Presentation of the main functionalities of specs2, then some less well-known (but useful!) ones. Included in the tour: all the brand new features of specs2 2.0
OOCSS for JavaScript Pirates jQcon BostonJohn Hann
At first glance, Object-Oriented CSS looks like yet another rehash of CSS "best practices". Maybe the OO part caught your attention briefly before you dismissed it as a gimmick. Who cares about CSS anyways? I'm a JavaScript Pirate! CSS is for lollygaggers and deck scrubbers!
That's what these JavaScript Pirates thought, too, at first. But now that we're skilled in the arcane art of OOCSS, we've come to realize that it not only helps us write better CSS, but it also helps us write much better JavaScript!
You too will be able to create kick-ass web apps that are engineering marvels -- able to withstand high seas and hurricane-force winds -- er... or at least unreasonable customer demands.
First, we'll review the basics of OOCSS. Then, we'll delve deeper. Way deeper.
Attending pirates will learn how to:
1) use OOCSS principles to modularize HTML into reusable components, 2) mate these components with CSS rules and JavaScript ""controllers"", and 3) identify and implement inheritance patterns in CSS, HTML, and JavaScript.
More importantly, pirates will discover several little-known secrets about OOCSS. These ""secrets"" are tips and techniques that you won't find in any book, tutorial, or treasure map. They're not even divulged on the OOCSS Github repository! Once you see them in action, you'll never want to do it the ""old way"" again.
For certain, by the end of this session, you will: 1) have a much greater appreciation for CSS, 2) understand several simple, yet powerful, techniques for applying OOCSS, and 3) feel much more confident about creating and maintaining large web apps.
Arrrrrr, matey!!! Let the wind blow!
OOCSS for JavaScript Pirates jQcon BostonJohn Hann
At first glance, Object-Oriented CSS looks like yet another rehash of CSS "best practices". Maybe the OO part caught your attention briefly before you dismissed it as a gimmick. Who cares about CSS anyways? I'm a JavaScript Pirate! CSS is for lollygaggers and deck scrubbers!
That's what these JavaScript Pirates thought, too, at first. But now that we're skilled in the arcane art of OOCSS, we've come to realize that it not only helps us write better CSS, but it also helps us write much better JavaScript!
You too will be able to create kick-ass web apps that are engineering marvels -- able to withstand high seas and hurricane-force winds -- er... or at least unreasonable customer demands.
First, we'll review the basics of OOCSS. Then, we'll delve deeper. Way deeper.
Attending pirates will learn how to:
1) use OOCSS principles to modularize HTML into reusable components, 2) mate these components with CSS rules and JavaScript ""controllers"", and 3) identify and implement inheritance patterns in CSS, HTML, and JavaScript.
More importantly, pirates will discover several little-known secrets about OOCSS. These ""secrets"" are tips and techniques that you won't find in any book, tutorial, or treasure map. They're not even divulged on the OOCSS Github repository! Once you see them in action, you'll never want to do it the ""old way"" again.
For certain, by the end of this session, you will: 1) have a much greater appreciation for CSS, 2) understand several simple, yet powerful, techniques for applying OOCSS, and 3) feel much more confident about creating and maintaining large web apps.
Arrrrrr, matey!!! Let the wind blow!
Resonant Insights presented this at the Lake Washington HR Association Symposium on Feb.9, 2012 in Bellevue, WA. Contact Bobby Bakshi, Chief Inspiration Officer, to learn more:
bobby@resonantinsights.com
Decision Forest: Twenty Years of ResearchLior Rokach
A decision tree is a predictive model that recursively partitions the covariate's space into subspaces such that each subspace constitutes a basis for a different prediction function. Decision trees can be used for various learning tasks including classification, regression and survival analysis. Due to their unique benefits, decision trees have become one of the most powerful and popular approaches in data science. Decision forest aims to improve the predictive performance of a single decision tree by training multiple trees and combining their predictions.
How to Attract and Engage Talent in the Midst of all the Noise (employer bran...Celinda Appleby
Keynote presentation for RecruitDC - Fall Conference (11/15)
Session description:
In this session, we will discuss why it makes sense for companies to marry their consumer and talent brands. Celinda Appleby will share her best tried-and-tested ideas on how to build a truly talent driven employer brand. This session is all about turning your business into a brand that steals the show and one that every top candidate is dying to work for. At the end of this session, you will be able to:
Leverage and engage key stakeholders for buy-in
Build social channels that drive talent engagement
Connect with your audience using creative content
Enable your team to boost the employer brand
Apply human elements that makes it easier to recruit
#lifeatOracle
How to slice your monolithic webapp using MicroApps architectureYonatan Maman
Slicing a monolithic web service into MicroServices Architecture is a well known practice.
However, when it comes to a monolithic web application new challenges raises.
In Outbrain we have developed the MicroApps Architecture which aims to target these challenges using MicroServices concepts.
In this deck I will tell the story behind MicroApps Architecture: motivation, benefits, issues, and plans for the future.
Revealing spatial and temporal patterns from Flickr photography: a case study...Sander van der Drift
An exploratory visual analytics approach was used to identify temporal distributions, spatial clusters and popular routes of tourists in Amsterdam by making use of geotagged photos from social media platform Flickr. The presented methods combine the analytical strength of humans with the data processing power of computers, using geovisualisations and charts to explore data, find patterns, and draw conclusions from its outcomes. For this research, the metadata of 2,849,261 geotagged photos was harvested from Flickr and stored in a spatial database. From this dataset, 393,828 photos were located in the municipality of Amsterdam. A semi-automatic classification method classified 39,1% of the users as tourist with a very high precision and recall. The temporal distribution of tourists and locals is compared for different temporal granularities. A method is presented to assess photo timestamps by making use of photos that contain a real clock. An existing grid-based clustering method was implemented and improved to explore Amsterdam’s spatial distribution of tourists in Google Earth. The major tourist hotspots are detected using the density-based clustering algorithm DBSCAN. Finally, the most probable routes of tourists between subsequent photo locations were estimated and aggregated into a route density map. A qualitative approach was used to validate the study outcomes by interviewing eight tourism experts of the municipality of Amsterdam. Their knowledge about the city bears a good resemblance with the detected spatial clusters and route density map of tourists. Despite several imperfections of geosocial data, we conclude that the methods provide meaningful insight into the spatial and temporal patterns of tourists in urban spaces and are a valuable addition to traditional tourism surveys.
How do you get everybody in your company to understand who is using your product — especially if you're not 100% certain yourself? You've got out of the building and talked to your customers, but how do you communicate what you learned when you get back?
Persona — research-based examples of the people who use your product — help teams understand customers and deliver the features they really need.
This talks shows you how to get the whole team involved in user research. We work through an example scenario showing you how to build persona incrementally. You'll learn practical techniques for integrating persona with lean approaches to product strategy and development.
Pratiques innovantes sur les réseaux sociauxSofteam Agency
Issue du travail du planneur stratégique de l'agence Modedemploi, Jérémie Janicot (@MrtripleJ) cette étude de cas s'attache à :
• Mettre en avant les pratiques innovantes pour exprimer un ADN de marque fort et différentiant de manière impliquante sur les réseaux sociaux.
• Comprendre sur quels piliers fondateurs s’appuient ces campagnes.
• S’interroger sur ce que ces campagnes impliquent pour l'évolution de la prise des paroles des marques sur les réseaux.
Entre autres campagnes présentées : Marc Jacobs, Air France, Adidas, Mercedes ou encore Skittles...
Una de las preguntas más recurrentes por las personas de marketing hoy es qué métricas son las más relevantes para medir la efectividad de una campaña de eMarketing.
Existe muchos datos e información que uno puede obtener en el mundo de Internet. Lo importante es conocer cuales son claves para medir la efectividad de sus campañas Online.
Lo invitamos a rver esta presentación y descubrir qué tipo de métricas debe prestarle atención y hacerle seguimiento en el tiempo para así ir mejorando su efectividad.
[우리가 데이터를 쓰는 법] 우리가 고객을 이해하는 법 - 에그번 에듀케이션 문관균 대표Dylan Ko
Gonnector(고넥터) 고영혁 대표가 주최한 스타트업 데이터 활용 세미나 '우리가 데이터를 쓰는 법' 의 여섯 번째 발표 자료
세미나 : 우리가 데이터를 쓰는 법 (How We Use Data)
일시 : 2016년 4월 12일 화요일 10:00 ~ 18:00
장소 : 마루180 (Maru180) B1 Think 홀
제목 : 우리가 고객을 이해하는 법
연사 : 에그번 에듀케이션 문관균 대표
Dive into ROP - a quick introduction to Return Oriented ProgrammingSaumil Shah
A tutorial created to introduce you to the core concepts of Return Oriented Programming (ROP). ROP is an essential technique in defeating exploit mitigation protection such as DEP, found in modern operating systems.
Slides from my presentation about Shopzilla's concurrency strategies to the Pasadena Java User's Group on April 26, 2010. This is essentially the same material as covered by my colleague Rodney Barlow in an earlier presentation http://www.slideshare.net/rodneypbarlow/shopzilla-on-concurrency, with a few minor tweaks.
Resonant Insights presented this at the Lake Washington HR Association Symposium on Feb.9, 2012 in Bellevue, WA. Contact Bobby Bakshi, Chief Inspiration Officer, to learn more:
bobby@resonantinsights.com
Decision Forest: Twenty Years of ResearchLior Rokach
A decision tree is a predictive model that recursively partitions the covariate's space into subspaces such that each subspace constitutes a basis for a different prediction function. Decision trees can be used for various learning tasks including classification, regression and survival analysis. Due to their unique benefits, decision trees have become one of the most powerful and popular approaches in data science. Decision forest aims to improve the predictive performance of a single decision tree by training multiple trees and combining their predictions.
How to Attract and Engage Talent in the Midst of all the Noise (employer bran...Celinda Appleby
Keynote presentation for RecruitDC - Fall Conference (11/15)
Session description:
In this session, we will discuss why it makes sense for companies to marry their consumer and talent brands. Celinda Appleby will share her best tried-and-tested ideas on how to build a truly talent driven employer brand. This session is all about turning your business into a brand that steals the show and one that every top candidate is dying to work for. At the end of this session, you will be able to:
Leverage and engage key stakeholders for buy-in
Build social channels that drive talent engagement
Connect with your audience using creative content
Enable your team to boost the employer brand
Apply human elements that makes it easier to recruit
#lifeatOracle
How to slice your monolithic webapp using MicroApps architectureYonatan Maman
Slicing a monolithic web service into MicroServices Architecture is a well known practice.
However, when it comes to a monolithic web application new challenges raises.
In Outbrain we have developed the MicroApps Architecture which aims to target these challenges using MicroServices concepts.
In this deck I will tell the story behind MicroApps Architecture: motivation, benefits, issues, and plans for the future.
Revealing spatial and temporal patterns from Flickr photography: a case study...Sander van der Drift
An exploratory visual analytics approach was used to identify temporal distributions, spatial clusters and popular routes of tourists in Amsterdam by making use of geotagged photos from social media platform Flickr. The presented methods combine the analytical strength of humans with the data processing power of computers, using geovisualisations and charts to explore data, find patterns, and draw conclusions from its outcomes. For this research, the metadata of 2,849,261 geotagged photos was harvested from Flickr and stored in a spatial database. From this dataset, 393,828 photos were located in the municipality of Amsterdam. A semi-automatic classification method classified 39,1% of the users as tourist with a very high precision and recall. The temporal distribution of tourists and locals is compared for different temporal granularities. A method is presented to assess photo timestamps by making use of photos that contain a real clock. An existing grid-based clustering method was implemented and improved to explore Amsterdam’s spatial distribution of tourists in Google Earth. The major tourist hotspots are detected using the density-based clustering algorithm DBSCAN. Finally, the most probable routes of tourists between subsequent photo locations were estimated and aggregated into a route density map. A qualitative approach was used to validate the study outcomes by interviewing eight tourism experts of the municipality of Amsterdam. Their knowledge about the city bears a good resemblance with the detected spatial clusters and route density map of tourists. Despite several imperfections of geosocial data, we conclude that the methods provide meaningful insight into the spatial and temporal patterns of tourists in urban spaces and are a valuable addition to traditional tourism surveys.
How do you get everybody in your company to understand who is using your product — especially if you're not 100% certain yourself? You've got out of the building and talked to your customers, but how do you communicate what you learned when you get back?
Persona — research-based examples of the people who use your product — help teams understand customers and deliver the features they really need.
This talks shows you how to get the whole team involved in user research. We work through an example scenario showing you how to build persona incrementally. You'll learn practical techniques for integrating persona with lean approaches to product strategy and development.
Pratiques innovantes sur les réseaux sociauxSofteam Agency
Issue du travail du planneur stratégique de l'agence Modedemploi, Jérémie Janicot (@MrtripleJ) cette étude de cas s'attache à :
• Mettre en avant les pratiques innovantes pour exprimer un ADN de marque fort et différentiant de manière impliquante sur les réseaux sociaux.
• Comprendre sur quels piliers fondateurs s’appuient ces campagnes.
• S’interroger sur ce que ces campagnes impliquent pour l'évolution de la prise des paroles des marques sur les réseaux.
Entre autres campagnes présentées : Marc Jacobs, Air France, Adidas, Mercedes ou encore Skittles...
Una de las preguntas más recurrentes por las personas de marketing hoy es qué métricas son las más relevantes para medir la efectividad de una campaña de eMarketing.
Existe muchos datos e información que uno puede obtener en el mundo de Internet. Lo importante es conocer cuales son claves para medir la efectividad de sus campañas Online.
Lo invitamos a rver esta presentación y descubrir qué tipo de métricas debe prestarle atención y hacerle seguimiento en el tiempo para así ir mejorando su efectividad.
[우리가 데이터를 쓰는 법] 우리가 고객을 이해하는 법 - 에그번 에듀케이션 문관균 대표Dylan Ko
Gonnector(고넥터) 고영혁 대표가 주최한 스타트업 데이터 활용 세미나 '우리가 데이터를 쓰는 법' 의 여섯 번째 발표 자료
세미나 : 우리가 데이터를 쓰는 법 (How We Use Data)
일시 : 2016년 4월 12일 화요일 10:00 ~ 18:00
장소 : 마루180 (Maru180) B1 Think 홀
제목 : 우리가 고객을 이해하는 법
연사 : 에그번 에듀케이션 문관균 대표
Dive into ROP - a quick introduction to Return Oriented ProgrammingSaumil Shah
A tutorial created to introduce you to the core concepts of Return Oriented Programming (ROP). ROP is an essential technique in defeating exploit mitigation protection such as DEP, found in modern operating systems.
Slides from my presentation about Shopzilla's concurrency strategies to the Pasadena Java User's Group on April 26, 2010. This is essentially the same material as covered by my colleague Rodney Barlow in an earlier presentation http://www.slideshare.net/rodneypbarlow/shopzilla-on-concurrency, with a few minor tweaks.
Observability: Beyond the Three Pillars with SpringVMware Tanzu
In this presentation, we’ll explore the basics of the three pillars and what Spring has to offer to implement them for logging (SLF4J), metrics (Micrometer), and distributed tracing (Spring Cloud Sleuth, Zipkin/Brave, OpenTelemetry).
I’ll also talk about how to take your system to the next level, and what else you can find in Spring and related technologies to look under the hood of your running system (Spring Boot Actuator, Logbook, Eureka, Spring Boot Admin, Swagger, Spring HATEOAS) and what our future plans are.
Introduction to Streaming Distributed Processing with StormBrandon O'Brien
Contact:
https://www.linkedin.com/in/brandonjobrien
@hakczar
Introducing streaming data concepts, Storm cluster architecture, Storm topology architecture, and demonstrate working example of a WordCount topology for SIGKDD Seattle chapter meetup.
Presented by Brandon O'Brien
Code example: https://github.com/OpenDataMining/brandonobrien
Meetup: http://www.meetup.com/seattlesigkdd/events/222955114/
Abstract
Concurrency is everywhere. Prior to Java 5, concurrency was difficult
and error prone. Since Java 5, it's far more prevalent in our
application code, and through time it's been lurking in open-source
frameworks and containers. Concurrency is also a fundamental part of
Shopzilla's web-site and services ecosystem.
Introduction
Rod Barlow from Shopzilla will explore a brief history of concurrency, and the key
concurrency features and techniques provided by the Java API since
Java 5. Topics covered include Immutability, Atomic References, Blocking
Queues, Locks and Deadlocks. Also covered is Concurrency in
Frameworks, and Shopzilla's Website Concurrency Framework, including
Thread Pools, Executors and Futures.
Challenges of angular in production (Tasos Bekos) - GreeceJS #17GreeceJS
Modern web applications have constantly growing requirements and their API and complexity grows exponentially. In this session we'll look at a practical example of how to optimize solutions, like bundling, tree shaking, ahead of time compilation, lazy loading, etc. Also, we will get a glimpse of what it takes to switch a complex product to a modern stack, with Angular in its heart, and how the company's commitment is making it possible.
The slides for Stream Processing Meetup (7/19/2018)(https://www.meetup.com/Stream-Processing-Meetup-LinkedIn/events/251481797/).
This presentation introduces the newly-developed Samza Runner for Apache Beam. You will see the capability of the Samza Runner and how it supports key Beam features. You will also see a few use cases and our future roadmap.
Flink Forward SF 2017: Stephan Ewen - Experiences running Flink at Very Large...Flink Forward
This talk shares experiences from deploying and tuning Flink steam processing applications for very large scale. We share lessons learned from users, contributors, and our own experiments about running demanding streaming jobs at scale. The talk will explain what aspects currently render a job as particularly demanding, show how to configure and tune a large scale Flink job, and outline what the Flink community is working on to make the out-of-the-box for experience as smooth as possible. We will, for example, dive into - analyzing and tuning checkpointing - selecting and configuring state backends - understanding common bottlenecks - understanding and configuring network parameters
Uniface Lectures Webinar - Building Responsive Applications with Uniface: Get...Uniface
Building Responsive Applications with Uniface: Getting Started (Part 1 of 3)
In this webinar you will learn:
• Requirements for a new project
• Development Environment walkthrough
• Application architecture considerations
Automated Application Management with SaltStackinovex GmbH
SaltStack is a new System Management Platform that provides various automations for the lifecycle of systems (HW/VMs). This makes it possible to trigger routines based on specific events using Salt Reactor. The event-based orchestration component of SaltStack recognizes f.e. the adding of new Salt minions (agents) in the Salt host inventory/database, the start of minions after the first system booting, the execution of any (distributed) commands (local or master-triggered) and much more. You can use this framework to provision newly created hosts/VMs with packages and configuration files, or to fully automate the rollout/deployment of new software releases and pre/post actions (DB backup, schema update, removal von temporary files, etc.).
Event: inovex Meetup Köln, 08.06.2016
Speaker: Arnold Bechtoldt
weitere Tech-Vorträge: https://www.inovex.de/de/content-pool/vortraege/
This talk presents 3 programming situations where typeclasses and generics are not adequate: evolving serialization protocols, data generation, modular applications. A library, registry, can be used to help with those 3 situations by giving us the means to wire and rewire code at will.
Functional Programming is on the rise and many programmers fall in love with the idea that they can build well-behaved programs from small, well-understood, functions.
However our community is still wondering how to best build large applications and services.
Many techniques co-exist nowadays: functions-only, MTL, effects, Tagless-final, ReaderT pattern, dependency injection... This can be so confusing for newcomers.
This talk will take a "zoom out" approach and come back to what we are really after: modularity.
We will embark on a "modularity tour":
- why is it so important to have modular programs?
- vhy is it so hard to achieve modularity?
- what can we expect from today's techniques?
- what can we hope from the ongoing research?
This talk presents a library, registry, supporting the creation of modular Haskell applications in a very approachable way. And since this library actually helps with wiring functions it can be reused in other contexts like creating data generators for property-based testing.
Streaming, effects and beautiful folds: a winning trilogyEric Torreborre
Streaming libraries are kind of complex. Why is that so?
They have to handle many different concerns: streaming, composition, concurrency, resources management,... Is it possible to isolate those concerns into smaller, composable libraries?
The Eff monad is an alternative to monad transformers. It is implemented as a library in https://github.com/atnos-org/eff-cats and https://github.com/atnos-org/eff-scalaz
Short presentation to show the use of construction injection + cats.Xor to build an application as a graph of services, then use tree rewriting to replace some parts with mocks or to make singletons
Generating data to run QuickCheck properties is a bit of a black art, especially when working with recursive data structures and
(polymorphic) functions.In this talk we will review some of the issues and point to some literature aiming at solving them. We will in particular focus on one elegant piece of mathematics, combinatorial species, and see how they could serve as the foundation of data generation.
This talk presents Origami, a library providing "monadic folds" to accumulate values (like mean, standard deviation, min/max) on "streams" of values which can be coming from iterators, scalaz-stream processes or Akka data flows.
“Make illegal state unrepresentable” - Yaron Minsky
Starting from Yaron’s quote we will see where it traditionally applies: values sanitization (escaping), data structures (NonEmptyList), CS constructs (parsers). Does it still apply to the rest of the day-to-day programming where things look… complicated?
In particular we will develop the example of executing applications which can run on single Amazon EC2 instances (for testing) or on full EMR clusters (for production) and which can take data from S3 (meaning that they need to download it and put it somewhere first) or use local data.
Can we make sure we get the right paths? Can we know when it is possible to download data efficiently (using distcopy to go directly from S3 to the cluster for example)? The answer is: create specific data types to model the different cases and tame the complexity.
The take-away: datatypes are not only for “data” but they can also encapsulate “logic”
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Enhancing Performance with Globus and the Science DMZGlobus
ESnet has led the way in helping national facilities—and many other institutions in the research community—configure Science DMZs and troubleshoot network issues to maximize data transfer performance. In this talk we will present a summary of approaches and tips for getting the most out of your network infrastructure using Globus Connect Server.