DeveloperWeek OPEN STAGE 2

Join on Hopin

Thursday, February 18, 2021

- PST
OPEN TALK: Search and Extract: Optimized Document Processing with iText pdf2Data and pdfOCR
Cal Reynolds
Cal Reynolds
iText, Software Engineer
Michael Demey
Michael Demey
iText Software, Research Engineer

In this talk we will demo an optimized PDF workflow using pdfOCR to recognize data in PDF documents, and pdf2Data to extract selected data from your OCR search. The beauty of using pdf2Data in this way is it can pick up exactly where pdfOCR leaves off, allowing you to both recognize and extract all kinds of data from PDF documents that would otherwise be inaccessible.

pdf2Data is our iText 7 add-on for smart data extraction from PDF documents. It’s tailored especially for extracting hard to reach data locked inside PDFs, and it fits neatly into the iText 7 ecosystem. The cherry on top? Anyone can quickly create a template for data extraction using the sleek user interface, with no need to tediously define document structures programmatically. Let the template designer assist you in creating your data extraction templates; no coding required!

If you haven’t tried it already, we’d like to give you a quick tour of its capabilities, while also demonstrating how it’s a great companion for our pdfOCR add-on.

- PST
OPEN TALK: Breaking News: DevSecOps Is Broken without RUNTIME Observability
Kiran Kamity
Kiran Kamity
DeepFactor.io, Founder & CEO
Mike Larkin
Mike Larkin
DeepFactor, Founder & CTO
Dr. Neil Daswani
Dr. Neil Daswani
Stanford Advanced Cyber Security Program, Co-Director

How confident are you that your code—including any 3rd party code your team brought in—is running in a secure and compliant manner before you deploy to production?

Imagine this - your developers check-in code for a new feature. It includes pieces of code your team wrote and pieces of code from a 3rd party. The code passes SAST & SCA and you deploy it to production. A day later, your production server is breached...and the attacker leveraged a bug in your code that caused privilege escalation and was able to become root.

In today’s microservices-containers/Kubernetes/Docker-DevOps world, a static code scanner isn't sufficient. You need RUNTIME observability into the application’s security, privacy, and compliance. Your developers need to know if their code or a 3rd party’s code can cause issues at runtime.

This panel of RUNTIME observability and security developers and experts will discuss the what, why, and how DeepFactor’s Continuous Observability platform:
- Automatically observes more than 170 parameters—across system call, library, network, web, and API behaviors in every thread of every process in every running container of your application—and detects security and compliance risks in your CI pipeline
- Detects insecure behaviors that only manifest at runtime and cannot be caught with code scanning or just looking at known CVE databases
- Reduces alert volume by prioritizing the findings of your SCA tools with runtime insights from observability tools
- Empowers Engineering leadership to accelerate productivity and decrease mean-time-to-remediate (MTTR) security and compliance risks pre-production as their teams ship secure releases on schedule

You’ll leave this session armed with the knowledge to immediately leverage continuous observability to consistently deploy apps with confidence.

- PST
OPEN TALK: Get Your CI/CD Pipeline Flowing
Kate Shastakova
Kate Shastakova
Trulioo, Front end developer
Alexander Julianto
Alexander Julianto
Trulioo, Software Engineer

When your team grows, last-minute deployment scrambles need to be swapped out for scalable pipelines. Our strategic insights will help you channel a sea of CI/CD tools and best practices to inspire your own end-to-end delivery pipeline for JavaScript projects. This seminar is a must-attend for those who are ready to streamline development processes and ensure quick releases without compromising code quality.


- PST
OPEN TALK: Creating Fully Reactive Applications with R2DBC
Rob Hedgpeth
Rob Hedgpeth
MariaDB, Director, Developer Relations

Not too long ago, a reactive variant of the JDBC API was released, known as Reactive Relational Database Connectivity (R2DBC). While R2DBC started as an experiment to enable integration of SQL databases into systems that use reactive programming models, it now specifies a robust specification that can be implemented to manage data in a fully-reactive and completely non-blocking fashion.

In this session, we’ll briefly go over the fundamentals that make R2DBC so powerful. We'll keep light on the slides so that we can jump directly into application code to get a first-hand look at the recently released R2DBC client from MariaDB. From there we'll examine how you can take advantage of crucial concepts, like event-driven behavior and backpressure, that enable fully-reactive, non-blocking interactions with a relational database.

- PST
OPEN TALK: Shift Data Security to the Left
Steve Luplow
Steve Luplow
Absio Corporation, Vice President, Software Development

Historically, data security has been an afterthought — something that others handle; the IT team will handle it after our software goes live, the client will handle it with hardware. In today’s environment of large-scale data breaches, data security as an afterthought is too little too late.

Application and data security should be part of every design and product roadmap discussion just like functionality, stability and user experience. The more mobile the data needs to be, the more agile the solution needs to be. By shifting security conversations to early in the product development lifecycle instead of after code has already been released, software organizations can save money, better differentiate their offerings and scale more effectively in the long run. This session will discuss important design considerations for application-level security and how to select tools and methods that support your software architecture instead of dictating it.

- PST
OPEN TALK: Stop Using Databases and Start Using Data Services
Patrick McFadin
Patrick McFadin
DataStax, Head of Developer Relations

If you are building applications today, you are probably using either cloud or Kubernetes ... or both! As a result, we are entering an era that we don’t have to make complex architecture decisions by weighing tradeoffs on scale, uptime, and usability. Patrick McFadin has been building and supporting scale applications for a long time and has seen all the evolution that has brought us to today. Engineer to engineer, Patrick wants to show you his journey into this world and what he’s been doing at DataStax and the Apache Cassandra project to help make it a reality. Here’s what he’ll cover.

-How you can shorten application development time and ship code fast
-The role of open source in this next wave of modern application development
-Ways to participate in this fast-moving community of data services
-How you can futureproof your code and be ready for the next big thing

- PST
OPEN TALK: Continuous Packaging: Securing End-to-End Delivery, from Build to Production
Andrew Speed
Andrew Speed
Cloudsmith, Senior Engineer


In this session, we’ll explore how to secure your delivery pipelines, from development to deployment with key learnings including:

- Combining continuous packaging with integration & delivery.
- Applying holistic security principles across the whole value stream.
- Using infrastructure-as-code techniques to build, stage, and deploy.

- PST
OPEN TALK: Automating API Style Guides
Phil Sturgeon
Phil Sturgeon
Stoplight, DevRel


Creating consistent, quality APIs is a tough job, especially as ecosystems move past 100 APIs and beyond. API Style Guides can help, but developers rarely read them, and those that do don't always remember everything. API Design Reviews and Governance tooling is maturing to help solve this, automating API Style Guides allowing teams to introduce new guidance over time. Learn how to roll this out at your company easily.

- PST
OPEN TALK: Low Code Identity Verification Is Changing the Game in Fraud and KYC
Mark Prest
Mark Prest
Trulioo, Account Executive, SMB
Victor Cuevas
Victor Cuevas
Trulioo, Account Executive, SMB



The low-code movement is creating a lot of buzz. In this workshop, hear about how no/low-code identity verification is making compliance and fraud prevention more cost-effective and accessible.

-How no/low-code solutions can be easily implemented by anyone, including non-technical entrepreneurs
-Why identity verification is making cross-border KYC and fraud mitigation faster with less friction
-How an identity platform streamlines verification workflows by leveraging multiple identity solutions and a network of single-point data sources

Friday, February 19, 2021

- PST
OPEN TALK: Enrich the Developer Experience Utilizing APIs with IBM API Hub
Paul Gordon
Paul Gordon
IBM, Manager - IBM API Economy
Steve Kenna
Steve Kenna
IBM, Sr. Architect for AI Applications

With the average enterprise organization consuming thousands of APIs, it has become increasingly challenging for developers to locate or socialize created APIs. It is even more difficult for organizations to manage their API collections. Even companies are now offering to socialize business partner’s APIs to their customers in order to create microservices, complex integrations, and product solutions.
IBM’s answer to this problem is the IBM API Hub.  This essential API hub offering allows for managing friction, preventing resource duplication, and breaks silos. It provides a single place for organizations to publish and share created APIs in an easy discoverable, searchable, highly available, and curated environment.
In this session, learn about the key attributes of the IBM API Hub. Explore the consumer experience and its low barrier of entry for any API Provider. Discover how IBM Sterling has created an all new enriched experience for their developers using the IBM API Hub. Try out the IBM API Hub yourself with a full set of API consumer features and functionality.

- PST
OPEN TALK: Up Your Executive Game: The Topics That Technical Leaders Should Cover at Board Meetings
Andrew Lau
Andrew Lau
Jellyfish, Cofounder and CEO

The task at hand: brief your executives and the board on the progress you’ve made this quarter. Business execs and board members want to see what it is your team is doing, or whether and why you are or are not doing whatever is in their head. This can be tough when it comes to engineering. You may know how your team is performing, and you know what they’re doing, but it can be a challenge to present this to the business and board members. What topics should technical leaders cover, and how should they present those topics to answer the board’s questions even before they’re asked?

Andrew Lau, engineering leader turned CEO of Jellyfish has experienced these presentations from both sides. In this session, he’ll walk through:
- Why engineering leaders can and should be more influential in executive decision-making
- The most important topics that your board will want to hear about
- How and where to find the data
- How to present it in ways that will resonate with business executives

- PST
OPEN TALK: Groove with Ambiguity: The Robust, the Reliable, and the Resilient
Matt Davis
Matt Davis
Blameless, Senior Infrastructure Engineer

The networked software systems we build are increasing in complexity every moment. From the abstractions of cloud hosting and inherited libraries to container scheduling and third-party vendors, the turtles go all the way around!

Today the most successful builders and operators are embracing complexity through CI/CD, Chaos Engineering, and innovation in Incident Response. They realize that the adaptive world around us is advancing at such a breakneck speed, it is leaving our capacity to understand it in the dust. That humans and technology must race a gauntlet of automation surprises and collaboration challenges as a team, learning and improving along the way.

This session showcases methods of deploying, running, and navigating complexity. It offers a practical view of how software systems can scale and remain robust to failure (like fallbacks or high-availability), achieve highly reliable socio-technical operations (via runbooks and game-days), and adapt to surprise through techniques of resilience engineering (graceful extensibility and building for adaptation).

- PST
OPEN TALK: Testing Security of Micro-Services, APIs and Cloud-Native Apps in Your CI/CD Pipeline
Asma Zubair
Asma Zubair
Synopsys, Product Management Manager

Are you struggling with security testing of your APIs, web-services or cloud-native applications? Are you looking for new ways to test security without impacting velocity? Would you like to get visibility into sensitive data that your application handles? If answer to any of these questions is yes, allow us to introduce you to new and unique ways to perform security testing. In this session, we will give you an overview of developer friendly security test tools from Synopsys for unparalleled accuracy and visibility into application vulnerabilities with remediation guidance and just-in-time contextual training to help your developers with remediation effort to improve your application security posture.

- PST
OPEN TALK: One Company's Journey Going Serverless with AWS
Mike Watson
Mike Watson
Synerzip, VP of Engineering
Philip Edge
Philip Edge
Intertek Alchemy, Vice President, Engineering & Chief Security Office

Serverless cloud technologies have been around for some time now and most of us know the benefits include simpler management and pay-per-use billing. There are additional benefits on top of these, however, adoption of this technology is not as straightforward as other cloud transition strategies. In this talk, we explore the advantages of serverless technologies, highlight the architectures that support them, and discuss the challenges of adoption.
As we go through these points you will hear from an organization that has embraced Serverless technology and are well on their journey towards full adoption. You will hear about the reasons they selected serverless, the challenges they faced while adopting the serverless mindset, and how they overcome these challenges.