I've seen projects with shiny, new code render into unmaintainable big balls of mud within 2-3 years. Multiple times. But regardless of whether it's the code base as a whole that's rotten, or whether it's just the UI and User Experience that needs a major overhaul: the question on rewrite vs refactoring will come up sooner or later. Based on years of experience, and a plethora of bad decisions cumulating into epic failures, I'll share my experience on how to have a code base that stays maintainable - even after years. After this talk, you'll have more insight into whether you should refactor or rewrite, and how to do it right from now on.
Dan Persa, Maximilian Fellner - The recipe for scalable frontends - Codemotio...Codemotion
The future of e-commerce requires personalized content for each individual customer. With over 20 million active users, Zalando is facing the challenge of making its frontends more scalable in order to achieve this goal. We brought a solution from the backend to the frontend: microservices. In addition to creating Project Mosaic (https://www.mosaic9.org)—our solution for modular frontends—and using a toolbox of modern web technologies like React and Webpack, we built an architecture that can scale to virtually any size and even support targets other than the browser.
Francesco Strazzullo - Frameworkless Frontend Development - Codemotion Milan ...Codemotion
Do you feel the JavaScript fatigue? Are you still trying to learn ‘the next big thing’? Does your code seem legacy just after six months because of that ‘next big thing’? Have you ever thought of building a software, even a complex one, without any kind of dependency on your package.json? During the talk we are going to see how to create your own framework and libraries with just standard ECMAScript features and W3C standard APIs.
The following slides summarize and curate most of the knowledge and patterns gathered to date on Node error handling.
Without clear understanding and strategy, Node error handling might be the Achilles heel of your app – its unique single-threaded execution model and loose types raise challenges that don’t exist in any other frameworks. Node by itself doesn’t provide patterns for critical paths like where to put error handling code, even worst it suggest patterns that were rejected by the community like passing errors in callbacks.
It covers topics like promises, generators, callbacks, unhandled exceptions, APM products, testing errors, operational errors vs development errors and much more
Getting started with JavaScript can be somewhat challenging. Especially given how fast the scenery changes. In this presentation I provide a general view of the state of the art. Besides this I go through various JavaScript related tricks that I've found useful in practice.
survivejs.com is a companion site of the presentation and goes on further detail in various topics.
The original presentation was given at AgileJkl, a local agile conference held in Central Finland.
Alberto Maria Angelo Paro - Isomorphic programming in Scala and WebDevelopmen...Codemotion
Scala is the only language that can be used to produce code that can be "trans/compiled" for the JVM, in Javascript and in native binary. This allows to write libraries that are usable in JVM and JS using the power of functional programming (i.e. cats, scalaz), generic programming (i.e. shapeless) and macro/scalameta available in Scala. In this talk, we will see how to write a Scala application backend and a SPA (scala.js/scala-js-react) that share the same code as a business logic, datamodels and transparent API call (JVM/JS) in Scala (via autowire/akka-http/circe).
Carlo Sciolla - Above and beyond type systems with clojure.spec - Codemotion ...Codemotion
The most exciting feature of the upcoming Clojure 1.9 is clojure.spec, which delivers a game changer experience in a dynamically typed language such as clojure. With this new tool your code will be able to express constraints that are traditionally very hard to encode in traditional type systems, like describing a function that only accepts a sequence of strings of increasing length of which the third element starts with a capital letter. In this talk I'll start with the spec basics up to some of its advanced usages, from data validation to generative testing.
Dan Persa, Maximilian Fellner - The recipe for scalable frontends - Codemotio...Codemotion
The future of e-commerce requires personalized content for each individual customer. With over 20 million active users, Zalando is facing the challenge of making its frontends more scalable in order to achieve this goal. We brought a solution from the backend to the frontend: microservices. In addition to creating Project Mosaic (https://www.mosaic9.org)—our solution for modular frontends—and using a toolbox of modern web technologies like React and Webpack, we built an architecture that can scale to virtually any size and even support targets other than the browser.
Francesco Strazzullo - Frameworkless Frontend Development - Codemotion Milan ...Codemotion
Do you feel the JavaScript fatigue? Are you still trying to learn ‘the next big thing’? Does your code seem legacy just after six months because of that ‘next big thing’? Have you ever thought of building a software, even a complex one, without any kind of dependency on your package.json? During the talk we are going to see how to create your own framework and libraries with just standard ECMAScript features and W3C standard APIs.
The following slides summarize and curate most of the knowledge and patterns gathered to date on Node error handling.
Without clear understanding and strategy, Node error handling might be the Achilles heel of your app – its unique single-threaded execution model and loose types raise challenges that don’t exist in any other frameworks. Node by itself doesn’t provide patterns for critical paths like where to put error handling code, even worst it suggest patterns that were rejected by the community like passing errors in callbacks.
It covers topics like promises, generators, callbacks, unhandled exceptions, APM products, testing errors, operational errors vs development errors and much more
Getting started with JavaScript can be somewhat challenging. Especially given how fast the scenery changes. In this presentation I provide a general view of the state of the art. Besides this I go through various JavaScript related tricks that I've found useful in practice.
survivejs.com is a companion site of the presentation and goes on further detail in various topics.
The original presentation was given at AgileJkl, a local agile conference held in Central Finland.
Alberto Maria Angelo Paro - Isomorphic programming in Scala and WebDevelopmen...Codemotion
Scala is the only language that can be used to produce code that can be "trans/compiled" for the JVM, in Javascript and in native binary. This allows to write libraries that are usable in JVM and JS using the power of functional programming (i.e. cats, scalaz), generic programming (i.e. shapeless) and macro/scalameta available in Scala. In this talk, we will see how to write a Scala application backend and a SPA (scala.js/scala-js-react) that share the same code as a business logic, datamodels and transparent API call (JVM/JS) in Scala (via autowire/akka-http/circe).
Carlo Sciolla - Above and beyond type systems with clojure.spec - Codemotion ...Codemotion
The most exciting feature of the upcoming Clojure 1.9 is clojure.spec, which delivers a game changer experience in a dynamically typed language such as clojure. With this new tool your code will be able to express constraints that are traditionally very hard to encode in traditional type systems, like describing a function that only accepts a sequence of strings of increasing length of which the third element starts with a capital letter. In this talk I'll start with the spec basics up to some of its advanced usages, from data validation to generative testing.
ESUG 2017
Video: https://youtu.be/yDKaHphbFow
At ESUG in Cambridge I introduced Sista, an optimizing JIT design for the Pharo VM. The current implementation is now running 1.5x times faster on production applications and up to 5x faster on specific benchmarks that the production Pharo VM. In this talk, I will present the overall optimization pipeline and I will try to show the myriad of implementation details, including the interaction between Sista and other optimizations (Context-to-Stack mapping, closure optimizations, ...), pathological code patterns or the problems related to stack deoptimization and closures.
Bio: Clement Bera implemented the Sista optimizing JIT in the Cog VM for Pharo. He worked 5 years with Eliot Miranda on improving the Cog VM.
The way JavaScript is standardized and improved is changing this year. Learning how will help you understand why transpilers have become so popular, and why we will likely be using them for a long time.
Ember itself will need to adapt to changes in JavaScript, and we will take a look at how the existing object model might be migrated to a pure EcmaScript solution.
Those days, when it seemed, that web applications have overthrown standard “cumbersome” client apps, we’ll speak about present and future of consumer oriented desktop applications. This includes, but not restricted to patterns of LOB applications development with WPF, right multimedia support of DirectX bridge and new features, waiting for you in Windows 7. Also we’ll speak about subject oriented programming, will be introduced in NET. 4.0 and how to leverage it even today with the current version of Microsoft framework. tits will be shown during the session, thus restricted to mature audiences
Cracking JWT tokens: a tale of magic, Node.JS and parallel computingLuciano Mammino
Learn how you can use some JavaScript/Node.js black magic to crack JWT tokens and impersonate other users or escalate privileges. Just add a pinch of ZeroMQ, a dose of parallel computing, a 4 leaf clover, mix everything applying some brute force and you'll get a powerful JWT cracking potion!
libinjection and sqli obfuscation, presented at OWASP NYCNick Galbreath
SQL that isn't caught by WAFs but also isn't used (yet) by attackers! Why detecting SQLi is good, and why doing it with regular expressions is hard. And re-introducing libinjections which is a new way of detecting SQLi attacks.
This is a mashup of my Black Hat USA 2012 and DEFCON 20 talks, refreshed and updated.
Have you ever cried yourself to sleep unable to find the cause of a horrendous bug in your node app? Cry no more, your tears will be reshaped into blinding swords as we explore uncharted territories laced with mystical creatures.
JavaScript debugging is an often avoided topic due to the uncertainty of how best to accomplish it and the lack of powerful introspective tools. This talk will explore new territory and showcase tools that help you debug complex and difficult issues in your node or frontend app. Libraries and tools such as node-inspector, Time-Travel Debugging, Visual Studio Code, vorlon.js, Vantage and memory leak catchers will be used to slay dragons.
No more shall you fear building complex apps with JavaScript!
SQL-RISC: New Directions in SQLi Prevention - RSA USA 2013Nick Galbreath
What if we could reduce SQLi attacks in your application by 90%? WIth little to no changes in your application, with no new hardware or firewalls?
First presentated at RSA Conference USA, 2013-02-27
Hacking Java - Enhancing Java Code at Build or RuntimeSean P. Floyd
In this talk I'll explore different techniques in and around Java that extend or complement the existing language features at compile or runtime.
Examples are Source and Byte Code generation, Annotation Processing and compile-time defect analysis. The talk is not specific to any Java version. Code sample will use Java 8, but could be easily adapted to previous versions (1.6+).
As the talk is called "Hacking Java", the focus will not only be on established best practices, but also on techniques of a more experimental nature. The talk is accompanied by a GitHub project with code samples and unit tests for every single technique.
Григорий Шехет "Treasure hunt in the land of Reactive frameworks"Fwdays
Мне нравится использовать React. Данная библиотека – отличное решение для многих задач, так как она не навязывает конкретный паттерн или архитектуру. Разработчик сам решает что лучше для той или иной ситуации.
Существует множество уже готовых архитектурных решений. Большинство выбирает Redux. Существует множество библиотек использующее идеи FRP, например Calmm или MobX. Как результат, получаем много подходов, решающие одну и туже задачу.
В своем докладе хочу поговорить о различных архитектурных решениях, посмотреть на плюсы и минусы той или иной библиотеки, и прийти к консенсусу.
I've seen projects with shiny, new code render into unmaintainable big balls of mud within 2-3 years. Multiple times. But regardless of whether it's the code base as a whole that's rotten, or whether it's just the UI and User Experience that needs a major overhaul: the question on rewrite vs refactoring will come up sooner or later. Based on years of experience, and a plethora of bad decisions cumulating into epic failures, I'll share my experience on how to have a code base that stays maintainable - even after years. After this talk, you'll have more insight into whether you should refactor or rewrite, and how to do it right from now on.
Basic performance application optimization techniques that can be applied to any application, from web to desktop or mobile, but with focus on php/mysql stack. How to identify bottlenecks and resolve them and what strategies to choose to avoid them upfront.
Live presentation:
https://www.youtube.com/watch?v=aas8oM7CLjk
ESUG 2017
Video: https://youtu.be/yDKaHphbFow
At ESUG in Cambridge I introduced Sista, an optimizing JIT design for the Pharo VM. The current implementation is now running 1.5x times faster on production applications and up to 5x faster on specific benchmarks that the production Pharo VM. In this talk, I will present the overall optimization pipeline and I will try to show the myriad of implementation details, including the interaction between Sista and other optimizations (Context-to-Stack mapping, closure optimizations, ...), pathological code patterns or the problems related to stack deoptimization and closures.
Bio: Clement Bera implemented the Sista optimizing JIT in the Cog VM for Pharo. He worked 5 years with Eliot Miranda on improving the Cog VM.
The way JavaScript is standardized and improved is changing this year. Learning how will help you understand why transpilers have become so popular, and why we will likely be using them for a long time.
Ember itself will need to adapt to changes in JavaScript, and we will take a look at how the existing object model might be migrated to a pure EcmaScript solution.
Those days, when it seemed, that web applications have overthrown standard “cumbersome” client apps, we’ll speak about present and future of consumer oriented desktop applications. This includes, but not restricted to patterns of LOB applications development with WPF, right multimedia support of DirectX bridge and new features, waiting for you in Windows 7. Also we’ll speak about subject oriented programming, will be introduced in NET. 4.0 and how to leverage it even today with the current version of Microsoft framework. tits will be shown during the session, thus restricted to mature audiences
Cracking JWT tokens: a tale of magic, Node.JS and parallel computingLuciano Mammino
Learn how you can use some JavaScript/Node.js black magic to crack JWT tokens and impersonate other users or escalate privileges. Just add a pinch of ZeroMQ, a dose of parallel computing, a 4 leaf clover, mix everything applying some brute force and you'll get a powerful JWT cracking potion!
libinjection and sqli obfuscation, presented at OWASP NYCNick Galbreath
SQL that isn't caught by WAFs but also isn't used (yet) by attackers! Why detecting SQLi is good, and why doing it with regular expressions is hard. And re-introducing libinjections which is a new way of detecting SQLi attacks.
This is a mashup of my Black Hat USA 2012 and DEFCON 20 talks, refreshed and updated.
Have you ever cried yourself to sleep unable to find the cause of a horrendous bug in your node app? Cry no more, your tears will be reshaped into blinding swords as we explore uncharted territories laced with mystical creatures.
JavaScript debugging is an often avoided topic due to the uncertainty of how best to accomplish it and the lack of powerful introspective tools. This talk will explore new territory and showcase tools that help you debug complex and difficult issues in your node or frontend app. Libraries and tools such as node-inspector, Time-Travel Debugging, Visual Studio Code, vorlon.js, Vantage and memory leak catchers will be used to slay dragons.
No more shall you fear building complex apps with JavaScript!
SQL-RISC: New Directions in SQLi Prevention - RSA USA 2013Nick Galbreath
What if we could reduce SQLi attacks in your application by 90%? WIth little to no changes in your application, with no new hardware or firewalls?
First presentated at RSA Conference USA, 2013-02-27
Hacking Java - Enhancing Java Code at Build or RuntimeSean P. Floyd
In this talk I'll explore different techniques in and around Java that extend or complement the existing language features at compile or runtime.
Examples are Source and Byte Code generation, Annotation Processing and compile-time defect analysis. The talk is not specific to any Java version. Code sample will use Java 8, but could be easily adapted to previous versions (1.6+).
As the talk is called "Hacking Java", the focus will not only be on established best practices, but also on techniques of a more experimental nature. The talk is accompanied by a GitHub project with code samples and unit tests for every single technique.
Григорий Шехет "Treasure hunt in the land of Reactive frameworks"Fwdays
Мне нравится использовать React. Данная библиотека – отличное решение для многих задач, так как она не навязывает конкретный паттерн или архитектуру. Разработчик сам решает что лучше для той или иной ситуации.
Существует множество уже готовых архитектурных решений. Большинство выбирает Redux. Существует множество библиотек использующее идеи FRP, например Calmm или MobX. Как результат, получаем много подходов, решающие одну и туже задачу.
В своем докладе хочу поговорить о различных архитектурных решениях, посмотреть на плюсы и минусы той или иной библиотеки, и прийти к консенсусу.
I've seen projects with shiny, new code render into unmaintainable big balls of mud within 2-3 years. Multiple times. But regardless of whether it's the code base as a whole that's rotten, or whether it's just the UI and User Experience that needs a major overhaul: the question on rewrite vs refactoring will come up sooner or later. Based on years of experience, and a plethora of bad decisions cumulating into epic failures, I'll share my experience on how to have a code base that stays maintainable - even after years. After this talk, you'll have more insight into whether you should refactor or rewrite, and how to do it right from now on.
Basic performance application optimization techniques that can be applied to any application, from web to desktop or mobile, but with focus on php/mysql stack. How to identify bottlenecks and resolve them and what strategies to choose to avoid them upfront.
Live presentation:
https://www.youtube.com/watch?v=aas8oM7CLjk
JavaOne2016 - How to Generate Customized Java 8 Code from Your Database [TUT4...Speedment, Inc.
The best code is the one you never need to write. Using code generation and automated builds, you can minimize the risk of human error when developing software, but how do you maintain control over code when large parts of it are handed over to a machine? In this tutorial, you will learn how to use open source software to create and control code automation. You will see how you can generate a completely object-oriented domain model by automatically analyzing your database schemas. Every aspect of the process is transparent and configurable, giving you, as a developer, 100 percent control of the generated code. This will not only increase your productivity but also help you build safer, more maintainable Java applications and is a perfect solution for Microservices.
How to JavaOne 2016 - Generate Customized Java 8 Code from Your Database [TUT...Malin Weiss
The best code is the one you never need to write. Using code generation and automated builds, you can minimize the risk of human error when developing software, but how do you maintain control over code when large parts of it are handed over to a machine? In this tutorial, you will learn how to use open source software to create and control code automation. You will see how you can generate a completely object-oriented domain model by automatically analyzing your database schemas. Every aspect of the process is transparent and configurable, giving you, as a developer, 100 percent control of the generated code. This will not only increase your productivity but also help you build safer, more maintainable Java applications and is a perfect solution for Microservices.
How to generate customized java 8 code from your databaseSpeedment, Inc.
Did you know that database classes, that require many lines of Java and SQL code, may be replaced with a single line of Java 8 code? In this tutorial session you will learn how to use standard Java 8 Streams as an alternative to traditional Object Relational Mappers (ORM). We will use the open-source tool Speedment to show how development speed can be increased and how the application code can be more concise and run faster.
Silicon Valley JUG - How to generate customized java 8 code from your databaseSpeedment, Inc.
The best code is the one you never need to write. Using code generation and automated builds you can minimize the risk of human error when developing software, but how do you maintain control over code when large parts of it is handed over to a machine? In this tutorial, you will learn how to use open-source software to create and control code automation. You will see how you can generate a completely object-oriented domain model by automatically analyzing your database schemas. Every aspect of the process is transparent and configurable, giving you as a developer 100% control of the generated code. This will not only increase your productivity, but also help you build safer and more maintainable Java applications.
Improving the Quality of Existing Software - DevIntersection April 2016Steven Smith
How do you improve the quality of your existing software, while continuing to add value for your customers? What are some heuristics and code smells you can look for, and principles and patterns you can use to guide you, as you make your software better over time instead of worse? How can we improve our skills and techniques so that writing high quality software becomes our default, fastest way of working?
Title: Sista: Improving Cog’s JIT performance
Speaker: Clément Béra
Thu, August 21, 9:45am – 10:30am
Video Part1
https://www.youtube.com/watch?v=X4E_FoLysJg
Video Part2
https://www.youtube.com/watch?v=gZOk3qojoVE
Description
Abstract: Although recent improvements of the Cog VM performance made it one of the fastest available Smalltalk virtual machine, the overhead compared to optimized C code remains important. Efficient industrial object oriented virtual machine, such as Javascript V8's engine for Google Chrome and Oracle Java Hotspot can reach on many benchs the performance of optimized C code thanks to adaptive optimizations performed their JIT compilers. The VM becomes then cleverer, and after executing numerous times the same portion of codes, it stops the code execution, looks at what it is doing and recompiles critical portion of codes in code faster to run based on the current environment and previous executions.
Bio: Clément Béra and Eliot Miranda has been working together on Cog's JIT performance for the last year. Clément Béra is a young engineer and has been working in the Pharo team for the past two years. Eliot Miranda is a Smalltalk VM expert who, among others, has implemented Cog's JIT and the Spur Memory Manager for Cog.
Con MongoDB 3.6, podrá avanzar al ritmo que marcan sus datos. Los plazos de lanzamiento de las nuevas aplicaciones se acelerarán, y estas funcionarán de forma segura y fiable en entornos de cualquier tamaño, además de aportar información útil en tiempo real. https://www.mongodb.com/mongodb-3.6
This is a summary of the sessions I attended at PASS Summit 2017. Out of the week-long conference, I put together these slides to summarize the conference and present at my company. The slides are about my favorite sessions that I found had the most value. The slides included screenshotted demos I personally developed and tested alike the speakers at the conference.
Improving the Quality of Existing SoftwareSteven Smith
How do you improve the quality of your existing software, while continuing to add value for your customers? What are some heuristics and code smells you can look for, and principles and patterns you can use to guide you, as you make your software better over time instead of worse?
Machine Learning with ML.NET and Azure - Andy CrossAndrew Flatters
ML.NET is an open source, machine learning framework built in .NET and runs on Windows, Linux and macOS. It allows developers to integrate custom machine learning into their applications without any prior expertise in developing or tuning machine learning models. Enhance your .NET apps with sentiment analysis, price prediction, fraud detection and more using custom models built with ML.NET
About Andy Cross
Andy Cross (@andyelastacloud) is a co-founder of Elastacloud, an Azure Insider, co-founder of the UK London Azure User Group, an Azure MVP and a Microsoft Regional Director. An international speaker, Andy has lead teams building the largest Hadoop and HDInsight specialist deployments on Azure.
His passion for embedded software and high performance compute clusters gives him a unique insight into a sphere of computation from the very small and resource constrained to the massively scalable, limitless potential of the cloud.
The natural way to develop software is to start with requirements - the expected behavior - of the system. We work our way through design to implementation and somewhere in there we write tests. Unit testing focuses on implementation, even if you write the tests first. Behavior-Driven Development lets you write the expected behavior in a testable format so that you can develop software outside-in, in a natural manner.
Technologieplauscherl 24. Oktober 2018 in Linz bei Dynatrace
Ich bau mir meine Haussteuerung selber! ... 10 Jahre später
Es gab noch keinen Raspberry Pi und der Strom war noch aus Holz.
Zwar gab es KNX und Andere, die waren aber aus Preisgründen und mangels Offenheit keine Option für mich.
Ich wusste ja damals schon, dass ich selber alles viel besser kann.
Der Plan war klar: Java, 1-Wire und Lötkolben
Was ich damals noch nicht wusste: Zehn Jahre später sollte davon nicht viel übrig sein...
In pre-production, there’s lots of tools that help optimizing your code: debuggers, CI/CD, load tests, etc. There’s even tools that automatically deploy them into production. Plus, engineers usually have a whole sprint as a time frame. Once you’re in production, things are a bit different and all that convenience is just not there for operators. They need to be able to pinpoint trouble spots within minutes. They have to identify the handful of bad requests out of thousands that allows for reproduction of the problem. And then, they are finally required to hand all that information over to the developers as convenient and as soon as possible. And nothing of that is automated. Performance monitoring, call-tracing and visualization are the concepts any developer should know about to be able to provide as much insight as possible into running systems. This session introduces open-source tools that allow devs and ops to work together much closer. To name just a few: * statsd / collectd * Zipkin * Spring-Cloud Sleuth * and some more For the sake of completeness and to also cover the Enterprise user-space, the main commercial vendors in that space will also be mentioned real quick. After that session, you’ll see new ideas popping up inside your head and already have all the knowledge you need to directly jump into planning and implementation.
While JMX is one of the oldest components of Java (JSR-3), few know about its actual power. This talk gives a short introduction on the basics of monitoring in general, what JMX is and how both, tech and business can benefit from a proper implementation.
After this talk, you will know, how to export JMX metrics in your own projects, which common frameworks and libraries also provide JMX metrics and which tools for JMX monitoring are available.
This talk contains content for Devs, Ops and Managers, as all of them can benefit from doing monitoring right.
Performance monitoring and call tracing in microservice environmentsMartin Gutenbrunner
Performance analysis can easily be done with on-board tools of nearly any programming language. In microservice environments, the real challenge is not in single, high-performing services, but in resiliently running a complex ecosystem of many services.This talk will introduce open-source tools for analysis and call tracing. Concluding, we will briefly get to know Dynatrace Ruxit - a commercial alternative. After this session, the audience will know about how to get started in performance analysis and call-tracing and some according tools.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Generative AI Deep Dive: Advancing from Proof of Concept to Production
Old code doesn't stink
1. OLD CODE DOESN'T STINK
Refactor or Rewrite
Martin Gutenbrunner
LINZ, AUSTRIA - APR 26, 2018
DEVELOPER AND OPS CONFERENCE
2. ABOUT ME
• Started with Commodore 8-bit (VC-20 and C-64)
• assembled an i386 from second-hand parts as a gaming rig
• Built Null-Modem connections for playing Doom and WarCraft I
• and IPX/SPX networks between MS-DOS 6.22 and WfW 3.11
• Did DevOps before it was a thing
• mainly Java and JavaScript
• saw rotten code and built code that suddely rotted
• Now at Dynatrace
• previous: Tech Lead for Microsoft Azure and Microservices
• now: Software Architect
• About 14 years of experience in the industry
• Find me on Twitter: @MartinGoodwell
Considers himself a lucky guy
3. ABOUT THE SHOW
• Driven by example
• Example #1: Legacy can mean 15 years
• Example #2: Legacy can mean 5 years
• The basics – aka "Mastering the craft"
• The Magic Sauce, finally (spoiler: there is none)
4. Online Shop, written in ASP, rendering XHTML
Back then, in development for 15 years
EXAMPLE 1: classic ASP
5. PROJECT SETUP
• Use-case: eCommerce
• integrated with business backend system
• Native Windows desktop application, connected to database
• Core: classic ASP
• Database: Pervasive SQL
• the actual database from the business backend
• Interfaces to
• MSMQ for sending orders to the business backend
• COM+ for querying prices from the business backend
7. WE WANTED TO REWRITE. WHY?
• 15 year old VB-Script codebase
• lack of structure
• not up to today's standards (eg Unit Testing)
• hard to find VB-Script talent
• Too closely bound to the business backend system
• Major updates locked the database and rendered the online shop unusable
8. CUSTOM BRANCHING
<%
if nCategoryId = 0 and (hostInfo.Path = "clayshop" or hostInfo.Path="bikershop" or hostInfo.Path="steelshop") then
out GetPageHTML(1,"de")
end if
%>
• Individual code branches for most tenants (~30 of them)
• If a tenant canceled his contract, the codebase usually was not
cleaned
9. RENDERING WHILE ITERATING RECORDSET
<%
set rsProd= oProduct.GetProduct(CLng(nProductId), CLng(nTenantId))
if not rsProd.eof then %>
<table border="0" cellpadding="0" cellspacing="0" width="100%">
<tr><td><img height="20" width="3" src="../../layout/pic/pix_tr.gif" border="0"></td></tr>
<tr><td class="productheadcolor">
<table border="0" cellpadding="0" cellspacing="0">
<tr>
<td class="productheadiconcolor"><img height="20" width="20" src="../../layout/pic/icons/icon_kl_produkttip.gif" border="0"></td>
<td><div class="productheadcolor"> <%= getText("product") %>:</div></td>
</tr>
</table>
<% if (sTenantPath <> "that_special_shop") then DrawProducts rsProd, "productreplacement" end if %>
<% end if
rsProd.close
set rsProd= nothing
%>
• No separation between data-access, business logic, and UI
• Made it hard to see what really needs refactoring
10. OUR PLAN WAS
• 100% re-write in Java
• Create a separate database for eCommerce
• Move all tenants to the new codebase within six months
12. LEARNINGS
• 100% re-write in Java not possible
• no stable Java libraries for MSMQ and COM+ at the time
• Planned timeframe (of course) didn't work
• first tenant went online after 9 months
• but it was using the new UI
• Re-doing the UI turned out to be the hard part
• we still didn't have all tenants converted after 2,5 years
14. WHAT WENT WELL?
• Introduction of dedicated DB
• Having a separate Importer component
• We built deployment automation with Jenkins
• The ASP-bridge turned out to work really well
15. WHAT WE SHOULD HAVE DONE
• Identify the UI-part as the real problem
• impossible to see due to no layered code
• Embrace the fact that we have a huge number of customers on the
"old" codebase and design the new system for multiple UI
technologies
• EOL the old codebase
• If customers want new features, migrate them over
16. INTRODUCING BFF
• BFF
• Backend-for-Frontend
• aka Edge-Service
• source: Sam Newman's Microservice book
• can be used for
• routing
• authentication
• filtering
18. BENEFITS OF DOING IT RIGHT
• Save months of efforts to port the messy UI code
• Have ASP UI benefit from separate database
• Only have a single touchpoint with the business backend system
• for any client
• XHTML rendered by ASP
• HTML5 rendered by Spring MVC
• potential mobile apps
19. BUSINESS BACKEND
FIVE YEARS IN THE MAKING
OLD CODE DOESN'T STINK? IT MIGHT SMELL A LOT, THOUGH.
EXAMPLE 2: Java GWT
20. SETTING THE STAGE
• Problems
• Increasing number of bugs (~ 300k lines of code)
• Steadily decreasing velocity of teams (due to # of bugs)
• DB started to make problems. Regular restarts required (once a quarter)
• Mistakes made
• Bad code structure
• Next to no test coverage
• Solution
• Transition to a manageable scope
• Boyscout rule: leave the campground cleaner than you found it
21. WHY NOT REWRITE?
• Existing solution in the making for 5 years
• lots of domain knowledge would have to be re-implemented
• very error-prone
• Who would rewrite it?
• Same teams: who would maintain the current version?
• New teams: they would have to learn domain knowledge from scratch
• and new teams don't appear out of nowhere
• Timeline for starting over?
• can you re-implement a five-year-old system in 6/9/12(?) months?
22. WHY NOT REWRITE?
• We would have built the same thing again
• Even though it seems that a system is broken as a whole, it probably
isn't. Lots of it usually works.
• Our approach: educate the teams
• what went wrong
• how to do better
• And apply their learnings to the existing system instead of creating a
new one
• Plus: bring in new people to the teams
23. IT MIGHT SMELL, THOUGH.
EDUCATING THE TEAMS
MASTERING THE CRAFT
OLD CODE DOESN'T STINK
24. HOW CAN THAT EVEN HAPPEN?
• Bounded contexts
• Things built in-house that would have been readily available
• Code that's not testable
• Code that's not clearly/properly structured
• Bugs due to premature optimization
25. BOUNDED CONTEXTS
Don't mix things that don't belong together
• Do you see what's wrong with the "UserAccount" table?
26. BOUNDED CONTEXTS
Wrong: sharing DTOs between different domains
Some services use same attributes, some use specific ones
CatalogService
ShoppingCart
Service
OrderService
ProductDto
* id
* name
* description
* userRatings
* imageUrls
* price
* vat
* quantity
27. BOUNDED CONTEXTS
Right: dedicated DTOs for each domain
but smells like duplication a lot, because of the names
better: each DTO only contains the attributes it needs
CatalogService
ShoppingCart
Service
OrderService
CatalogProductDto
* id
* name
* description
* userRatings
* imageUrls
* price
CartProductDto
* id
* name
* price
* quantity
OrderProductDto
* id
* name
* price
* vat
* quantity
28. BOUNDED CONTEXTS
Same DTOs, but different names. Much better fit to the domain.
CatalogService
ShoppingCart
Service
OrderService
ProductDto
* id
* name
* description
* userRatings
* imageUrls
* price
CartEntryDto
* id
* name
* price
* quantity
LineItemDto
* id
* name
* price
* vat
* quantity
29. NOT INVENTED HERE
• Focus on business logic
• Don't build what you don't need to
• Queues
• Connection Pools
• Anything you build needs to be maintained.
• The only thing you'd want to maintain is business logic.
31. CODE DUPLICATION
Wrong: use inheritance for saving number of attributes in classes
abstract class MasterDto {
protected int id;
}
public class AnyDto extends MasterDto {
...
}
public class AnyOtherDto extends MasterDto {
...
}
32. CODE DUPLICATION
Right: don't mix unrelated objects
public class AnyDto {
private int id;
}
public class AnyOtherDto {
private int id;
}
34. TESTABLE CODE
• Methods only deal with atomic operations
• every IF in a method requires a test for every branch
• that's why code inside blocks should go into a separate method
• allows to test that method independently
• any possible input parameters require a test
• any possible return values require a test
• the smaller your classes, the smaller your methods, the easier it is to
maintain test code
• the amount of test code can easily be equal to your "real" code
35. TESTABLE CODE
• Don't use static classes directly in the code
public class Lala {
public int calcIt(int a, int b) {
return CalculatorUtil.calcIt(a,b);
}
}
36. TESTABLE CODE
• Instead, make them a Singleton and a member variable
public class Lala {
private CalcUtil calcUtil=CalcUtil.getInstance();
public int calcIt(int a, int b) {
return calcUtil.calcIt(a,b);
}
public void setCalcUtil(CalcUtil calcUtil) {
this.calcUtil = calcUtil;
}
}
38. PREMATURE OPTIMIZATION
• "Because we need the performance"
• Can you monitor the language "D"?
• Do everything in Stored Procedures (even simple CRUDs)
• You need to declare that variable outside of the loop to safe the GC from the
load
• Specialize first, generalize later
39. READ
• Find all this and lots more here:
• Clean Code, by
• Robert C. Martin
40. READ
• Find all this and lots more here:
• Growing Object-Oriented Software,
guided by Tests, by
• Steve Freeman, Nat Pryce
42. EXISTING ARCHITECTURE
• Java
• GWT
• SQL-Server
• Interfaces to 3rd parties, like
• Billing systems (SAP, AWS, Monexa, ...)
• Salesforce
• Single-Sign-On
• Deployed on AWS EC2
43. EXISTING ARCHITECTURE
• 300k lines of code
• 47 projects in Eclipse IDE
• 155 tables in SQL-Server
AWS
Billing
Java
Backend
MSSQLD
B
Customer
facing
GWT UI
GWT-RPC
SAP
Billing
SFDC
Internal
GWT UI
JSON
44. THE SOLUTION: MICROSERVICES
• Smaller contexts
• easier to grasp
• easier to test
• no dependency hell
• faster to deploy
• less to test
• Smaller databases
• faster queries
• easier for blue/green deployment
• Easier scaling
• just deploy more instances instead of built-in parallelization
47. MICROSERVICES SPECIFICS
• Designed to work that way from ground up
• ie UI can handle single failing micro services
• Think of a platform for deployment
• Automation is key. It always is. But here even more.
48. SOMETIMES IT JUST CAN'T BE MICROSERVICES
CAN WE USE SOME OF THAT FOR MOBILE OR DESKTOP?
THE PROPER MONOLITH
49. LAYERS
• One artifact per business domain
• 3-tiered architecture inside of each artifact
• Sharing of interfaces by means of –api artifacts
• No shared database between domains
53. WHAT A REAL REWRITE REALLY MEANS
• June 2006
• Netscape Navigator 6 goes public beta
• last 4.x release released almost 4 years ago (there was no v5)
• https://www.joelonsoftware.com/2000/04/06/things-you-should-
never-do-part-i/
54. IN A NUTSHELL
• Master the craft of programming
• Avoid the mess
• Bounded Contexts
• Microservices-driven thinking and architecture