Dev Innovation Summit
Wednesday, August 3, 2022
In the session I will be discussing about Tezos, how to build smart contracts using tezos. How Web2.0 is different from Web3.0. At the end, Question and Answers could be taken.
KEYNOTE: Cloudflare -- Transform and Secure Your Organization Faster: Internet-Native Architectures Helping You & Your BusinessJoin on Hopin
We’re all facing more and more apps moving to the cloud, teams working remotely, amid growing and evolving security threats. When it comes to security, there’s never a single destination. The biggest risk is committing to an approach that locks you out of your own future — think of roadblocks like moving along a vendors’ legacy approach forward just because it’s there, or restricting your options because of choices someone else made years ago. Today and tomorrow, more than ever, organizations of all sizes need highly effective security delivered via an Internet-native architecture that consistently bends and flexes to tackle the challenges of our current landscape, and that innovates at a pace to help you foresee what’s ahead. Join this vendor-agnostic session, where we’ll learn about how you can be equipped to face new emerging threats, with essential capabilities for business continuity, and scale instantly without worry:
— Why this is happening now: shifting your network and security infrastructure to the cloud and consolidating it into one composable services platform.
— How to evaluate: if a security platform is built on a trusted, resilient, and flexible zero trust network, architected for where networking is going.
— How to adopt: everything you need today and tomorrow to secure your business so you can operate it easily, at your own pace, at lower cost, and with consistent and relentless innovation to help you and the organization scale.
This session will aim to introduce the audience to the basics of cloud security and the security model for Public clouds. Further, the emphasis will be mostly on Cloud Security Posture management, introduction and overview of cloud native CSPM services (like AWS Security Hub, Azure Defender ) and a short demo on how these services help automate best practice checks, aggregates alerts, and support automated remediation.
A complex data flow is a set of operations to extract information from multiple sources, copy them into multiple data targets while using extract, transformations, joins, filters, and sorts to refine the results.
These are precisely the capabilities that the new open modern data stack provides us. Spark and other tools allow us to develop complex data flow on large-scale data.
Chaos Engineering concepts discuss the principles of experimenting on a distributed system to build confidence in the system’s capability to withstand turbulent conditions in production. Or, how stable is your distributed system?
Let's see how we combine these two worlds to build more stability and reliability into our dataops.
A Security Champions program is key to a modern cybersecurity strategy. Learn how to start your own.
Known vulnerabilities are a fact of life, especially with open source software. Cyber Security Intelligence tracked over 18,000 CVEs and at least 66 Zero-Day Vulnerabilities in 2021. According to the Sonatype 2020 DevSecOps Community Survey, 24% of organizations surveyed revealed a breach within one of their web applications in the prior 12 months. The average cost of a data breach was $4.24 million, according to the IBM 2021 Cost of a Data Breach Report.
The only way to keep up with the fast pace and demands of cybersecurity today is to scale up the security expertise of your technical workforce. This talk explains why setting up a Security Champions program is such an important part of an overall security strategy. Then it goes into detail on how to get your own Security Champions program running, the realistic costs of such a program, and what benefits you can expect from it. We’ll talk about grassroots programs at three companies: IBM, Red Hat, and NatWest Group.
A Security Champions program is repeatable, cost effective, and can be applied to a broad range of industries. Attendees will come away with a step by step approach that can improve cybersecurity practices at their own companies.
Simplicity certainly has its virtues. The KISS Principle [keep it super simple] favors simplicity over complexity in system design and operation. As software engineers are vanguarding into innovation work to deliver features, from the outside they might seem like they thrive on complexity constantly solving unknowns. Though there is a long road between the idea and production. Even when developers are on and off-boarded to different teams, mileage might vary in the same organization due to very different paths to production.
Cognitive load and context switching can really slow feature velocity down. Also having overly complex routes to production puts a damper on Developer Experience [DX]. With what seems like a bulk share of the technology verticals shifting left since they can be provided as code/configuration e.g YAML, expertise can be lost without a proper platform engineering domain. A major goal of platform engineering is to keep the experience similar across teams.
Learn in this session about keeping goals to KISS and how that can be achieved to even create a “consistent one-line developer experience” [they say the easy button is hard to create]. Reducing toil and complexity can lower the bar of entry for software engineers to focus more on innovation. As technologies and ecosystems change, providing a consistent experience is key. Supporting faster iteration allows organizations to consume new technology and build internal expertise quicker and provide a quicker time to value.
Git is the defacto standard version control system in use today. Every developer learns the basics of add, commit, branch, merge, pull, and push, and that is about all they learn about Git.
However, if you ask how Git actually works under the covers, most people will tell you they don't really know. Worse yet, when most developers see Git output messages like "detached HEAD state" or "CONFLICT (content): Merge conflict", they get a stress-induced panic.
This session will peel back the shroud of mystery that envelops Git, showing that there is nothing overly complex or terrifying about the inner workings of the world's most popular version control system. This talk is for everyone, from the complete Git novice to folks who have been pushing code for years but maybe have never stopped to look at how Git does its thing.
Being an elite dev team isn't just about merging faster, it's about being able to deliver consistently. Developer happiness and retention is often based on the type of work a team is doing and the amount of frustration involved trying to get code merged. In this session, we will discover how elite teams are creating a state of continuous merge by optimizing non-coding time and customizing how Pull Requests are treated based on their unique characteristics.
Developers who still thumb their nose at low-code application development probably harbor a number of misconceptions that are quickly becoming outdated. False notions that low-code “is only for non-professionals or ‘citizen developers’,” “is just for prototyping,” or “can’t handle enterprise-grade scalability, performance and security needs” only postpone developers from realizing its actual potential. In truth, low-code done right can multiply efficiency and put advanced emerging technological capabilities within any developer’s grasp.
The key advantage of low-code? API connectivity. The best low-code strategy will give developers a drag-and-drop UI for assembling Lego-like code blocks into complete applications. Get humming and you can make initial application development and iterative improvements 10x faster (at a minimum) than hardcoding. Low-code also automates away the block-and-tackle busywork of application development (read: a more enjoyable developer experience), while making access to emerging capabilities like AI/ML, big data, IoT, voice and messaging, blockchain, and APIs as simple as dragging an icon across a screen.
This Dev Innovation Summit talk will dig into the latest ideas and best practices that developers should know about low-code as they overcome still-common misconceptions, and as they vet potential paths forward for production use cases.
Application security is a problem in the development world, with expensive, complex, and sometimes only piecemeal solutions. But fix the problems you must, as there will come a time when someone will try to hack your app, probably (hopefully) your security team or a penetration tester. Once they find those problems, you have to then go back and fix the security bugs, 6 months to a year later, and that can be a real pain.
In this talk, you’ll learn how to turn this issue on its head, with unit security testing. Unit security testing is a tool we developed here at Bright to solve the problem of needing to rely on an external tool or team instead of being self-reliant in your approach to writing secure code. By integrating our DAST engine with unit tests, you, the developer, are empowered with the know-how of how to find vulnerabilities as early as possible in the SDLC, without the security team getting involved and having to fix problems far later on in the process.
In this session, you will learn
How to write different types of tests and which issues are important to test for
How to fix some vulnerabilities that our tests find in an example web application
An ounce of prevention is worth a pound of cure, so you will also learn how to defend against some common attacks from the get-go as you are writing code.
This is a live coding talk on building a solution for a real-world problem. In this 20 min of talk, let's challenge ourselves to build a (simplified) ToDo application that is accessible to the entire world! To build this we will use Serverless Backend with (API Gateway, DynamoDB) and Vue.js (with Nuxt.js) for the frontend. Finally, we will use Amplify for deploying the application.
In this session, we'll explore a new deployment experience for .NET developers working on AWS, from within Visual Studio and at the command line. Come and find out why we built a new, opinionated experience, how it helps you quickly and easily move your .NET applications to the cloud with minimal knowledge of AWS, and how you can easily customize the experience for your teams.
While infrastructure has evolved from on-prem to cloud, application architectures have evolved from client-server to Cloud-native and development practices have evolved from Waterfall to Lean Agile/ DevOps, operations is still siloed and stuck in the past at many organizations. In this session we will explore how to build an integrated approach to cloud workload management that is built on Site Reliability Engineering principles and a product-oriented approach to run operations. If you are already on Cloud or thinking to migrate to cloud, join us to hear how you should be thinking about designing for reliability, cost and performance while you run cloud workloads to optimize.
With the explosion of various developer tools and services in recent years, it's tempting to think that we've entered a golden age for software development productivity. However, contrary to popular belief, developer productivity is in fact declining, and this phenomenon risks bringing modern software development to a grinding halt in many organizations. In this talk, Nnamdi Iregbulem reveals a framework for thinking about developer productivity and charts a path toward reversing this dire trend.
In this session, Sam Dillard (Sr PM Edge at InfluxData), will discuss the needs and challenges of edge computing in the context of an edge-cloud topology. While cloud analytics is emphasized in a lot of the world, the need for edge analytics is not shrinking but rather growing. Applications have become more distributed and the data pertaining to them have become more voluminous.
Sam will discuss InfluxDB’s Edge Data Replication feature that leverages existing edge analytical capabilities of the database in order to enable edge-cloud data pipelines that fit to any business needs and constraints.
This feature automatically streams data on-write from an edge dataset to a cloud one of the user’s choosing. Adding to this automatic replication of writes, is a durability designed to withstand network outages. This feature lays the groundwork for a much larger story about how the edge and cloud can work together to produce global time series data architectures!
In this webinar, Sam will cover:
- How we define edge
- Properties of edge vs cloud
- Discuss problems faced with edge-cloud architectures
- Details of the edge replication feature and how it combined with InfluxDB solves those problems
- Demo an edge-cloud downsampling use case that retains data shape
This session highlights salient learnings from speaker’s long experience of managing software engineers and managers. The session covers various software engineering habits and attitudes that can propel any software developer into a high performance state. Various elements of engineering practices about operational excellence, innovation, product-thinking, and technical leadership are discussed with examples.
There are immutable laws and rules for many things, from nature to physics to karma. Observability, with its innate complexity, also has its own immutable rules, which transform elastic and ephemeral rote reactions to a clear and concise approach and understanding of your environment.
Join us to learn the rules you should understand with your approach to observability, including:
The impact of open and flexible data ingest and instrumentation
The impact of data retention and aggregation on blind spot analysis
The impact of data accuracy and precision on observability
The innate drive for seamless workflow integration, from alerts to resolution
Why drift and skew could lead to erroneous conclusions
As cities and towns across the country continue to grow, traffic, congestion, and the lack of parking are becoming more common. Although improving infrastructure, investing in roads, and adopting common sense policies can help alleviate the problem—in our day and age, technology can be a crucial tool in our efforts to address these challenges. How can machine learning facilitate commutes across the country while making our country’s roads more efficient? In the same breath, how can we help local municipalities tackle the challenges of outdated infrastructure and modus operandi? By using various data sets—from weather, traffic, and parking—machine learning is a crucial tool in unlocking our country’s roads for more efficient rides and overall smooth road experiences. These data points, along with the strengths of machine learning, have the potential to empower local governments across the country to address the challenges they face in terms of intra-city transportation. Likewise, the key to adopting policies that benefit commuters and citizens lies within these learnings. Creating efficient roads and setting riders free is possible by collecting key data and machine learning.
OPEN TALK: You Can’t Code Career Development - A Technical Professional’s Guide to Soft Skills in the WorkplaceJoin on Hopin
Technical aptitude will take an engineer far in their career but ultimately it's the ability to navigate workplace environments through the refinement of soft skills that will determine the heights that your career can scale.
In this session, Vanky Kataria (Evangelist - Global Communities) will share how focusing on soft skills can play an instrumental role in your career development and explain how engineers benefit from thinking about their workplaces beyond their roles and responsibilities as technical professionals.
Thursday, August 4, 2022
During the pandemic we've all been feeling pretty isolated, and we've all been doing our best and wearing masks. But what if everyone wearing masks cuts off your ability to converse?
My dear mum relies on lip reading and clear sounds to understand what people are saying. But I, of course want her to stay safe. So the thought occurred. Can I make a live captioning display fit into a mask so that she can read what I'm saying as I'm speaking?
Live captioning of speech to text has so many useful applications and Cognitive Services makes it fast and easy to build captioning into your applications. Together with Ably Realtime, it is possible to make wearable devices which can display what you’re saying, in real time. Wearable Live Captions!
For many years APIs have been implemented so that the client has to keep calling the server for the latest data. The API version of needing to refresh your browser. But this can be inefficient, and wasteful in addition to risking clients using old data.
Techniques like Webhooks and network sockets have been around for a while, but new ways to implement API streams have come along.
In this session, we’ll look at how the different common options are, how they work, and their drawbacks. By the end of this session, you will have the knowledge to make a more informed decision on whether streaming APIs are right for you and which approach may support your needs best.
Lewis will discuss what it takes to lead engineering teams building blockchain-powered products to keep up with mainstream demand. From implementing effective hiring methods to strategizing team roles and responsibilities, Lewis will share how technical leaders can hire and inspire high-impact teams to build industry-leading products. He will integrate key lessons learned while scaling the engineering team at Blockchain.com and increasing technical headcount.
Web development is a fast changing ecosystem with new technologies and libraries being created on the go. To stay on top of everything, we have to make it as easy and accessible as possible to experiment and use these technologies with little to no setup. In this talk, we'd be exploring the world of Browser-based IDEs and how they are changing the ecosystem - improving collaboration, streamlined experiences and preconfigured development environments.
Finding, sharing, and tracking microservices that make up our ‘logical’ applications is often the reason why cloud-native architecture is considered ‘complex.’ Supply chain management in a shared microservice architecture has its own challenges compared to monolithic development. Supply chain management speaks to improving security in the software systems we create. At the core of these discussions is the generation of SBOMs and CVE reports. In monolithic architecture, the creation of application SBOMs and CVE reports are done at the CI build step. But how do we mine the SBOM data at the application level in a microservice environment without a monolithic build?
This presentation will review the supply chain complexities in a microservice architecture with hundreds of run-time dependencies, each having its own SBOM and CVE reports. It will introduce Ortelius, an open-source unified supply chain catalog, incubating at the Continuous Delivery Foundation, that aggregates SBOM and CVE microservice level data up to the consuming ‘logical’ applications. Attendees will learn how they can easily produce application-level supply chain reports that meet new federal security requirements, even in complex cloud-native environments.
As applications and devices integrate deeper into our professional and personal lives, being able to deliver personalized real-time experiences is no longer a “nice-to-have” – it’s a competitive necessity for any digital service. But with new experiences come new challenges, especially at the volume of data needed for real-time delivery.
This talk will cover the ways in which traditional methods of data distribution are transitioning to event-driven architectures, and walk through examples of how wrangling-at-the-edge augments traditional stream processing to provide efficient, personalized data at Internet scale.
Learn how to build a API for a machine learning pipeline using real-world example. Validate the machine learning algorithm outcome. Explore options on how to scale live prediction API.
Generic, horizontal SaaS solutions fall flat on their face when trying to tackle problems inherent to complex and highly regulated industries such as life sciences. To solve real-world customer problems, SaaS providers need customizations, compliance, and domain understanding. Enter vertical SaaS. Dipanwita can share her experiences building a vertical SaaS company in a horizontal SaaS world, the driving factors, challenges, and long-term opportunities.
As web performance and user experience across both mobile and desktop devices continue to increase in importance, so do progressive web apps (PWAs). PWAs are becoming more popular because they have lots of enhancements that help your application perform better and they make apps accessible even to users with limited internet connection. In this talk, you are going to learn the advantages of using PWAs and how to turn your web application into a PWA.
Layer 2s including rollups are being adopted for scalability and throughput. In this talk we explore existing examples of application-specific rollups and how they compare to more general ones implementing the EVM. We explore using type systems to generate layer 2s and show how an advanced type system with code generation can be used to generate networking topologies. We speculate on no-code solutions that could be built in the future.
Using cloud based Cognitive Services to translate a very large volume of documents in multiple languages and of multiple formats with high performance.
NFTs are more than just JPEGs of Monkeys. NFTs have a great set of potential uses and ways to think about working with them in your businesses and products. Rob shares APIs to quickly use to create NFTs and help integrate them into a product.