Before Symfony was spelled with a capital “S” there was another symfony, the first version of the framework. It already meant a lot to me at the time. But with the arrival of Symfony 2 it became clear that something very important was happening in the world of PHP programming. It appears that this framework is able to turn amateur website makers (like I used to be) into actual software developers. What is the secret? What makes Symfony so special? And why am I still hooked?
We’ll look at pieces of code, the Symfony ecosystem, the people behind it, the things that have been written about it, and the experience that I have with it. We’ll take a trip down memory lane, collecting pieces for our Symfony scrapbook, while we try to construct an answer to these questions.
Before Symfony was spelled with a capital “S” there was another symfony, the first version of the framework. It already meant a lot to me at the time. But with the arrival of Symfony 2 it became clear that something very important was happening in the world of PHP programming. It appears that this framework is able to turn amateur website makers (like I used to be) into actual software developers. What is the secret? What makes Symfony so special? And why am I still hooked?
We’ll look at pieces of code, the Symfony ecosystem, the people behind it, the things that have been written about it, and the experience that I have with it. We’ll take a trip down memory lane, collecting pieces for our Symfony scrapbook, while we try to construct an answer to these questions.
Culerity - Headless full stack testing for JavaScriptThilo Utke
This is a presentation i gave at the Java Script User group (twitter.com/berlinjs). It is about testing your entire web application including javascript without opening a browser for that.
Culerity - Headless full stack testing for JavaScriptThilo Utke
This is a presentation i gave at the Java Script User group (twitter.com/berlinjs). It is about testing your entire web application including javascript without opening a browser for that.
Puppet is a configuration management tool which allows easy deployment and configuration ranging from 1 to 1 thousand servers (and even more). Even though its common knowledge for devops, puppet is still a strange piece of software for developers. How does it work and what can it do for you as a developer?
Managing Windows Systems with Puppet - PuppetConf 2013Puppet
"Managing Windows Systems with Puppet" by James Sweeny Professional Services Engineer, Puppet Labs.
Presentation Overview: Since Puppet grew up in the *nix world, there is a common misconception that it can't be used to effectively manage Windows. This talk hopes to dispel confusion on the matter and demonstrate that Windows can be managed effectively and easily with Puppet. Along with basic how-tos and tips on working with Windows systems using Puppet, Windows specific issues and caveats will be discussed with effective mitigations.
Speaker Bio: James is a recovering sysadmin currently working as a Professional Services Engineer at Puppet Labs. He performs training and advises on configuration and systems management best practices in his day job. Though his focus is primarily on Linux systems, he frequently is tasked to work on Solaris, OS/X, and Windows. He is unafraid to admit that he runs Windows 7 on his primary desktop.
Introducing NoSQL and MongoDB to complement Relational Databases (AMIS SIG 14...Lucas Jellema
This presentation gives an brief overview of the history of relational databases, ACID and SQL and presents some of the key strentgths and potential weaknesses. It introduces the rise of NoSQL - why it arose, what is entails, when to use it. The presentation focuses on MongoDB as prime example of NoSQL document store and it shows how to interact with MongoDB from JavaScript (NodeJS) and Java.
Webinar: Fighting Fraud with Graph DatabasesDataStax
Modern fraud detection has significant engineering challenges. From managing the ingestion and scale, to the analysis of those patterns in real-time. We'll first take a look at how DataStax Enterprise Graph, powered by the industry’s best version of Apache Cassandra™, can meet those requirements to help you save the day.
Amazon RDS allows you to launch an optimally configured, secure and highly available database with just a few clicks. It provides cost-efficient and resizable capacity while managing time-consuming database administration tasks, freeing you up to focus on your applications and business. We’ll discuss Amazon RDS fundamentals, learn about the six available database engines (with the seventh on the way), and examine customer success stories.
IBM Storage for Analytics, Cognitive and CloudTony Pearson
Presentation on Software-Defined Storage, Spectrum Scale for Analytics with Hadoop and Hortonworks, and IBM Cloud Object Storage, presented March 15 in San Juan, Puerto Rico
The AWS Workshop Series Online is a series of live webinars designed for IT professionals who are looking to leverage the AWS Cloud to build and transform their business, are new to the AWS Cloud or looking to further expand their skills and expertise. In this series, we will cover:'Introduction to Cloud Computing with Amazon Web Services'.
Introducing Monsoon PHP Framework (monsoonphp.com). You can maintain your API and CLI code in the same codebase of your Application using the MVC pattern. The framework assists developers in creating a simple, fast and secure application very quickly. See this slideshow for an introduction. Proudly made in Bhārat (India).
If You Have The Content, Then Apache Has The Technology!gagravarr
Within the ASF, there are a wide variety of projects with technologies to help you store, retrieve, host, transform and generate content. This talk will review the landscape of Apache content technologies, provide a quick introduction to the more common and more interesting projects, and flag up new and innovative features within them. It'll also highlight talks from the rest of the week on many of the projects covered, so that you'll know where and when to go to learn more about those projects and technologies which catch your eye!
CNIT 152: 13 Investigating Mac OS X SystemsSam Bowne
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia, at City College San Francisco.
Website: https://samsclass.info/152/152_F18.shtml
Let's Build an Inverted Index: Introduction to Apache Lucene/SolrSease
The University Seminar series aim to provide a basic understanding of Open Source Information Retrieval and its application in the real world through the Apache Lucene/Solr technologies.
ypes and providers are some of the most powerful abstractions within Puppet, and extending them to model resources outside the scope of simple types can make configuration management extraordinarily useful. Taking the step to extend Puppet's functionality beyond standard resources like users and files can be daunting, though, and getting started in Puppet's Ruby libraries is a different beast than the Puppet language. In this presentation we'll look at an illustrative example of how Puppet can be used to manage custom types in a sophisticated and extensible way, ultimately bridging the gap between Puppet types and resources that can be modeled as objects over RESTful interfaces. Using real module code as an example, we'll look at how combining the declarative nature of Puppet resources with any command or REST interface can make managing complicated systems easier (Elasticsearch being the illustrative example). Testing will also be covered to demonstrate how custom types and providers can offer even more code quality and assurance than basic Puppet manifests. Attendees will learn about how to write Puppet modules (including types and providers), how to use Puppet Ruby APIs, module testing, and Elasticsearch APIs.
The Apereo OAE Bootcamp offers an introduction into back-end and front-end development for the Apereo OAE project.
The back-end development part focuses on learning the different extension points behind the scenes in the service layer of OAE. A back-end component for OAE that exposes a REST API is built from scratch.
Back-end development topics include:
- Node.js NPM module system
- OAE back-end application life-cycle
- Data-modelling with Apache Cassandra and writing CQL queries from Node.js
- Using the OAE APIs to expose back-end functionality for the web VIA RESTful APIs
- Writing back-end unit tests using Grunt and Mocha. If time permits, the following will also be covered:
- Integrating with OAE's ElasticSearch query and index functionality
- Integrating with OAE's Activity and Notifications functionality
- Integration with OAE's Admin Configuration functionality
The front-end development part focuses on writing a UI widget using the REST APIs developed in the back-end development part.
Front-end development topics include:
- Integrating with the OAE Widget loading system
- Writing internationalizable templates with TrimPath and the widget i18n and l10n functionality
- Interacting with the core OAE UI APIs
- Using bootstrap 3 to design responsive UI layouts for your widgets
- Writing front-end unit tests using Grunt and CasperJS
CNIT 121: 13 Investigating Mac OS X SystemsSam Bowne
Slides for a college course based on "Incident Response & Computer Forensics, Third Edition" by by Jason Luttgens, Matthew Pepe, and Kevin Mandia.
Teacher: Sam Bowne
Twitter: @sambowne
Website: https://samsclass.info/121/121_F16.shtml
Global introduction to elastisearch presented at BigData meetup.
Use cases, getting started, Rest CRUD API, Mapping, Search API, Query DSL with queries and filters, Analyzers, Analytics with facets and aggregations, Percolator, High Availability, Clients & Integrations, ...
Introduction to Ansible - Jan 28 - Austin MeetUptylerturk
This presentation is a fairly brief introduction to ansible including some minor details around WP Engine's implementation, variable precedence, a sample playbook, and some of the core concepts around what makes ansible tick.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
2. Topics Covered
• Introduction to Puppet
• What is Puppet?
• Configuration Management Tools
• DevOps Tools Chains
• Puppet Fundamentals
• Node Calssification
• The Catalog
• Resource Types
• Resource Abstraction Layer
• Classes and Defined Types
• Modules
• Templates and Static Files
• Puppet Modules
• Use modules from Puppet forge
• Build your own module
3. What is Puppet?
• Open Source Configuration Management Tool
• On going management of servers
• Declarative Language Allows to define what needs to
be managed on an Operating System
• Works on all major platforms (Linux, Unix, MacOS,
Windows)
• Puppet Enterprise with better reporting and
management features + official support.
4. Configuration Management
Tools
• Puppet, Ansible, Chef, SaltStack, ChefEngine
• Automation
• Reproducibility
• Scale
• Aligned Environments
• Infrastructure as a Code
• History of changes on Infrastructure
5. DevOps Tools Chains
• DevOps is about culture, processes, people and tools.
• Where does Puppet fits in the typical DevOps tools chain?
• SCM
• Repository and Software Management
• Software Builds
• Configuration Management (Puppet)
• Testing, Monitoring (Puppet reporting)
• Cloud (AWS, Rackspace, Openstack, Google Cloud)
• Containerization and Virtualization (Puppet can build docker images)
• Databases
• Application Servers
6. Node Classification
• To identify nodes and then compile catalog for
them.
• Typical node classification includes, classes,
parameters, environment.
• Puppet Code, hiera_include, External Node
Classifier.
7. The Catalog
• List of resources along with their relationships
(dependencies, subscriptions)
• Json Format
• Client sends facts, Master compiles the catalog,
client applies the catalog.
• Client uses RAL to execute operating system level
commands.
8. Puppet Resource
• Resource is a single unit of configuration.
• Every resource has a resource type associated.
• Resource declaration includes: type, title, attribute/argument.
file {‘/tmp/devopsdubai.txt’:
ensure => file
}
• Namevars
• References:
• puppet describe file
• puppet describe --list
9. Resource Abstraction Layer
• Resources are abstracted
• Types and Providers
• Type specifies the attributes of resources
• Providers implements resources on the underlying
operating system.
• puppet resource user
• puppet resource user root
10. Classes and Defined Types
• Classes are combination of resources
• Class parameters
• Include or Declare?
• Defined resource Types
• Similar to Classes
• Can be declared multiple times with different titles.
• Can be declared only.
11. Modules
• Puppet Code is written in files called manifests.
• Modules are distributable puppet classes/manifests.
• Modules stored on modulepath are only visible to
puppet command.
• Pre Defined Directory structure required for
autoloading of classes.
12. Templates and Static
Files
• ERB templates
• Loops, conditionals and variables are available.
• Static files can’t be changed by Puppet Code.
• Deployed on system as it is without any
interpolation.