OPEN Talks

Tuesday, December 7, 2021

- PST
OPEN TALK: Product Manager’s Extra Credit Guide to Building an A++ Enterprise API
Join on Hopin
Kyle Fowler
Kyle Fowler
Foursquare, Director of the Developer and Consumer Experience

Building an exceptional enterprise API is no easy feat. Earlier this year, Foursquare launched the new Places Enterprise API, built from the foundation of our renowned Developer API. In this session, we'll take you through every step of the process to create a delivery method that can meet enterprise standards and upgrade the developer experience - from understanding your customer's UX criteria and auditing the performance and security of your API infrastructure, to best SLA practices and everything in between.

- PST
OPEN TALK: How Data From Penetration Tests Can Help You Understand, Fix, And Prevent Security Bugs
Join on Hopin
Nick Terkay
Nick Terkay
Cobalt, Director of Engineering, Customer Experience

Penetration tests can give developers invaluable information on what issues slip past their reviews. Not only that, they can give clues on big-picture questions like “Do we have a wider design problem with user authorization?” or “Are we making repeat mistakes from one test to the next? Why?”

Rather than a lengthy to-do list, findings from a penetration test can be a collection of metrics you can track to improve the quality of your code, and the performance of your team. In this session, I’ll walk you through the most common metrics in penetration test reports, and map them to the questions they can help answer: from finding the bug, to fixing and preventing it.

- PST
OPEN TALK: Case Study: Adapting A Monolithic Application to Support Hyper Growth
Join on Hopin
Alexander Danilenko
Alexander Danilenko
Toptal, Chief Software Architect

This talk will focus on the architecture implications of a fast growing fully-remote organization and the use of a monolithic (versus micro services) application to facilitate scalability, onboarding, and manageability. This is a real-world case study.

- PST
OPEN TALK: Infrastructure as Code for Cloud Security
Join on Hopin
Josh Stella
Josh Stella
Fugue, Co-Founder, CEO and CTO

Cloud engineers need tools that help them check that the infrastructure as code templates they’re developing adhere with all applicable industry compliance standards and custom security policies. And the organization needs to ensure their developers are using those tools, and that they’re using the correct policies.In this session, Josh Stella will talk about how to establish effective, efficient, and consistent IaC security, which is critical to preventing cloud misconfiguration vulnerabilities from reaching the runtime without slowing teams down. But if teams are using a completely different system and set of policies for checking the runtime for security and compliance, things start to fall apart.  He will review: -How to prevent Critical vulnerabilities from slipping through the cracks -How to use policies to govern your cloud environment -Suggestions on how to prioritize and remediate issues

- PST
OPEN TALK: Build Microservices-Based Apps Faster with Data Apis
Join on Hopin
Bhavani Rao
Bhavani Rao
DataStax, Product Marketing Director

If you are like most developers, you are embracing applications built using microservices and a NoSQL database. Creating applications is hard because microservices are often written in different languages, database drivers have a maintenance burden, or familiar HTTP APIs lack the performance needed. Data APIs can simplify application development, but which one is best for your use case? In this session you will learn about industry standard APIs (REST, schemaless JSON, GraphQL, and gRPC) that can be used to interact with a database. Identify what the benefits of these APIs and why gRPC has become the API of choice for connecting microservices.

- PST
OPEN TALK: How Your Applications Are under Attack - Struts 2 Vulnerability
Join on Hopin
Austin Becker
Austin Becker
Sonatype, Solutions Engineer

This session will include information about how popular open source has become and how it is driving innovation for enterprises in today's market. Open source allows enterprises to get value to market faster, and ensure the survival of many businesses. But open source software (OSS) has recently been an attack vector and focus for cybercrime syndicates. How can you protect yourself? What are you up against? We will also cover how the Struts2 vulnerability, a common java OSS component, led to the attack and breach of several financial institutions. In this workshop, we will set up the Struts2 application and walk through not only how to exploit it, but also how to protect yourself from this attack.

- PST
OPEN TALK: Authorization for Cloud-Native Applications
Join on Hopin
Tim Hinrichs
Tim Hinrichs
Styra, CTO

Application modernization requires a plethora of different kinds of technological decisions, one of which is authorization - how do you control which actions your users can take and under what conditions? Modern applications require solving that problem throughout your application: from the front-end, to the backend, to the database, and so on. In this chat, we will discuss best practices for using modern technologies like ServiceMesh and Open Policy Agent to implement authorization within your application.

Wednesday, December 8, 2021

- PST
OPEN TALK: Introduction to PostgreSQL
Join on Hopin
Kirk Roybal
Kirk Roybal
Instaclustr, Database Reliability Engineer

PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance. Find out who's who and what's what in this orientation to PostgreSQL session.

- PST
OPEN TALK: 5 Things to Help Your Team Succeed at Kubernetes
Join on Hopin
Rachel Sweeney
Rachel Sweeney
Fairwinds, Product Advocate SRE

As you adopt cloud native technologies and Kubernetes, you will face a myriad of technology, process, policy and people decisions. What tools and patterns are needed to be successful? How can you ensure Kubernetes is a success across your DevOps team and organization?Rachel Sweeney, Product Advocate SRE at Fairwinds, discusses why Kubernetes plays an important role in your DevOps experience and the 5 things to help your team succeed at Kubernetes. Learn a few critical steps to achieving your Kubernetes Maturity around technology, security, visibility and consistency.

- PST
OPEN TALK: A Practical Approach to Operationalizing Data-Tiers on Kubernetes
Join on Hopin
Rags Srinivas
Rags Srinivas
Datastax, Developer Advocate

The IT world has evolved from the stateless 12-factor simple “Hello World!” app on Kubernetes to refactor more complex data-driven apps and incorporate newer paradigms such as microservices, service mesh, etc. However, Dev, DevOps and Ops of these distributed teams and systems are still an ongoing major challenge.

How are teams and technologies evolving to deal with this myriad of challenges and what steps are they taking to mitigate some of the issues? In this session we will start with identifying these challenges and how to solve them with a comprehensive practical example based around open sourced k8ssandra.io which relies on the cass-operator and is evolving to provide multi data center support.

After attending this session, attendees (Devs, Devops and Ops audience alike) will get a holistic perspective of the day-to-day challenges of the cloud-native approach -- gain a better understanding of data durability, routine backups and restore, observability, HA and DR. Dissecting the example with a step-by-step approach, will enable attendees to walk away with practical tips for a robust architecture and how to operationalize it.