The Limited Red Society
•
0 likes•572 views
Talk given at NordicRuby about how we can learn and adapt from Metrics recorded from our tests as we code.
Report
Share
Report
Share
Recommended
JIT Feedback — what Experienced Developers like about Static Analysis (icpc2018)
Although software developers are usually reluctant to use static analysis to detect issues in their source code, our automatic just-in-time static analysis assistant was integrated into an Integrated Development Environment, and was evaluated positively by its users. We conducted interviews to understand the impact of the tool on experienced developers, and how it performs in comparison with other static analyzers.
We learned that the availability of our tool as a default IDE feature and its automatic execution are the main reasons for its adoption. Moreover, the fact that immediate feedback is provided directly in the related development context is essential to keeping developers satisfied, although in certain cases feedback delivered later was deemed more useful. We also discovered that static analyzers can play an educational role, especially in combination with domain- specific rules.
Agile Testing in the Enterprise 2016
The document discusses challenges with agile testing in large enterprises and across distributed teams. It outlines some of the common challenges such as bureaucracy, multiple concurrent projects, and dependencies between teams. The document then provides several key testing practices that can work across teams, such as coordinating test planning, creating a shared test matrix, and using examples and tests to develop a common language. It emphasizes the importance of transparency between teams by sharing information and dependencies to reduce blame and ensure everyone understands the shared goals.
Key Success Factors for Agile Testing 2016
Success factors and practices from the books "Agile Testing" and "More Agile Testing" by Janet Gregory and Lisa Crispin
QA evolution to the present day
This document summarizes the evolution of different schools of testing and quality assurance from the analytic school to present-day context-driven school. It traces how the field grew from a mathematics-focused analytic school to incorporate standards, quality protection for customers, agile development, and an emphasis on context. The document also briefly outlines typical roles and workflows for quality engineers, noting they provide critical feedback and knowledge of features while protecting users from bad software.
QA evolution, in pictures
This document summarizes the evolution of different schools of software testing approaches over time. It describes the Analytic School which focused on testing as a branch of mathematics. The Standard School emphasized managing predictable and repeatable testing to measure development progress. The Quality School viewed testing as protecting users from bad software. The Agile School focused on iterative development of small features and automated testing. The Context-Driven School believes the context is most important and that testing provides information rather than pass/fail results. Overall, the best approach depends on the context and all want quality but nobody wants to pay for testing.
Katrina
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
Mysapce Digiday Social
MySpace sees record engagement levels with its users spending over 20 billion minutes and viewing over 43 billion pages on the site monthly. The site has over 1.5 billion images and 60,000 new videos uploaded daily by its highly engaged audience of various demographics. MySpace allows for discovery of people through over 10 billion friend connections, culture through citizen journalism on its journal feature, and content with over 1 billion video streams in the first 48 hours of new content launches.
Recommended
JIT Feedback — what Experienced Developers like about Static Analysis (icpc2018)
Although software developers are usually reluctant to use static analysis to detect issues in their source code, our automatic just-in-time static analysis assistant was integrated into an Integrated Development Environment, and was evaluated positively by its users. We conducted interviews to understand the impact of the tool on experienced developers, and how it performs in comparison with other static analyzers.
We learned that the availability of our tool as a default IDE feature and its automatic execution are the main reasons for its adoption. Moreover, the fact that immediate feedback is provided directly in the related development context is essential to keeping developers satisfied, although in certain cases feedback delivered later was deemed more useful. We also discovered that static analyzers can play an educational role, especially in combination with domain- specific rules.
Agile Testing in the Enterprise 2016
The document discusses challenges with agile testing in large enterprises and across distributed teams. It outlines some of the common challenges such as bureaucracy, multiple concurrent projects, and dependencies between teams. The document then provides several key testing practices that can work across teams, such as coordinating test planning, creating a shared test matrix, and using examples and tests to develop a common language. It emphasizes the importance of transparency between teams by sharing information and dependencies to reduce blame and ensure everyone understands the shared goals.
Key Success Factors for Agile Testing 2016
Success factors and practices from the books "Agile Testing" and "More Agile Testing" by Janet Gregory and Lisa Crispin
QA evolution to the present day
This document summarizes the evolution of different schools of testing and quality assurance from the analytic school to present-day context-driven school. It traces how the field grew from a mathematics-focused analytic school to incorporate standards, quality protection for customers, agile development, and an emphasis on context. The document also briefly outlines typical roles and workflows for quality engineers, noting they provide critical feedback and knowledge of features while protecting users from bad software.
QA evolution, in pictures
This document summarizes the evolution of different schools of software testing approaches over time. It describes the Analytic School which focused on testing as a branch of mathematics. The Standard School emphasized managing predictable and repeatable testing to measure development progress. The Quality School viewed testing as protecting users from bad software. The Agile School focused on iterative development of small features and automated testing. The Context-Driven School believes the context is most important and that testing provides information rather than pass/fail results. Overall, the best approach depends on the context and all want quality but nobody wants to pay for testing.
Katrina
The document discusses the benefits of exercise for mental health. Regular physical activity can help reduce anxiety and depression and improve mood and cognitive functioning. Exercise causes chemical changes in the brain that may help protect against mental illness and improve symptoms.
Mysapce Digiday Social
MySpace sees record engagement levels with its users spending over 20 billion minutes and viewing over 43 billion pages on the site monthly. The site has over 1.5 billion images and 60,000 new videos uploaded daily by its highly engaged audience of various demographics. MySpace allows for discovery of people through over 10 billion friend connections, culture through citizen journalism on its journal feature, and content with over 1 billion video streams in the first 48 hours of new content launches.
Frozenrails2011
The document discusses strategies for reducing "Red", which refers to work in progress or unfinished tasks. It provides examples of refactoring patterns like parallel change and narrowed change that can be used to limit Red. It emphasizes measuring and visualizing Red to understand its causes and learn from tests. Reducing context switching and using small batch sizes are advised. Refactoring code incrementally using techniques like extracting methods and removing control flags is recommended to introduce changes gradually.
Acceptance testing in the land of the startup
Presentation given at Agile 2011 talking about Acceptance testing in Startups. Looking at Songkick.com as an example.
Rubykaigi 2011 Limited Red talk
The document discusses testing software and measuring results in red, including works in progress on limiting, measuring, and visualizing red tests. It addresses whether those involved are professionals and learning from test metrics. URLs are provided for coding dojos, refactoring catalogs, and the author's Twitter and email.
The Limited Red Society
The document discusses limiting work in progress (WIP) or "Red" by measuring and visualizing it. Red refers to tasks that are not completed and in a work in progress state. It provides several patterns for fighting Red like parallel change, narrowed change, sequence change and graceful retreat. It emphasizes measuring Red to learn from test metrics and adapt practices accordingly to keep Red limited and work in smaller batch sizes.
Spa2011
The document discusses the rules and concepts of the board game Go. It outlines four key rules: Capture, where a player removes opponent's stones with no liberties; Suicide, where a player cannot place a stone that would result in their own stones being captured; Ko, where a player cannot recreate the exact same board position as their previous move; and Ending, where the game ends when both players have consecutively passed. It also provides examples of using Cucumber to define scenarios representing the rules of Go in a behavior-driven development style.
Testing outside of the Ruby World
The document contains a series of nonsensical symbols and text fragments with no clear meaning. It includes programming language keywords and testing concepts like properties, mocking, concurrency, and metrics but does not form coherent sentences.
Rubyconf lightning talk
RedLearn is a test metric recording service that learns from test results to help teams run tests smarter. It analyzes performance, failure rates, change rates, and flickering tests to identify refactoring opportunities. Users can contact Joseph Wilk at joe@josephwilk.net to learn more about how RedLearn works and how it can help teams improve their testing processes.
Acceptance testing in the land of the startup
Acceptance testing is important for startups to measure that software is meeting business needs. The document discusses Cucumber as a behavior-driven development tool for writing acceptance tests in plain text. It provides examples of Cucumber features and scenarios. It also covers best practices like dividing tests across different parts of the system, dealing with flakiness, and limiting test runs with tags.
Cucumber Patterns Workshop
The document outlines an approach for writing self-help patterns using cucumbers. It includes brainstorming features and organizing them by stakeholders. Goals are to learn pattern writing approaches and techniques. Sections provide guidance on what makes good patterns, including being understandable and solving natural problems. Examples are given for organizing cucumber features by output and conversation. The process involves brainstorming, organizing, and reviewing patterns.
Musichackday
Music Hack Day Boston was an event organized by Joseph Wilk. The event brought together musicians, artists, and technologists to collaborate on new music and audio projects over a single day. Details about the event were sparse, containing only the organizer's name and the location of Boston.
Rocket Fuelled Cucumbers
Rocket Fuelled Cucumbers discusses strategies for dealing with slow cucumber test suites, including:
- Using Spork to preload support code to speed up test runs
- Tagging tests to run focused subsets based on features, filenames, or tags
- Distributing tests across multiple servers using Testjour to parallelize testing
- Looking to cloud providers like EC2 to gain additional hardware resources
- Dividing applications and tests along service boundaries to isolate components
Cucumber Ru09 Web
The document discusses Cucumber, a tool for writing acceptance tests in a business-readable domain-specific language called Gherkin. It touches on how Cucumber supports over 28 languages by compiling Gherkin grammars into the target language. It also provides examples of tagging scenarios and features in Cucumber to enable focused testing. Finally, it recommends further reading resources for learning more about Cucumber.
Cucumbered
The document discusses using Cucumber to improve communication with customers and users. It mentions that Cucumber provides a language to describe features in plain text which can then be compiled into code to automate testing and ensure acceptance criteria are met. It also notes that Cucumber supports over 28 languages to describe tests in a natural language familiar to both customers and developers.
Dynamic Workflow Pulling the Strings
The document discusses intelligent workflow management systems (iWFMS) as an improvement over traditional workflow management systems (WFMS). An iWFMS uses artificial intelligence planning techniques like event calculus to better handle new situations and requirements. It describes an iWFMS developed for HTML form systems using event calculus planning and a hospital drug prescription model as an example workflow. The iWFMS architecture incorporates logic programming to define workflows and handle changes more effectively than conventional WFMS.
Outside-in Development with Cucumber and Rspec
Talk given by Joseph Wilk at Scotland on Rails 2009. Examines how Cucumber and Rspec fit together in the testing workflow, how and why Cucumber is useful and how it works. Walks through a simple example based on renting DVDs showing how to use Cucumber and some of the best practices. Looks at how Webrat can drive Selenium to in-turn drive Cucumber features through the browser.
Testing with Ruby
The document discusses various tools for testing Ruby code including RSpec for unit testing objects, Cucumber for behavior-driven development, Webrat for acceptance testing web applications, and others. It provides examples of using RSpec to test objects, Cucumber features and scenarios, and measuring test coverage with tools like Rcov. The document also briefly discusses more advanced testing techniques like profile testing code with Spec Profle, mutating code to cause test failures with Heckle, and potential future testing tools.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Epistemic Interaction - tuning interfaces to provide information for AI support
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Securing your Kubernetes cluster_ a step-by-step guide to success !
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Microsoft - Power Platform_G.Aspiotis.pdf
Revolutionizing Application Development
with AI-powered low-code, presentation by George Aspiotis, Sr. Partner Development Manager, Microsoft
By Design, not by Accident - Agile Venture Bolzano 2024
As presented at the Agile Venture Bolzano, 4.06.2024
More Related Content
More from Joseph Wilk
Frozenrails2011
The document discusses strategies for reducing "Red", which refers to work in progress or unfinished tasks. It provides examples of refactoring patterns like parallel change and narrowed change that can be used to limit Red. It emphasizes measuring and visualizing Red to understand its causes and learn from tests. Reducing context switching and using small batch sizes are advised. Refactoring code incrementally using techniques like extracting methods and removing control flags is recommended to introduce changes gradually.
Acceptance testing in the land of the startup
Presentation given at Agile 2011 talking about Acceptance testing in Startups. Looking at Songkick.com as an example.
Rubykaigi 2011 Limited Red talk
The document discusses testing software and measuring results in red, including works in progress on limiting, measuring, and visualizing red tests. It addresses whether those involved are professionals and learning from test metrics. URLs are provided for coding dojos, refactoring catalogs, and the author's Twitter and email.
The Limited Red Society
The document discusses limiting work in progress (WIP) or "Red" by measuring and visualizing it. Red refers to tasks that are not completed and in a work in progress state. It provides several patterns for fighting Red like parallel change, narrowed change, sequence change and graceful retreat. It emphasizes measuring Red to learn from test metrics and adapt practices accordingly to keep Red limited and work in smaller batch sizes.
Spa2011
The document discusses the rules and concepts of the board game Go. It outlines four key rules: Capture, where a player removes opponent's stones with no liberties; Suicide, where a player cannot place a stone that would result in their own stones being captured; Ko, where a player cannot recreate the exact same board position as their previous move; and Ending, where the game ends when both players have consecutively passed. It also provides examples of using Cucumber to define scenarios representing the rules of Go in a behavior-driven development style.
Testing outside of the Ruby World
The document contains a series of nonsensical symbols and text fragments with no clear meaning. It includes programming language keywords and testing concepts like properties, mocking, concurrency, and metrics but does not form coherent sentences.
Rubyconf lightning talk
RedLearn is a test metric recording service that learns from test results to help teams run tests smarter. It analyzes performance, failure rates, change rates, and flickering tests to identify refactoring opportunities. Users can contact Joseph Wilk at joe@josephwilk.net to learn more about how RedLearn works and how it can help teams improve their testing processes.
Acceptance testing in the land of the startup
Acceptance testing is important for startups to measure that software is meeting business needs. The document discusses Cucumber as a behavior-driven development tool for writing acceptance tests in plain text. It provides examples of Cucumber features and scenarios. It also covers best practices like dividing tests across different parts of the system, dealing with flakiness, and limiting test runs with tags.
Cucumber Patterns Workshop
The document outlines an approach for writing self-help patterns using cucumbers. It includes brainstorming features and organizing them by stakeholders. Goals are to learn pattern writing approaches and techniques. Sections provide guidance on what makes good patterns, including being understandable and solving natural problems. Examples are given for organizing cucumber features by output and conversation. The process involves brainstorming, organizing, and reviewing patterns.
Musichackday
Music Hack Day Boston was an event organized by Joseph Wilk. The event brought together musicians, artists, and technologists to collaborate on new music and audio projects over a single day. Details about the event were sparse, containing only the organizer's name and the location of Boston.
Rocket Fuelled Cucumbers
Rocket Fuelled Cucumbers discusses strategies for dealing with slow cucumber test suites, including:
- Using Spork to preload support code to speed up test runs
- Tagging tests to run focused subsets based on features, filenames, or tags
- Distributing tests across multiple servers using Testjour to parallelize testing
- Looking to cloud providers like EC2 to gain additional hardware resources
- Dividing applications and tests along service boundaries to isolate components
Cucumber Ru09 Web
The document discusses Cucumber, a tool for writing acceptance tests in a business-readable domain-specific language called Gherkin. It touches on how Cucumber supports over 28 languages by compiling Gherkin grammars into the target language. It also provides examples of tagging scenarios and features in Cucumber to enable focused testing. Finally, it recommends further reading resources for learning more about Cucumber.
Cucumbered
The document discusses using Cucumber to improve communication with customers and users. It mentions that Cucumber provides a language to describe features in plain text which can then be compiled into code to automate testing and ensure acceptance criteria are met. It also notes that Cucumber supports over 28 languages to describe tests in a natural language familiar to both customers and developers.
Dynamic Workflow Pulling the Strings
The document discusses intelligent workflow management systems (iWFMS) as an improvement over traditional workflow management systems (WFMS). An iWFMS uses artificial intelligence planning techniques like event calculus to better handle new situations and requirements. It describes an iWFMS developed for HTML form systems using event calculus planning and a hospital drug prescription model as an example workflow. The iWFMS architecture incorporates logic programming to define workflows and handle changes more effectively than conventional WFMS.
Outside-in Development with Cucumber and Rspec
Talk given by Joseph Wilk at Scotland on Rails 2009. Examines how Cucumber and Rspec fit together in the testing workflow, how and why Cucumber is useful and how it works. Walks through a simple example based on renting DVDs showing how to use Cucumber and some of the best practices. Looks at how Webrat can drive Selenium to in-turn drive Cucumber features through the browser.
Testing with Ruby
The document discusses various tools for testing Ruby code including RSpec for unit testing objects, Cucumber for behavior-driven development, Webrat for acceptance testing web applications, and others. It provides examples of using RSpec to test objects, Cucumber features and scenarios, and measuring test coverage with tools like Rcov. The document also briefly discusses more advanced testing techniques like profile testing code with Spec Profle, mutating code to cause test failures with Heckle, and potential future testing tools.
More from Joseph Wilk (16)
Recently uploaded
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Epistemic Interaction - tuning interfaces to provide information for AI support
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Securing your Kubernetes cluster_ a step-by-step guide to success !
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Microsoft - Power Platform_G.Aspiotis.pdf
Revolutionizing Application Development
with AI-powered low-code, presentation by George Aspiotis, Sr. Partner Development Manager, Microsoft
By Design, not by Accident - Agile Venture Bolzano 2024
As presented at the Agile Venture Bolzano, 4.06.2024
Full-RAG: A modern architecture for hyper-personalization
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar
Communications Mining Series - Zero to Hero - Session 1
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Video Streaming: Then, Now, and in the Future
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Removing Uninteresting Bytes in Software Fuzzing
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
UiPath Test Automation using UiPath Test Suite series, part 5
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Pushing the limits of ePRTC: 100ns holdover for 100 days
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
20240607 QFM018 Elixir Reading List May 2024
Everything I found interesting about the Elixir programming ecosystem in May 2024
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
A tale of scale & speed: How the US Navy is enabling software delivery from l...
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
ここ3000字までしか入らないけどタイトルの方がたくさん文字入ると思います。
Recently uploaded (20)
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdf
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Full-RAG: A modern architecture for hyper-personalization
Full-RAG: A modern architecture for hyper-personalization
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
GraphSummit Singapore | Neo4j Product Vision & Roadmap - Q2 2024
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
A tale of scale & speed: How the US Navy is enabling software delivery from l...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
The Limited Red Society
- 1. Limited Red Oh crap Joseph Wilk
- 3. Red == Work in Progress
- 4. Why is Red Bad?
- 5. Limit Red Measure Red Visualise Red Learn
- 11. Limited Red Learn and adapt from test metrics
- 13. Industrial Logic
- 14. Industrial Logic
- 17. Fighting Red
- 18. Patterns ‣Parallel Change ‣Narrowed Change ‣Sequence Change ‣Graceful Retreat ‣Piecemeal Change ‣Gradual Change ‣Evolved Target ‣Unified Methods Joshua Kerievsky
- 20. Learning more from Red ‣ Smart Continuous integration ‣ Failure rate of tests ‣ Failure / Change rate ‣ Performance of tests ‣ Flickering tests
- 22. Evil hat
- 24. “To measure is to know” Lord Kelvin
- 25. Thanks @josephwilk joe@josephwilk.net
- 26. Thanks @josephwilk joe@josephwilk.net Pass