceSift Science
Alex Paino, a Software Engineer at Sift Science, discusses how we use machine learning to prevent several types of abusive user behavior for thousands of customers. Measuring the accuracy of the thousands of classifiers used in a manner that correctly represents the value provided to customers is a huge challenge for us. Alex describes how we think about this problem and what we have done to address it. This includes an overview of the various tools and methodologies we employ that allow us to quickly summarize the results of an experiment, break ties in mixed result experiments, and drill into specific models and samples.
Hiring Hacks: How Stripe Creatively Finds Candidates and Builds a Recruiting ...GreenhouseSoftware
One of the biggest challenges all recruiters face is where to find the best candidates. And even if you’ve found a great source of top talent, how do you keep them interested and moving through your pipeline?
The Recruiting team at Stripe has faced these challenges head on and is excited to share their tips and tricks with you. They’ve built such a strong recruiting culture that around 40% of their hires were introduced through employee referrals! Join Katie Bishop, Recruiter, and Lizz Hounshell, Recruiting Operations Manager, to discuss creative methods for sourcing candidates and how to build a company-wide recruiting culture.
You'll learn:
- Stripe’s unique approach to prospecting and building a talent pipeline in Greenhouse
- Why Stripe has embraced referrals without bonuses—and why that tactic was so successful
- How Stripe uses Teamable to scale their referral program
Ways to prioritize both diversity and referrals to build an inclusive organization
- Tips for including recruiting and referral education in your onboarding program
Braintree SDK v.zero or "A payment gateway walks into a bar..." - Devfest Nan...Alberto López Martín
Presentation of the talk given at DevFest Nantes 2014, speaking about new SDK of Braintree (a PayPal company): vZero, but also talking about the best practices for having a great experience during the payment flow using Android devices
This presentation is devoted to Stripe payment system, which appeared on the market about 5 years ago. Here you'll find out about advantages and disadvantages of using new billing system.
Lightning Talk: Mobile Cloud Jargon: Why is my iOS simulator not charging to ...Todd Kaplinger
iOS8, Swift, Node.js, MQTT, NOSQL. This session will bring the developer on a journey that bridges the gap between the mobile device and the cloud using cutting edge technologies to build engaging applications focused on the "Lean Startup" mentality where developers can experiment with a variety of technologies and garner rapid feedback from their stakeholders. Using an open cloud environment and Apple’s introduction of the Swift Programming language, we can demonstrate how application development can be in the cloud and leverage core technologies such as NoSQL Data and Interactive Push Notifications to create compelling and engaging applications via MQTT while leveraging high scalable cloud infrastructure for hosting cloud based scripting technologies based upon Node.js.
Want to squeeze every last bit of performance out of your apps? I will show you how to let go of using Interface Builder to create better performing, more optimized, and leaner apps. I'll walk you through why it's better, how to create and move projects off of IB, building your UI in code, and how to gain a better understanding of how your code works from the ground up.
mDevCamp 2016 - Zingly, or how to design multi-banking appPetr Dvorak
What problems do you need to deal with when designing an app for multiple banks? How do you solve a security of such apps? And how about a user interface design and application structure? What technologies are under the hood? And what does Zingly bring to you?
Machine Learning Experimentation at Sift ScienceSift Science
Alex Paino, a Software Engineer at Sift Science, discusses how we use machine learning to prevent several types of abusive user behavior for thousands of customers. Measuring the accuracy of the thousands of classifiers used in a manner that correctly represents the value provided to customers is a huge challenge for us. Alex describes how we think about this problem and what we have done to address it. This includes an overview of the various tools and methodologies we employ that allow us to quickly summarize the results of an experiment, break ties in mixed result experiments, and drill into specific models and samples.
Hiring Hacks: How Stripe Creatively Finds Candidates and Builds a Recruiting ...GreenhouseSoftware
One of the biggest challenges all recruiters face is where to find the best candidates. And even if you’ve found a great source of top talent, how do you keep them interested and moving through your pipeline?
The Recruiting team at Stripe has faced these challenges head on and is excited to share their tips and tricks with you. They’ve built such a strong recruiting culture that around 40% of their hires were introduced through employee referrals! Join Katie Bishop, Recruiter, and Lizz Hounshell, Recruiting Operations Manager, to discuss creative methods for sourcing candidates and how to build a company-wide recruiting culture.
You'll learn:
- Stripe’s unique approach to prospecting and building a talent pipeline in Greenhouse
- Why Stripe has embraced referrals without bonuses—and why that tactic was so successful
- How Stripe uses Teamable to scale their referral program
Ways to prioritize both diversity and referrals to build an inclusive organization
- Tips for including recruiting and referral education in your onboarding program
Braintree SDK v.zero or "A payment gateway walks into a bar..." - Devfest Nan...Alberto López Martín
Presentation of the talk given at DevFest Nantes 2014, speaking about new SDK of Braintree (a PayPal company): vZero, but also talking about the best practices for having a great experience during the payment flow using Android devices
This presentation is devoted to Stripe payment system, which appeared on the market about 5 years ago. Here you'll find out about advantages and disadvantages of using new billing system.
Lightning Talk: Mobile Cloud Jargon: Why is my iOS simulator not charging to ...Todd Kaplinger
iOS8, Swift, Node.js, MQTT, NOSQL. This session will bring the developer on a journey that bridges the gap between the mobile device and the cloud using cutting edge technologies to build engaging applications focused on the "Lean Startup" mentality where developers can experiment with a variety of technologies and garner rapid feedback from their stakeholders. Using an open cloud environment and Apple’s introduction of the Swift Programming language, we can demonstrate how application development can be in the cloud and leverage core technologies such as NoSQL Data and Interactive Push Notifications to create compelling and engaging applications via MQTT while leveraging high scalable cloud infrastructure for hosting cloud based scripting technologies based upon Node.js.
Want to squeeze every last bit of performance out of your apps? I will show you how to let go of using Interface Builder to create better performing, more optimized, and leaner apps. I'll walk you through why it's better, how to create and move projects off of IB, building your UI in code, and how to gain a better understanding of how your code works from the ground up.
mDevCamp 2016 - Zingly, or how to design multi-banking appPetr Dvorak
What problems do you need to deal with when designing an app for multiple banks? How do you solve a security of such apps? And how about a user interface design and application structure? What technologies are under the hood? And what does Zingly bring to you?
These are the slides from our January presentation of our in-Flash payment solution.
It gives a brief overview of Social Gold as well as a technical presentation that shows how to integrate the our in-Flash solution with your Flash game.
Enjoy!
in this presentation we give a brief intro to Social Gold, an overview of the in-flash solution architecture followed by a step by step integration example.
Un-Framework - Delivering Dynamic Experiences with HTML over the WireAndreas Nedbal
In the age of modern frontend frameworks like React and Vue that often require a lot of additional backend work to deliver dynamic content, there has been a renaissance of delivering HTML again, with a twist. With some specialized requests and HTML tags, the Hotwire suite of libraries enables dynamic adjusting of page contents with no to minimal JavaScript.
.NET Fest 2017. Михаил Щербаков. Механизмы предотвращения атак в ASP.NET CoreNETFest
Посмотрим на новый веб-фреймворк Microsoft с точки зрения безопасности. ASP.NET Core является продолжением развития платформы ASP.NET и, в отличие от старшего брата, код его полностью открыт и поддерживается сообществом. Архитектура фреймворка была переосмыслена, появились новые security features, часть существующих сильно переписана.
В докладе поговорим об этих различиях и разберем как теперь работают встроенные механизмы защиты от XSS и CSRF, какие возможности криптографии доступны из коробки, как устроено управление сессиями.
Доклад будет интересен в первую очередь разработчикам, пишущим защищенные ASP.NET-приложения, специалистам, проводящим security review .NET-проектов, и всем желающим разобраться в реализации компонентов безопасности на примере этой платформы.
The base architecture of iOS is MVC (Model View Controller) which leads into known as Massive View Controller, where the View Controllers end up doing so many logic. It is easy to mix UI code and business logic together which is the wrong way to test the logic.
VIPER is one of a modern architecture made for this issue. It is based by Uncle Bob's Clean Architecture. It use the Separation of Concern principle which make the code cleaner and easy to maintenance.
[CB16] Esoteric Web Application Vulnerabilities by Andrés RianchoCODE BLUE
This talk will show esoteric web application vulnerabilities in detail, these vulnerabilities would be missed in a quick review by most security consultants, but could lead to remote code execution, authentication bypass and purchasing items in merchants using Paypal as their payment gateway without actually paying. SQL injections are dead, and I don’t care: let's explore the world of null, nil and NULL; noSQL injections; host header injections that lead to phone call audio interception; paypal’s double spent and Rails’ MessageVerifier remote code execution.
--- Andres Riancho
Andrés Riancho is an application security expert that currently leads the community driven, Open Source, w3af project and provides in-depth Web Application Penetration Testing services to companies around the world.
In the research field, he discovered critical vulnerabilities in IPS appliances from 3com and ISS, contributed with SAP research performed at one of his former employers and reported vulnerabilities in hundreds of web applications.
His main focus has always been the Web Application Security field, in which he developed w3af, a Web Application Attack and Audit Framework used extensively by penetration testers and security consultants.
Andrés has spoken and hold trainings at many security conferences around the globe, like BlackHat (USA and Europe), SEC-T (Sweden),DeepSec (Austria), PHDays (Moscow), SecTor (Toronto), OWASP (Poland),CONFidence (Poland), OWASP World C0n (USA), CanSecWest (Canada),PacSecWest (Japan), T2 (Finland) and Ekoparty (Buenos Aires).
Andrés founded Bonsai Information Security, a web security focused consultancy firm, in 2009 in order to further research into automated Web Application Vulnerability detection and exploitation.
How to build twitter bot using golang from scratchKaty Slemon
Check out how to build Twitter Bot Using Golang From Scratch without using any third-party library to develop the demo app in this step-by-step tutorial
Polymer - pleasant client-side programming with web componentspsstoev
Polymer is a new library for the web, built on top of Web Components. This new project from Google makes client-side programming with web components easy and pleasant. You can use these technologies to increase the expressiveness of HTML by creating new tags that can help you get straight to your task. Polymer also adds other instruments like two-way data-binding and a lot of shortcuts that make your code more declarative and easier to extend and maintain. Many people think that web components are the future of web programming, and Polymer allows you to harness that power right now. Already excited!?
Starting from zero: a modern way to make payments - API Athens 2015Alberto López Martín
In this talk we will see an overview of the best and worst cases and practices during checkout and how to get better on it. We will see real cases and a live-code integration of v.zero, the new Payment Gateway developed by Braintree.
An unknown Mobile “country”. A wandering developer from Web “city”. No idea about how to deal with the “droids”. The only available means of transport: the express “JavaScript” train, the most up-to-date Html Underground and the confortable and safe CSS Tram. Tension, drama, action and finally, love. This is my story getting started with Android OS.
In this talk we’ll speak about the existent cross platforms for mobile development, talking openly about weaknesses, strengths and myths present in cross platforms, from the point of view of a newbie mobile developer.
Talk given at Droidcon Torino 2015
Internet of Things, Magento and v.zero, the perfect mix for a crazy idea: a candy machine. Talk during Meet Magento Italia 2015, speaking about Battlehack Venice 2015, Braintree, v.zero, Magento, Spark Core and showing code and live demo on the stage
Innovation is driving the world but, how can we be innovators? Talk given at Sifo.org 2015 about the levers of innovation, the places where we can find inspiration to innovate and the initiatives that Braintree_Dev. Team has to help innovators to make possible their dreams.
Presentación para HTML5Spain acerca de cómo integrar una pasarela de pagos online, hablando del nuevo SDK de Braintree v.zero, hablando de tarjetas de crédito, PayPal y Venmo, además de pagos futuros.
Present and future of mCommerce in Spain, talking of mobile payments, digital mobile wallet providers, mCommerce payment methods and mPayments that are available in the Spanish market.
v.zero SDK - Cose che mi piace vedere durante il pagamento - Codemotion Milan...Alberto López Martín
Presentation used for Codemotion Milan 2014, explaining the new Braintree SDK v.zero, using examples about bad experiences during the payment and making a comparative with the new SDK.
Presentation (in Spanish), about my short experience in Hackatons, but giving opinion about the vision that my team have about how has to be a good hackaton.
Talk given at Betabeers October 2014 - Salamanca
Descubre cómo con soluciones disponibles en el presente se pueden realizar pagos en aplicaciones móviles y websites que parecen del futuro. Todo ello gracias a PayPal.
Presentation for CommerceFactory Berlin, speaking about how PayPal sees crowdfunding, how to integrate PayPal in a crowdfunding Platform and the rules which are mandatory for having PayPal a payment method in a crowdfunding platform.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
38. 1. The server inits the transaction
client_token = braintree.ClientToken.generate({ })
Unique Client Token for each transaction
generated at Server…
39. 2. The Braintree UI continues
the transaction
Braintree *braintree = [Braintree
braintreeWithClientToken:self.clientToken];
[…]
BTDropInViewController *dropInViewController = [braintree
dropInViewControllerWithDelegate:self];
With Client Token the secure UI is created
on mobile application
40. 3. The server finishes
the payment
result = braintree.Transaction.sale({
"amount": "10.00",
"payment_method_nonce": "nonce-from-the-client"
})
With a nonce, gotten from UI and
sent to server
73. Braintree:
https://www.braintreepayments.com/
Get Started with Braintree
https://developers.braintreepayments.com/ios+php/start/overview
One TouchTM overview:
https://developers.braintreepayments.com/ios+php/guides/one-touch
Braintree v.zero:
https://www.braintreepayments.com/v.zero
Sandbox environment:
https://sandbox.braintreegateway.com/login