This is a peek at PayPal’s inner workings. Take a broad look at the technologies and foundations of the PayPal system, and the history and evolution behind its design. Take a tour of PayPal’s service-oriented architecture, the techniques the engineering team uses to achieve such secure financial transaction processing, and how PayPal innovates at scale.
Building A Great API - Evan Cooke, Cloudstock, December 2010Twilio Inc
Tips and tricks on how to design, package, and build a great API. We summarize some of the lessons we've learned over the years at Twilio designing and operating Voice and SMS APIs used by more then 20,000 developers.
Idempotent REST APIs makes client to retry the API call without worrying the any side effect. As well, enable end user experience rich if the operation failed and recovered with second attempt.
Ponencia ofrecida por Jesús Arias de Pay Pal en Droidcon Spain. Sinopsis: Presente y futuro de los pagos móviles. Descripción de las APIs de PayPal y cómo interaccionan para permitir el pago por móvil, de eso versará la conferencia de PayPal.
With mobile cloud computing come efforts to simplify its development. Creating apps for the mobile cloud is significantly different than developing apps for a native smartphone platform. This session is about design and architecture considerations, the essential tools and technologies, and the pitfalls to avoid when building mobile cloud apps.
Charitable giving trends with mobile technologiesX.commerce
Savvy merchants and developers are integrating charitable causes into their mobile strategies to achieve strategic advantages, and non-profits are using mobile technology to reach new audiences and increase the funds they raise. We will address ways businesses can incorporate these causes with mobile strategies to drive both social impact and business objectives, and how non-profits themselves are innovating in the mobile space.
Building A Great API - Evan Cooke, Cloudstock, December 2010Twilio Inc
Tips and tricks on how to design, package, and build a great API. We summarize some of the lessons we've learned over the years at Twilio designing and operating Voice and SMS APIs used by more then 20,000 developers.
Idempotent REST APIs makes client to retry the API call without worrying the any side effect. As well, enable end user experience rich if the operation failed and recovered with second attempt.
Ponencia ofrecida por Jesús Arias de Pay Pal en Droidcon Spain. Sinopsis: Presente y futuro de los pagos móviles. Descripción de las APIs de PayPal y cómo interaccionan para permitir el pago por móvil, de eso versará la conferencia de PayPal.
With mobile cloud computing come efforts to simplify its development. Creating apps for the mobile cloud is significantly different than developing apps for a native smartphone platform. This session is about design and architecture considerations, the essential tools and technologies, and the pitfalls to avoid when building mobile cloud apps.
Charitable giving trends with mobile technologiesX.commerce
Savvy merchants and developers are integrating charitable causes into their mobile strategies to achieve strategic advantages, and non-profits are using mobile technology to reach new audiences and increase the funds they raise. We will address ways businesses can incorporate these causes with mobile strategies to drive both social impact and business objectives, and how non-profits themselves are innovating in the mobile space.
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB) - Friends, Enemies or ...confluent
MQ, ETL and ESB middleware are often used as integration backbone between legacy applications, modern microservices and cloud services. This introduces several challenges and complexities like point-to-point integration or non-scalable architectures. This session discusses how to build a completely event-driven streaming platform leveraging Apache Kafka’s open source messaging, integration and streaming components to leverage distributed processing, fault-tolerance, rolling upgrades and the ability to reprocess events. Learn the differences between a event-driven streaming platform leveraging Apache Kafka and middleware like MQ, ETL and ESBs – including best practices and anti-patterns, but also how these concepts and tools complement each other in an enterprise architecture.
BlackHat EU 2012 - Zhenhua Liu - Breeding Sandworms: How To Fuzz Your Way Out...MindShare_kk
Adobe's interpretation of sandboxing is called Adobe Reader X Protected Mode. Inspired by Microsoft's Practical Windows Sandboxing techniques, it was introduced in July 2010. So far, it had been doing a good job at limiting the impact of exploitable bugs in Adobe Reader X, as escaping the sandbox after successful exploitation turned to be particularly challenging, and hasn't been witnessed in the wild, yet.
This paper exposes how we did just this: By leveraging some broker APIs, a policy flaw, and a little more, we were able to break free from Adobe's sandbox.
The particular vulnerability we used was patched by Adobe in September 2011 (CVE-2011-1353), as a result of our responsible disclosure action; yet, this demonstrates that Adobe's sandbox cannot be considered a panacea against security flaws exploitation in Adobe Reader X, and paves the way toward further interesting discoveries for security researchers.
Indeed, beyond this particular vulnerability, this paper dives deep into the sandbox implementation of Adobe Reader X, and debates ways to audit its broker APIs, which, to our minds, offer a major attack surface. In particular, the paper details how we configured an open-source fuzzing tool to audit them through the IPC Framework.
Real-World WebAppSec Flaws - Examples and Countermeasuesvolvent
A presentation at the Sydney WebApp meeting for the security stream. Covers some easy to follow examples of more common things found and general recommendations for development teams.
J-Spring 2018 - A journey from Java EE to Cloud Native microservicesVincent Oostindie
About a decade ago, when the world was still all about J2EE and WebSphere application servers, Rabobank introduced a new Online platform with a custom, intentionally self-built, portal framework. Since then our world has changed in many ways. Nobody does portlets anymore; instead we build rich front-end applications backed by services spitting out JSON. Like most of the rest of the world Rabobank moved from waterfall to Agile to DevOps. Microservices came along. Java is no longer the only preferred language on the server. Today, Rabobank is migrating to a new platform based on Pivotal Cloud Foundry, that intends to cope with all these changes. In this talk Vincent Oostindië will talk you through a decade of IT at Rabobank Online, of course focusing on the new platform and the underlying technologies used there, like Spring Boot and Spring Cloud Services.
Secure Enterprise APIs for Mobile, Cloud & Open Web
APIs present enterprises with many business opportunities but they also create new attack vectors that hackers can potentially exploit. APIs share many of the same threats that plague the Web but APIs are fundamentally different from Web sites and have an entirely unique risk profile that must be addressed.
By adopting a secure API architecture from the beginning, it is possible to address both old and new threats. In this webinar, Scott Morrison – CTO at Layer 7 Technologies – will explain in detail how an enterprise can pursue its API publishing strategy without compromising the security of its on-premise systems and data.
You Will Learn
How APIs increase the attack surface
What key types of risk are introduced by APIs
How enterprises can mitigate each of these risks
Why it is crucial to separate API implementation and security into distinct tiers
Presented By
Scott Morrison, CTO, Layer 7 Technologies
How to Build a Successful API Program: Best Practices For the CarrierCA API Management
More and more carriers are looking to API publishing as a way of offering new services to developers building mobile apps and cloud services. But launching an API publishing program inevitably raises questions about:
• How to maintain security when exposing internal systems and processes to external developers
• How to manage developers, weeding out the bad and rewarding the good
• How carriers can monetize their APIs
• How existing IT investments can be leveraged to maximize performance and ROI
• How building community among developers can drive revenue and minimize operating costs
This talk will give carriers the critical guidance they need to build a successful API strategy.
Seaside is a web application framework that is written in Smalltalk. Smalltalk has been hugely influential on the development of computer languages but realistically how many people have ever used it? Seaside is a practical application of Smalltalk to the web sphere.
This is a presentation I gave in Helsinki Node.js meetup (check http://helnode.io).
I have been implementing a realtime communication service with Ruby during my previous assignment. I've used Rails and lower level Ruby frameworks such as Sinatra and Resque workers.
I do like especially the Rack, since it enables building an efficient server stack. You can throw in middleware for throttling, authentication and for other tasks quite easily.
Ruby was a strong candidate also for my current project. I consider the Ruby code is more readable than JavaScript. However, once I understood what ECMAScript 6 brings in, I was sold to Node.js. Generators will enable actually very similar implementations than the Ruby's Rack stack. In my opinion, JavaScript will finally become mature with JS1.7 as the "callback spaghetti" will be soon history."
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB)Kai Wähner
Learn the differences between an event-driven streaming platform and middleware like MQ, ETL and ESBs – including best practices and anti-patterns, but also how these concepts and tools complement each other in an enterprise architecture.
Extract-Transform-Load (ETL) is still a widely-used pattern to move data between different systems via batch processing. Due to its challenges in today’s world where real time is the new standard, an Enterprise Service Bus (ESB) is used in many enterprises as integration backbone between any kind of microservice, legacy application or cloud service to move data via SOAP / REST Web Services or other technologies. Stream Processing is often added as its own component in the enterprise architecture for correlation of different events to implement contextual rules and stateful analytics. Using all these components introduces challenges and complexities in development and operations.
This session discusses how teams in different industries solve these challenges by building a native streaming platform from the ground up instead of using ETL and ESB tools in their architecture. This allows to build and deploy independent, mission-critical streaming real time application and microservices. The architecture leverages distributed processing and fault-tolerance with fast failover, no-downtime rolling deployments and the ability to reprocess events, so you can recalculate output when your code changes. Integration and Stream Processing are still key functionality but can be realized in real time natively instead of using additional ETL, ESB or Stream Processing tools.
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB) - Friends, Enemies or ...confluent
MQ, ETL and ESB middleware are often used as integration backbone between legacy applications, modern microservices and cloud services. This introduces several challenges and complexities like point-to-point integration or non-scalable architectures. This session discusses how to build a completely event-driven streaming platform leveraging Apache Kafka’s open source messaging, integration and streaming components to leverage distributed processing, fault-tolerance, rolling upgrades and the ability to reprocess events. Learn the differences between a event-driven streaming platform leveraging Apache Kafka and middleware like MQ, ETL and ESBs – including best practices and anti-patterns, but also how these concepts and tools complement each other in an enterprise architecture.
BlackHat EU 2012 - Zhenhua Liu - Breeding Sandworms: How To Fuzz Your Way Out...MindShare_kk
Adobe's interpretation of sandboxing is called Adobe Reader X Protected Mode. Inspired by Microsoft's Practical Windows Sandboxing techniques, it was introduced in July 2010. So far, it had been doing a good job at limiting the impact of exploitable bugs in Adobe Reader X, as escaping the sandbox after successful exploitation turned to be particularly challenging, and hasn't been witnessed in the wild, yet.
This paper exposes how we did just this: By leveraging some broker APIs, a policy flaw, and a little more, we were able to break free from Adobe's sandbox.
The particular vulnerability we used was patched by Adobe in September 2011 (CVE-2011-1353), as a result of our responsible disclosure action; yet, this demonstrates that Adobe's sandbox cannot be considered a panacea against security flaws exploitation in Adobe Reader X, and paves the way toward further interesting discoveries for security researchers.
Indeed, beyond this particular vulnerability, this paper dives deep into the sandbox implementation of Adobe Reader X, and debates ways to audit its broker APIs, which, to our minds, offer a major attack surface. In particular, the paper details how we configured an open-source fuzzing tool to audit them through the IPC Framework.
Real-World WebAppSec Flaws - Examples and Countermeasuesvolvent
A presentation at the Sydney WebApp meeting for the security stream. Covers some easy to follow examples of more common things found and general recommendations for development teams.
J-Spring 2018 - A journey from Java EE to Cloud Native microservicesVincent Oostindie
About a decade ago, when the world was still all about J2EE and WebSphere application servers, Rabobank introduced a new Online platform with a custom, intentionally self-built, portal framework. Since then our world has changed in many ways. Nobody does portlets anymore; instead we build rich front-end applications backed by services spitting out JSON. Like most of the rest of the world Rabobank moved from waterfall to Agile to DevOps. Microservices came along. Java is no longer the only preferred language on the server. Today, Rabobank is migrating to a new platform based on Pivotal Cloud Foundry, that intends to cope with all these changes. In this talk Vincent Oostindië will talk you through a decade of IT at Rabobank Online, of course focusing on the new platform and the underlying technologies used there, like Spring Boot and Spring Cloud Services.
Secure Enterprise APIs for Mobile, Cloud & Open Web
APIs present enterprises with many business opportunities but they also create new attack vectors that hackers can potentially exploit. APIs share many of the same threats that plague the Web but APIs are fundamentally different from Web sites and have an entirely unique risk profile that must be addressed.
By adopting a secure API architecture from the beginning, it is possible to address both old and new threats. In this webinar, Scott Morrison – CTO at Layer 7 Technologies – will explain in detail how an enterprise can pursue its API publishing strategy without compromising the security of its on-premise systems and data.
You Will Learn
How APIs increase the attack surface
What key types of risk are introduced by APIs
How enterprises can mitigate each of these risks
Why it is crucial to separate API implementation and security into distinct tiers
Presented By
Scott Morrison, CTO, Layer 7 Technologies
How to Build a Successful API Program: Best Practices For the CarrierCA API Management
More and more carriers are looking to API publishing as a way of offering new services to developers building mobile apps and cloud services. But launching an API publishing program inevitably raises questions about:
• How to maintain security when exposing internal systems and processes to external developers
• How to manage developers, weeding out the bad and rewarding the good
• How carriers can monetize their APIs
• How existing IT investments can be leveraged to maximize performance and ROI
• How building community among developers can drive revenue and minimize operating costs
This talk will give carriers the critical guidance they need to build a successful API strategy.
Seaside is a web application framework that is written in Smalltalk. Smalltalk has been hugely influential on the development of computer languages but realistically how many people have ever used it? Seaside is a practical application of Smalltalk to the web sphere.
This is a presentation I gave in Helsinki Node.js meetup (check http://helnode.io).
I have been implementing a realtime communication service with Ruby during my previous assignment. I've used Rails and lower level Ruby frameworks such as Sinatra and Resque workers.
I do like especially the Rack, since it enables building an efficient server stack. You can throw in middleware for throttling, authentication and for other tasks quite easily.
Ruby was a strong candidate also for my current project. I consider the Ruby code is more readable than JavaScript. However, once I understood what ECMAScript 6 brings in, I was sold to Node.js. Generators will enable actually very similar implementations than the Ruby's Rack stack. In my opinion, JavaScript will finally become mature with JS1.7 as the "callback spaghetti" will be soon history."
Apache Kafka vs. Integration Middleware (MQ, ETL, ESB)Kai Wähner
Learn the differences between an event-driven streaming platform and middleware like MQ, ETL and ESBs – including best practices and anti-patterns, but also how these concepts and tools complement each other in an enterprise architecture.
Extract-Transform-Load (ETL) is still a widely-used pattern to move data between different systems via batch processing. Due to its challenges in today’s world where real time is the new standard, an Enterprise Service Bus (ESB) is used in many enterprises as integration backbone between any kind of microservice, legacy application or cloud service to move data via SOAP / REST Web Services or other technologies. Stream Processing is often added as its own component in the enterprise architecture for correlation of different events to implement contextual rules and stateful analytics. Using all these components introduces challenges and complexities in development and operations.
This session discusses how teams in different industries solve these challenges by building a native streaming platform from the ground up instead of using ETL and ESB tools in their architecture. This allows to build and deploy independent, mission-critical streaming real time application and microservices. The architecture leverages distributed processing and fault-tolerance with fast failover, no-downtime rolling deployments and the ability to reprocess events, so you can recalculate output when your code changes. Integration and Stream Processing are still key functionality but can be realized in real time natively instead of using additional ETL, ESB or Stream Processing tools.
Scanning barcodes and QR codes with mobile devices is booming. It’s a frictionless way to connect the online and offline worlds, and this discussion will cover the technology and best practices for leveraging code scanning in your mobile apps. We will introduce the RedLaser SDK as well.
Having a mobile presence is easy. What’s hard is deciding what to include, what it should look like, and how to build it in the first place. These are best practices, design tips, and resources for mobile sites and apps.
Creative complex commerce: Respecting the Customers’ brand while integrating ...X.commerce
New technology drives the need for new experiences. In this session, we’ll look at what the rise of open source means for retailers, and how retailers can take advantage of new technology such as Magento to deliver innovation. We’ll also discuss ways to enhance the user journey—from social to local and mobile commerce— while respecting the brand and avoiding lookalike sites. We’ll bring it all together through a case study from the B2B world that pushes the boundaries of traditional commerce.
Trending now and in the future: Social commerceX.commerce
Many companies are trying to tap into the 750 million potential shoppers on Facebook—and missing. That’s because social commerce is about more than just putting up a Facebook storefront and adding a Like button to your products. Social commerce vendors, brands, sellers, suppliers and developers need to know about the following: social shopping trends; social data integration with traditional ecommerce analytics; why Taste Graphs will overtake Social Graphs in influencing purchasing decisions, and how Facebook may emerge as a dominant micropayments platform.
Handling the boom in international commerceX.commerce
The world’s two billion Internet consumers are accessing U.S. markets through the web more than ever. In fact, one in ten U.S. ecommerce transactions already comes from international consumers. How have retailers been responding to this lucrative change in the landscape? What APIs, development languages, and payment technologies work best when dealing with foreign terms, currencies, and shipping implications?
The near future of real web applicationsX.commerce
There is a lot of noise being made about HTML5 as the new web technology to use and markets for apps as the best way to sell products and distribute applications to our end users. In reality there is not much new about it - all we are doing is treating the web as a distribution and sharing platform and browsers as the software to run our applications on. In this talk Christian Heilmann of Mozilla shows how in the near future application installation and in-app payments can happen on the most distributed market there is - the internet and through your browser. You will see how the technologies we build web sites in got an upgrade to allow us to build light-weight and focused applications that allow our end users to reach their goals faster and in a more re-usable fashion than with traditional ecommerce. Browsers and hardware are becoming more powerful each day, it is time to use that power in a sensible manner.
Proudly Found Elsewhere: The Open Source BonanzaX.commerce
This is the Open Source Era! Over the past decade, software isn’t just something to make money from, but something to make money with. How are some of the highest growth businesses in the world using open source software and network services to fuel their grand ambitions?
Building immersive experiences: Usability you can really useX.commerce
Combine the finer points of design with existing development know-how to craft user experiences for multiple platforms. Work through a real-life design challenge and apply design principles, patterns, and a proven process to create an immersive experience. This is an interactive workshop to jump start your next project.
The mighty cloud draws businesses and developers who seek its agility and productivity. But which type of cloud is best? We moved eBay Marketplace, a major eCommerce site, from a traditional infrastructure to a cloud model. We will present the strategic, technical and cost factors we weighed when deciding between cloud versus automation, and porting applications versus rewriting them. We will explain why we ended up with a hybrid: developing our own internal cloud while leveraging the massive infrastructure of public cloud providers.
If the web has taught us anything, it is that open systems, portability, and choice drive innovation. Similarly, the cloud era will be fueled by open technologies and a broad ecosystem. The OpenStack community was founded last year and has since become the fastest-growing open source cloud project, attracting hundreds of contributing developers and more than 100 participating companies. We will discuss how OpenStack is ending cloud lock-in by allowing enterprises and other service providers to run the same code that powers the Rackspace cloud. With a common platform, developers and businesses will be able to move applications among different clouds or their internal infrastructure. We will also go over use cases and options to consume OpenStack.
In 2011, we’re going “frictionless.” We will demo eBay’s latest seller innovations for seamless shipping. Our favorite new APIs enable you to scan any item with a mobile device and the recommended match for weight, dimension and service requirements populates the interface and even provides labels and tracking numbers.
Buyers appreciate the catalog experience; they certainly don’t miss the avalanche of item listings. Sellers also like providing catalog experiences; their items get more exposure. With eBay’s built-in product definitions, sellers don’t need to take valuable time writing product descriptions or item specifics or even providing photos—eBay’s built-in product definitions take goods quickly to market. New this year: creating your own product listing within the eBay catalog using UPC codes and brand MPNs.
Imagine a commerce world where thematic and seasonal stores could automatically pop up and then disappear with minimal editorial work. Here we talk about the underlying platform that enables mining large-scale user behavior and query data to set up stores automatically based on themes of interest, and emerging and buzz-creating topics. We will describe the science and tools to build experiences that would drive commerce through custom experience and social media, and help sellers, shoppers, and the enthusiasts.
Adaptive APIs meet the real world - FundRazrX.commerce
Actual case studies of developers using Adaptive Accounts and Adaptive Payments to make real, live money. These developers went beyond simple checkout. Here is how they used our APIs to remove the barriers to setting up accounts, initiating pre-approvals, and creating chained payments.
Actual case studies of developers using Adaptive Accounts and Adaptive Payments to make real, live money. These developers went beyond simple checkout. Here is how they used our APIs to remove the barriers to setting up accounts, initiating pre-approvals, and creating chained payments.
Paypal checkout anytime anywhere paulam chang matt coleX.commerce
Checkout is the critical final step, and nothing should mar the flow for digital or physical goods, split payments, or mobile. Our use cases will start from the beginning order process, move on to authorization, and then capture, void, refund, and order completion steps.
Introduction to types and goals of automated tests, their integration and application within Magento. We closely examine the development of various integration tests in the framework and configuration they reside. We will look at several example of test cases development and provide guidelines for success.
Developing loosely coupled modules with MagentoX.commerce
Magento configuration files are a solid way to integrate with a module’s features. Application developers will gain insight into the different kinds of module dependencies and their impact on applications. We’ll look at Magento’s events model as an example to illustrate how to publish and subscribe messaging patterns as a universal decoupling mechanism.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
16. app
1 work
2 work
3 COMMIT
Redo log
standby offsite failover
17. app A
1 work
2 work
3 insert message 5 read message
app B
4 COMMIT
6 if message isn’t “done”
7 work
8 mark message as “done”
9 COMMIT
18. 5 sync call
app A
1 work
2 work
3 insert message 10 read message
app B
4 COMMIT
6 if message isn’t “done”
7 work
8 mark message as “done”
9 COMMIT
19.
20. physical security
machine access controls
firewalls
service-level access control
encryption on the wire
encryption at rest
hardware encryption (HSM)
21. balance log balance: $100 Account Activity
Oct 1 open: $0 Oct 12 Add Funds $15
Oct 12 +$150 from Bank 0
Oct 13 - $50 Oct 13 Balance- $50
funded
Payment
what paypal tech doesI picked some problemsideas influencing devsampler platetechnical, dense12:30-1:15 Thurs 10/13 Room 2018(40m, 5m Q&A)
startuprelease nights, stayed up late, ate eggrolls, and crossed fingers that the site wouldn’t crashdb pw
daughter, (new reason to stay up all night)still eat eggrolls for release, but now it happens during the day (don’t sleep under desks)even if I wanted, customer data with 10 foot polewhat’s inside?
early engineerswere smart, motivated - take over the worldno problem unsolveable, no technique off-limitsinnovation (GL – impl of captcha)huge copy/paste, “magic” communication
voila! inside kind of looks like this.
spend money on reliable data storehttpd & geronimo
1998 ecosystemfounding culture of “we can build it better” – different nowC++ ecosystem is weak compared to what you see in Java, Pythonwhat does all this stuff do?
trend: API box covering more
tech problems, our solutions
3 themes for problems
why do we consider this “reliable” at this point?redo log for raw datastandby – fast failoveroffsite – recover from disasterwhat about pieces in payments that have to work together
lots of different systems involved in fulfilling a payment, working together reliablyif you wonder about delay
ensure that a payment reaches the end stateinfra technique used many domainsas a business that deals with money, how do we build trust that nothing fishy is going on?
trustworthy!how do you prevent or and detect tampering?
responsibleexamples in the industrypreso: Bill Corry info secwhat about people that are allowed to touch these things?
Two ways to answer the same questionchain of comparisons ultimately takes you to border between PP and external financial systemor penny-slicing, like insuperman III?round-off slicing doesn’t really apply – PP is in the middle of fxtxns, and round-off would have to be a txn
tricky word because it can apply to a lot of things
Does your codebase have “room”?tech organization that experienced huge, continuous growth, all of these dims have had “scaling” challenges
payment processing capacitymem managementzombie boxes in/out rotationpush (connections)less eff, but SIMPLE to debug/operateput on read-only instances of DB’shorizontal scaling, indefiniteisolate problems of state-mgt
our strategy for scaling readsauthentication, customer historybut what about state?
monster box, could take 128 CPUs, started with 48
too much work sync between cpuswork not totally independent (indices, etc.)
business functionpartition by domain, independent machinesone machine lot of CPUs couldn’t do it
dependencies!points of failure!work gets to be too big for one?
don’t need all partitions to serve requestlocalize customer data to an in-country datacenterwhat about work spanning users (later)
hiring more peoplelogisticsgetting people into a roommake room, keep small scope
domainsexercise at first forced us to define “what paypalis”given these buckets, next question was how to ensure ensure dependencies don’t just turn it into a black holesmall scope, SOAbut something else that’s proved effective is…
files that specify dependenciestopology and securitymaven has thistools that tell us, constrain, what talks to whatenforces boundaries – keeps things apartbut how do you get composition without coupling?
some principles that we’re working with, to ensure scales and is reliablesum it up in one phrase
ACID propertiesdo work, spanning lots of systems, together, in a way that ensures a consistent outcomeincomplete financial activityhow to classify “work” or transactions?
how to keep these transactions consistent at scale?first two are easy – replicas, work on single partitions
entities are customersother happens eventuallydecouples how they get their job done, contentionconsistent state change across entitiescloud storage APIs – this constraint in txnswhat’s the difficulty with this model?
RPC/http/soapreliable, trustworthy - “unknown” is the worst possible answer!all systems with RPC-style interaction, with remote stateas you partition state, more places where this can happencoding this is a mess – have infra help you
constraints, freedoms of: data access, RPC, memory/process model. your public APIs.Constraints define what happen when you scalewe underestimated the weight/cost of this, and didn’t invest enough early in engineering solutionsimplications can’t be completely hidden from app; rely on infrayour core competency, differentiator
motivating designconstantly looking for ways to push this into the infrastructures.t.devs don’t have to worry about scale, throughput, reliability, correctness – our differentiator
good read because:-short, with lots of pictures; appear intelligent without having to read a library- covers fundamental issues in large-scale, reliable, distributed systemsweakened ACIDPP Wars Eric Jackson, beginnings, war stories