Presentation on Apache Wicket delivered at JavaPolis 2007 in Antwerp. We introduce Wicket, learn the concepts and go through developing an online Cheese store
The current state of the Apache Wicket framework in 2014 as presented at the DEVdev meetup held in Deventer, the Netherlands.
- A critique of ThoughtWorks' Technology Review 2014 where they slam JSF (jay) as a concept (nay)
- A look back at 10 years of Wicket
- A review of the current Wicket versions
- An outlook and roadmap for Wicket 7 and Wicket 8
The DEVdev (Deventer Developers) is a new meetup for any developer in the eastern part of the Netherlands (the right side of the IJssel river). This presentation was delivered at the first meetup, and was kindly sponsored by Topicus B.V.
HTMX: Web 1.0 with the benefits of Web 2.0 without the grift of Web 3.0Martijn Dashorst
HTMX is an upcoming client side library to make rich applications development palatable to backend developers: it puts the HTML back into the development of the web!
HTMX uses attributes to enable HTML elements to send requests and respond to server side rendered HTML content, updating your page dynamically.
It is a refreshing way of building web applications and I'd like to show you why this should be added to your toolbox.
The talk was given at the 20th anniversary edition of JFall, November 9th 2023 in the Netherlands.
While our predecessor product(s) were a COBOL application and later a Windows client/server application distributed on floppies, since 2005 we rock a Java web application that has gone through a lot of changes to keep up with the times. No longer duplicating 5 1/4” 1.2M floppies over the weekend and mailing them to our customers, but a single `git push` will deliver our latest version to our customers.
In this session you will learn how we made our application survive for 18 years and still be relevant. Learn how we rearchitected our application from 2005 to 2022, and more importantly, what we did wrong so you can avoid our mistakes. We migrated from Java 1.4 to Java 17, we moved from tomcat+hibernate+velocity via tomcat+hibernate+wicket+cxf+axis+spring+jgroups+ehcache to wildfly+wicket, from deploying on physical hardware to virtual kubernetes nodes. From manually scp-ing releases to gitops, and from Oracle to Postgresql, causing a 5 week outage.
If you learn only one thing from Martijn Dashorst’s session: always have a plan B.
A short introduction to the SOLID principles of Object Oriented Programming in (mostly) Dutch.
- Single responsibility
- Open/Closed
- Lishkov Substitution
- Interface Segregation
- Dependency Inversion
This presentation was given at a meetup for Working Spirit in Deventer.
Converting 85% of Dutch Primary Schools from Oracle to PostgreSQLMartijn Dashorst
This case study describes migrating the most used application for primary schools in the Netherlands from Oracle to PostgreSQL. The application uses a multi-tenant, single schema database (i.e. 6000 schools in a single database) and runs using a typical Java EE frontend.
You will learn about our application architecture, hardware platform, reasons for switching, migration strategies considered and the results of our migration.
Since the CFP closes one week before our actual migration we can't reveal the results in this abstract, but the presentation will capture all the things that went wrong and well
The relationship between developers and documentation is best described as “It’s complicated”. Developers complain a lot about the lack of documentation but fail to write it themselves. How can you make writing documentation more enjoyable and use software engineering principles and tools for writing and maintaining documentation?
Join Martijn Dashorst in this session to discover how to use Git, Docker, Maven, Selenium, Asciidoctor, Markdown, Jenkins and Arquillian to make documentation more comfortable like coding. Learn how you can get a user manual with always up-to-date screenshots, and keep your code examples always compiling and tested.
The Apache Wicket community is working hard to build the new major release of Wicket. One of the tentpole features is the move to Java 8 as a minimum requirement. Why did we do that, and how does this improve my Wicket code? Learn how to apply Java 8 features such as lambdas and the new DateTime API in your Wicket applications, and learn what else the community is creating for your benefit.
The current state of the Apache Wicket framework in 2014 as presented at the DEVdev meetup held in Deventer, the Netherlands.
- A critique of ThoughtWorks' Technology Review 2014 where they slam JSF (jay) as a concept (nay)
- A look back at 10 years of Wicket
- A review of the current Wicket versions
- An outlook and roadmap for Wicket 7 and Wicket 8
The DEVdev (Deventer Developers) is a new meetup for any developer in the eastern part of the Netherlands (the right side of the IJssel river). This presentation was delivered at the first meetup, and was kindly sponsored by Topicus B.V.
HTMX: Web 1.0 with the benefits of Web 2.0 without the grift of Web 3.0Martijn Dashorst
HTMX is an upcoming client side library to make rich applications development palatable to backend developers: it puts the HTML back into the development of the web!
HTMX uses attributes to enable HTML elements to send requests and respond to server side rendered HTML content, updating your page dynamically.
It is a refreshing way of building web applications and I'd like to show you why this should be added to your toolbox.
The talk was given at the 20th anniversary edition of JFall, November 9th 2023 in the Netherlands.
While our predecessor product(s) were a COBOL application and later a Windows client/server application distributed on floppies, since 2005 we rock a Java web application that has gone through a lot of changes to keep up with the times. No longer duplicating 5 1/4” 1.2M floppies over the weekend and mailing them to our customers, but a single `git push` will deliver our latest version to our customers.
In this session you will learn how we made our application survive for 18 years and still be relevant. Learn how we rearchitected our application from 2005 to 2022, and more importantly, what we did wrong so you can avoid our mistakes. We migrated from Java 1.4 to Java 17, we moved from tomcat+hibernate+velocity via tomcat+hibernate+wicket+cxf+axis+spring+jgroups+ehcache to wildfly+wicket, from deploying on physical hardware to virtual kubernetes nodes. From manually scp-ing releases to gitops, and from Oracle to Postgresql, causing a 5 week outage.
If you learn only one thing from Martijn Dashorst’s session: always have a plan B.
A short introduction to the SOLID principles of Object Oriented Programming in (mostly) Dutch.
- Single responsibility
- Open/Closed
- Lishkov Substitution
- Interface Segregation
- Dependency Inversion
This presentation was given at a meetup for Working Spirit in Deventer.
Converting 85% of Dutch Primary Schools from Oracle to PostgreSQLMartijn Dashorst
This case study describes migrating the most used application for primary schools in the Netherlands from Oracle to PostgreSQL. The application uses a multi-tenant, single schema database (i.e. 6000 schools in a single database) and runs using a typical Java EE frontend.
You will learn about our application architecture, hardware platform, reasons for switching, migration strategies considered and the results of our migration.
Since the CFP closes one week before our actual migration we can't reveal the results in this abstract, but the presentation will capture all the things that went wrong and well
The relationship between developers and documentation is best described as “It’s complicated”. Developers complain a lot about the lack of documentation but fail to write it themselves. How can you make writing documentation more enjoyable and use software engineering principles and tools for writing and maintaining documentation?
Join Martijn Dashorst in this session to discover how to use Git, Docker, Maven, Selenium, Asciidoctor, Markdown, Jenkins and Arquillian to make documentation more comfortable like coding. Learn how you can get a user manual with always up-to-date screenshots, and keep your code examples always compiling and tested.
The Apache Wicket community is working hard to build the new major release of Wicket. One of the tentpole features is the move to Java 8 as a minimum requirement. Why did we do that, and how does this improve my Wicket code? Learn how to apply Java 8 features such as lambdas and the new DateTime API in your Wicket applications, and learn what else the community is creating for your benefit.
Java Serialization is often considered a dark art of Java programmers. This session will lift the veil and show what serialization is and isn't, how you can use it for profit and evil. After this session no NotSerializableException will be unconquerable.
How can you make code reviews more palatable? This drinking game will make any code review interesting and enjoyable. For Java/.Net programmers, and a special drinking game for JavaScript code reviews.
Na jaren projecten te duur en te laat opgeleverd te hebben met de waterval projectmethodiek heeft de IT industrie een nieuwe projectaanpak omarmt als de zilveren kogel die te late en te dure projecten achter zich zou laten. Door in korte iteraties op je doel af te gaan, waarbij het doel ook nog eens mag bewegen beloven deze nieuwe projectaanpakken als Scrum gouden bergen. Maakt deze beweging de belofte waar en is deze aanpak een goede match voor het (project)onderwijs?
In deze sessie legt Martijn Dashorst kort de moderne projectaanpakken uit, Scrum in het bijzonder, en hoe deze binnen Topicus toegepast worden om van koffie software te maken. Tot slot kijkt Martijn vanuit de onderwijspraktijk naar hoe goed Scrum matcht binnen het Hoger Onderwijs om zo de geschikheid van deze aanpak voor projectgroepen te analyseren.
Who Automates the Automators? (Quis Automatiet Ipsos Automates?)Martijn Dashorst
Who automates the automators? For a lot of people the future seems uncertain: automation may eat their jobs. Old and new industries are ripe for disruption: transportation, healthcare, education, finance, law and even the culinary industry are being automated as we speak. When chauffeurs and truck drivers fear that they won't be able to hitch a ride into the future, should the automators perhaps wonder... when is it our turn to be automated? Who automates the automators?
Martijn Dashorst takes a look at the future of the programmer: are we also without a job when the last doctor, lawyer, 3-star chef and driver have been automated?
Het oorspronkelijke verhaal van de Schone Coder geschreven door de gebroeders Scrum over hoe Assertpoetser in een vervloekt project terecht kwam dat het rijk in 100 jaar technical debt stortte. Kan Prinses Agile hem op tijd redden? Sprintten ze nog lang en gelukkig?
In deze lunchlezing vertelt Martijn Dashorst over het wel en wee van de coder die in een wereld vol tegenstrijdige belangen probeert te overleven en zinvol werk te leveren. Hoe krijg je een goede hygiene voor jou, je omgeving en je code? Hoe voorkom je 10 jaar lange technical debt? Met meer dan 20 jaar ontwikkelervaring biedt Martijn een blik in de keuken van een professionele software ontwikkelaar.
With the Tenth Anniversary of Wicket behind us, Wicket is still one of the thriving survivors of the Great Web Framework Wars of the mid 00's. Is there a future for server-side frameworks? In this presentation Martijn Dashorst provides a brief history of Wicket.
With a State of the Wicket, Martijn will look at who is currently using Wicket, the community and current release plans.
The majority of this session will be dedicated to the future of Wicket: does a component oriented, Java web framework have a future in the era of native clients and client side JavaScript frameworks? Martijn will layout the plans of making Wicket more productive for current users, on integrating better with JavaEE technologies and much more.
Apache Wicket strives to enable developers to be very productive and craft maintainable web applications. Java EE also enables developers to achieve high productivity. So what happens when you combine both technologies? In this session Martijn Dashorst shows how to leverage the available Java EE technologies such as CDI, JPA, Bean Validation and JAX-RS in your Wicket applications.
Presentation about Apache Wicket given at FOSDEM 2011. Apache Wicket is an open source, component oriented Java web framework. This presentation features an introduction to the Wicket framework and showcases some of the new features in the upcoming 1.5 release of Wicket.
A Dutch presentation (with English quotes) about the ongoing renaissance in software engineering where we transition from begin regarded as mere drones to software craftsmen. This presentation is heavily influenced by Robert C. Martin's The Renaissance of Craftsmanship.
Wicket in Action is the introduction I gave at the Øredev conference in Malmö, Sweden in November 2008. You'll learn about Wicket, Components, Models, Integrating Spring, Testing, and deploying your Wicket application.
Unfortunately slideshare doesn't work with accented letters in the URL, so I had to change the title.
Wicket Live on Stage features a Wicket project that has been in production use for over a year. The application is a web application for dutch highschools for administration of students' data for funding, guidance, graduation, attendance and financial purposes.
The presentation describes the road to choosing Wicket as the core framework, and includes screenshots of the live demo (which isn't captured in this presentation) of Vocus (http://www.vocuslis.nl).
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Java Serialization is often considered a dark art of Java programmers. This session will lift the veil and show what serialization is and isn't, how you can use it for profit and evil. After this session no NotSerializableException will be unconquerable.
How can you make code reviews more palatable? This drinking game will make any code review interesting and enjoyable. For Java/.Net programmers, and a special drinking game for JavaScript code reviews.
Na jaren projecten te duur en te laat opgeleverd te hebben met de waterval projectmethodiek heeft de IT industrie een nieuwe projectaanpak omarmt als de zilveren kogel die te late en te dure projecten achter zich zou laten. Door in korte iteraties op je doel af te gaan, waarbij het doel ook nog eens mag bewegen beloven deze nieuwe projectaanpakken als Scrum gouden bergen. Maakt deze beweging de belofte waar en is deze aanpak een goede match voor het (project)onderwijs?
In deze sessie legt Martijn Dashorst kort de moderne projectaanpakken uit, Scrum in het bijzonder, en hoe deze binnen Topicus toegepast worden om van koffie software te maken. Tot slot kijkt Martijn vanuit de onderwijspraktijk naar hoe goed Scrum matcht binnen het Hoger Onderwijs om zo de geschikheid van deze aanpak voor projectgroepen te analyseren.
Who Automates the Automators? (Quis Automatiet Ipsos Automates?)Martijn Dashorst
Who automates the automators? For a lot of people the future seems uncertain: automation may eat their jobs. Old and new industries are ripe for disruption: transportation, healthcare, education, finance, law and even the culinary industry are being automated as we speak. When chauffeurs and truck drivers fear that they won't be able to hitch a ride into the future, should the automators perhaps wonder... when is it our turn to be automated? Who automates the automators?
Martijn Dashorst takes a look at the future of the programmer: are we also without a job when the last doctor, lawyer, 3-star chef and driver have been automated?
Het oorspronkelijke verhaal van de Schone Coder geschreven door de gebroeders Scrum over hoe Assertpoetser in een vervloekt project terecht kwam dat het rijk in 100 jaar technical debt stortte. Kan Prinses Agile hem op tijd redden? Sprintten ze nog lang en gelukkig?
In deze lunchlezing vertelt Martijn Dashorst over het wel en wee van de coder die in een wereld vol tegenstrijdige belangen probeert te overleven en zinvol werk te leveren. Hoe krijg je een goede hygiene voor jou, je omgeving en je code? Hoe voorkom je 10 jaar lange technical debt? Met meer dan 20 jaar ontwikkelervaring biedt Martijn een blik in de keuken van een professionele software ontwikkelaar.
With the Tenth Anniversary of Wicket behind us, Wicket is still one of the thriving survivors of the Great Web Framework Wars of the mid 00's. Is there a future for server-side frameworks? In this presentation Martijn Dashorst provides a brief history of Wicket.
With a State of the Wicket, Martijn will look at who is currently using Wicket, the community and current release plans.
The majority of this session will be dedicated to the future of Wicket: does a component oriented, Java web framework have a future in the era of native clients and client side JavaScript frameworks? Martijn will layout the plans of making Wicket more productive for current users, on integrating better with JavaEE technologies and much more.
Apache Wicket strives to enable developers to be very productive and craft maintainable web applications. Java EE also enables developers to achieve high productivity. So what happens when you combine both technologies? In this session Martijn Dashorst shows how to leverage the available Java EE technologies such as CDI, JPA, Bean Validation and JAX-RS in your Wicket applications.
Presentation about Apache Wicket given at FOSDEM 2011. Apache Wicket is an open source, component oriented Java web framework. This presentation features an introduction to the Wicket framework and showcases some of the new features in the upcoming 1.5 release of Wicket.
A Dutch presentation (with English quotes) about the ongoing renaissance in software engineering where we transition from begin regarded as mere drones to software craftsmen. This presentation is heavily influenced by Robert C. Martin's The Renaissance of Craftsmanship.
Wicket in Action is the introduction I gave at the Øredev conference in Malmö, Sweden in November 2008. You'll learn about Wicket, Components, Models, Integrating Spring, Testing, and deploying your Wicket application.
Unfortunately slideshare doesn't work with accented letters in the URL, so I had to change the title.
Wicket Live on Stage features a Wicket project that has been in production use for over a year. The application is a web application for dutch highschools for administration of students' data for funding, guidance, graduation, attendance and financial purposes.
The presentation describes the road to choosing Wicket as the core framework, and includes screenshots of the live demo (which isn't captured in this presentation) of Vocus (http://www.vocuslis.nl).
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
10. Wicket Welcome to Apache Wicket
Home With proper mark-up/logic
separation, a POJO data mo
Introduction del, and a refreshing lack of
makes developing web -apps XML, Apache Wicket
simple and enjoyable again.
Swap the boilerplate, comple
Planet Wicket brittle code for powerful, reu x debugging and
sable components written wit
h plain Java and HTML.
Community
Check the feature list
News Read some Wicket buzz, som
e Wicket blogs or Planet Wic
ket
Find out why you should use
Wicket
Getting Started Check out some selected exa
mples in detail or see them
and many more in live action
Take a look at our live compon
Examples ent reference
Go and download Wicket .
Getting Wicket
Wicket is released under the
Components Apache License, Version 2.0
.
QuickStart
Community meetings
Documentation
The Wicket community is a
very active community. The
mailing lists and the irc cha
But for those that prefer fac nnel are proof of that.
Wiki e to face meetings, several com
munity members have organi
zed meetups.
Blogs
Country
Where
Reference
When
USA
San Francisco
Vision to be determined
Belgium
Antwerp
JavaDocs JavaPolis'07 (dec 12th-14th
)
The United Kingdom
London
The first Tuesday of every mo
Releases The Netherlands nth
Amsterdam
ApacheCon EU'08
Denmark
Copenhagen
Wicket 1.3-rc to be determined
Austria
Linz/Hagenberg
Wicket 1.2 to be determined
Sweden
Wicket 1.1 Stockholm
Januari
Brazil
Wicket 1.0 Rio de Janeiro
to be determined
USA
Minneapolis/Seattle
to be determined
Tool support
If you are interested in attendi
ng one of these events, please
add yourself to the appropriat
IDE plugins you want to organize such a e event, or if
meetup yourself, add it to the
community meetups page
News
Developers
www.javapolis.com 9
11. Apache Wicket
Component oriented
Open source
Web application framework
Java+HTML
www.javapolis.com 10
34. Projects
core
Wicket
Welcome to
Apache Wick
et
Home
With proper
Introduction mark-up/logic
extensions
separation, a
makes devel
Planet Wick POJO data mo
oping web-ap
et del, and a ref
ps simple an
brittle code
reshing lack
d enjoyable
for powerful,
Community again. Swap of XML, Apach
reusable comp the boilerplate e Wicket
onents writte , complex de
n with plain
Check the fea bugging and
News Java and HTML
ture list .
Read some Wi
cket buzz, so
Getting Star me Wicket blo
Find out why
ted gs or Planet
you should us Wicket
e Wicket
Check out so
me selected
examples in
Examples Take a look detail or see
at our live co them and ma
mponent ref
Getting Wick Go and down ny more in live
erence
et load Wicket. action
Components
Wicket is rel
eased under
ioc (spring, guice)
QuickStart the Apache Lic
ense, Version
2.0.
Commun
ity meetings
Documentatio
n
The Wicket co
mmunity is a
Wiki very active co
But for those mmunity. Th
that prefer fac e mailing list
e to face me
Blogs s and the irc
etings, severa channel are
l community proof of that.
Reference members ha
ve organized
Where meetups.
London, The
Vision United Kingd
om When
JavaDocs Amsterdam, The first Tuesd
The Netherla
nds ay of every mo
Antwerp, Belgi nth
date/time
Nov. 30th, 20
um
Releases 07
Copenhagen JavaPolis'07
, Denmark
(dec 12th-14
Wicket 1.3-r th)
Linz/Hagenbe
c to be determi
rg, Austria ned
Wicket 1.2 Stockholm, Sw to be determi
eden ned
Wicket 1.1 Rio de Janeir Januari
o, Brazil
Wicket 1.0 Minneapolis/ to be determi
Seattle, USA
ned
Tool suppor to be determi
If you are int ned
t erested in att
ending one of
you want to these events
organize such
IDE plugins , please add
a meetup yo yourself to the
urself, add it
velocity
appropriate
to the comm
News event, or if
unity meetups
Developers page
Apache Wick
Reporting bu et 1.3.0-rc1
gs
is released!
Writing docs
Nov 11, 2007
Building
This release
is the first in
a series of rel
ease candidate
s until we fee
l confident to
finalize Wicke
t 1.3. This
auth-roles
www.javapolis.com 22
36. Using maven to get Wicket
<dependency>
<groupId>org.apache.wicket</groupId>
<artifactId>wicket</artifactId>
<version>1.3.0-rc2</version>
</dependency>
www.javapolis.com 24
37. Agenda
What is Wicket?
Wicket concepts
Building a Wicket Application
Q&A
www.javapolis.com 25
39. Application
Main entry point for your web application
Initialization
Configuration
Homepage
Factories
Configured in web.xml
www.javapolis.com 27
43. Components
Encapsulate the programmatic manipulation
of markup
Render content in the response
Receive events in the request
onClick, onSubmit
Lots of em:
Label,
MultiLineLabel, TextField, PasswordTextField,
Image, Link, AjaxLink, AjaxFallbackLink, Tree,
BookmarkablePageLink, ListView, RepeatingView,
PagingNavigator, Button, ...
www.javapolis.com 31
44. Components
Component has wicket:id
Markup has same wicket:id
Hierarchy must match
<h1 wicket:id=“msg”>Gets replaced</h1>
new Label(“msg”, “Hello, World!”);
www.javapolis.com 32
45. Component: Link
<a href=”#” wicket:id=”link”>Click</a>
Link link = new Link(“link”);
add(link);
www.javapolis.com 33
46. Component: Link
<a href=”#” wicket:id=”link”>Click</a>
Link link = new Link(“link”) {
@Override public void onClick() {
// do something
setResponsePage(new NewPage());
}
};
add(link);
www.javapolis.com 34
47. Component: AjaxLink
<a href=”#” wicket:id=”link”>Click</a>
AjaxLink link = new AjaxLink(“link”) {
public void onClick(AjaxRequestTarget t) {
// do something
}
};
add(link);
www.javapolis.com 35
48. Component: AjaxLink
<a href=”#” wicket:id=”link”>Click</a>
someComponent.setOutputMarkupId(true);
AjaxLink link = new AjaxLink(“link”) {
public void onClick(AjaxRequestTarget t) {
// do something
t.addComponent(someComponent);
t.appendJavaScript(“Effects.fade(‘foo’);”);
}
};
www.javapolis.com 36
49. Component + Markup
Some components
have own markup file
Page, Panel, Border
Put Java, markup
and supporting files
in same package on
class path
www.javapolis.com 37
54. Models
Models bind your POJO’s to Wicket
components
Component Model
Component Model Domain
www.javapolis.com 42
55. Models
Models bind your POJO’s to Wicket
components
Label Model quot;Johnquot;
PropertyModel
Label Person
expression: quot;namequot;
www.javapolis.com 42
56. Java lazy binding sucks
Doesn’t update:
new Label(“name”, person.getName())
Null checks necessary:
new Label(“street”,
person.getAddress().getStreet())
www.javapolis.com 43
93. Reuse the shopping cart
Create ShoppingCartPanel.html
Create ShoppingCartPanel.java
Move cart markup to
ShoppingCartPanel.html
Move cart Java code to
ShoppingCartPanel.java
Use panel in home page and checkout page
www.javapolis.com 80
98. CheckOutPage: add Form
<form>
<h3>Check out</h3>
<p>Please enter your billing address.</p>
<form wicket:id=”form”>
<h3>Check out</h3>
<p>Please enter your billing address.</p>
add(new Form(quot;formquot;) {
@Override public void onSubmit() {
// do something with the order
setResponsePage(FrontPage.class);
}
}); www.javapolis.com 85
102. Create unit test for shopping cart
public void testRemove() {
WicketTester tester = new WicketTester();
final Cart cart = new Cart();
cart.getContents().add(Cheese.getCheeses().get(0));
cart.getContents().add(Cheese.getCheeses().get(1));
List<Cheese> expected = new ArrayList<Cheese>();
expected.add(Cheese.getCheeses().get(0));
expected.add(Cheese.getCheeses().get(1));
tester.startPanel(new TestPanelSource() {
public Panel getTestPanel(String panelId) {
return new ShoppingCartPanel(panelId, cart);
}
});
tester.assertListView(quot;panel:contentsquot;, expected);
tester.clickLink(quot;panel:contents:0:removequot;);
expected.remove(0);
tester.assertListView(quot;panel:contentsquot;, expected);
}
www.javapolis.com 89
103. Agenda
What is Wicket?
Wicket concepts
Building a Wicket Application
Q&A
www.javapolis.com 90
104. Wicket in Action
Wicket in Action
Eelco Hillenius
Martijn Dashorst
ISBN: 1-932394-98-2
~375 pages
MEAP + E-book: $27.50
MEAP + Dead tree: $49.90
0% ! Use coupon code
3f
f HC230 at checkout
o
www.javapolis.com 91
105. Summary
Apache Wicket is:
a furry animal
three sticks with stumps
a component oriented web application framework
Just Java and HTML
Easy Ajax
Good testing support
Great community
www.javapolis.com
106. Conclusion
“Wicket is good for my sex life”
“Seriously, I also have a wife and kid. And the
productivity gained from implementing in
Wicket is unsurpassed. The extraordinary
diagnostics available is worth it alone.
OOP isn't bastardized within this framework, it
is embraced...” – n n
http://www.theserverside.com/news/thread.tss?thread_id=34725#175612
www.javapolis.com