HTML5 Development with Play Scala, CoffeeScript and Jade Presentation from Devoxx 2011. Discusses these technologies, as well as my story of using them to develop an HTML5 Fitness Tracking application.
http://www.devoxx.com/display/DV11/HTML5+with+Play+Scala%2C+CoffeeScript+and+Jade
HTML5 with Play Scala, CoffeeScript and Jade - Jfokus 2012Matt Raible
HTML5 Development with Play Scala, CoffeeScript and Jade Presentation from Jfokus 2012. Discusses these technologies, as well as my story of using them to develop an HTML5 Fitness Tracking application.
Read more about this presentation at:
http://raibledesigns.com/rd/entry/comparing_web_frameworks_and_html5
HTML5 with Play Scala, CoffeeScript and Jade - UberConf 2012Matt Raible
HTML5 Development with Play Scala, CoffeeScript and Jade Presentation from ÜberConf 2012. Discusses these technologies, as well as my story of using them to develop an HTML5 Fitness Tracking application.
Read more about this presentation at:
http://raibledesigns.com/rd/entry/migrating_to_play_2_and
This document provides a statistical summary of the 2011 Korean Formula 1 race in two charts:
1) The Race Summary Chart shows each driver's grid position, first lap position, final position, and range of positions held throughout the race. This gives an overview of how each driver's race progressed.
2) The Position Density Chart shows how long each driver held each race position, to indicate whether the race involved many position changes or a procession with cars holding positions for most of the race. The author seeks feedback on these experimental charts.
「PlayFramework関西ビギナーズ in OsakanSpace 第1回」
http://atnd.org/events/33666
Play frameworkの概要と今後についてゆるく説明して、
Playとそのコミュニティを雰囲気を知っていただこうという趣旨で発表しました。
参加された方の半数がPHPユーザだったので、冒頭でPHPユーザの方向けの説明を特別に入れたりして工夫しています。
A fast intro to Scala and Play, to prepare the audience for a live demo of a Play Application using Futures to get weather data from Yahoo in a non blocking way, then display to the user the results.
The code is available here https://github.com/tabdulradi/weather
The latest buzzword in the web service community is “reactive.” We dig beneath the surface of this word and show how you can use Scala and Akka to build systems that are responsive, resilient, elastic, and message-driven.
HTML5 with Play Scala, CoffeeScript and Jade - Jfokus 2012Matt Raible
HTML5 Development with Play Scala, CoffeeScript and Jade Presentation from Jfokus 2012. Discusses these technologies, as well as my story of using them to develop an HTML5 Fitness Tracking application.
Read more about this presentation at:
http://raibledesigns.com/rd/entry/comparing_web_frameworks_and_html5
HTML5 with Play Scala, CoffeeScript and Jade - UberConf 2012Matt Raible
HTML5 Development with Play Scala, CoffeeScript and Jade Presentation from ÜberConf 2012. Discusses these technologies, as well as my story of using them to develop an HTML5 Fitness Tracking application.
Read more about this presentation at:
http://raibledesigns.com/rd/entry/migrating_to_play_2_and
This document provides a statistical summary of the 2011 Korean Formula 1 race in two charts:
1) The Race Summary Chart shows each driver's grid position, first lap position, final position, and range of positions held throughout the race. This gives an overview of how each driver's race progressed.
2) The Position Density Chart shows how long each driver held each race position, to indicate whether the race involved many position changes or a procession with cars holding positions for most of the race. The author seeks feedback on these experimental charts.
「PlayFramework関西ビギナーズ in OsakanSpace 第1回」
http://atnd.org/events/33666
Play frameworkの概要と今後についてゆるく説明して、
Playとそのコミュニティを雰囲気を知っていただこうという趣旨で発表しました。
参加された方の半数がPHPユーザだったので、冒頭でPHPユーザの方向けの説明を特別に入れたりして工夫しています。
A fast intro to Scala and Play, to prepare the audience for a live demo of a Play Application using Futures to get weather data from Yahoo in a non blocking way, then display to the user the results.
The code is available here https://github.com/tabdulradi/weather
The latest buzzword in the web service community is “reactive.” We dig beneath the surface of this word and show how you can use Scala and Akka to build systems that are responsive, resilient, elastic, and message-driven.
This document provides an overview of building a Scala web application using the Play! framework. It begins with introductions to Scala and the Play! framework. It then covers topics like request handling, views, forms, database integration, the build system, internationalization, and testing. Exercises are provided to demonstrate creating routes, controllers, actions, views, forms, database models and more. The presenter is available to answer questions after the session and provides information on open positions at their company Lucid Software.
The document discusses the Play Framework, a web framework for Java and Scala. It introduces Play and outlines why it is useful, how to install it, and how to structure a new Play application. It then discusses moving a Play application to Google Cloud Platform for scalability. Key points are that Play provides predictable scalability, is developer friendly, and has a large ecosystem. The document recommends using Play Framework with Google Cloud Platform to achieve scalability without having to manage servers directly.
Voxxed Days Vienna - The Why and How of Reactive Web-Applications on the JVMManuel Bernhardt
The document discusses the need for reactive and functional programming approaches to build scalable applications that can take advantage of many-core processors and distributed systems. It introduces key concepts like immutability, functions, and declarative programming. Specific frameworks like Scala, Play and Akka are presented as tools that support this reactive, functional style for building web applications that can horizontally scale across multiple cores and nodes. The talk promotes adopting these approaches to build systems that can better handle concurrency, distribution and failure.
Over the past few years, web-applications have started to play an increasingly important role in our lives. We expect them to be always available and the data to be always fresh. This shift into the realm of real-time data processing is now transitioning to physical devices, and Gartner predicts that the Internet of Things will grow to an installed base of 26 billion units by 2020.
Reactive web-applications are an answer to the new requirements of high-availability and resource efficiency brought by this rapid evolution. On the JVM, a set of new languages and tools has emerged that enable the development of entirely asynchronous request and data handling pipelines. At the same time, container-less application frameworks are gaining increasing popularity over traditional deployment mechanisms.
This talk is going to give you an introduction into one of the most trending reactive web-application stack on the JVM, involving the Scala programming language, the concurrency toolkit Akka and the web-application framework Play. It will show you how functional programming techniques enable asynchronous programming, and how those technologies help to build robust and resilient web-applications.
This document discusses the development of a single-page web application for a student markbook using Akka actors and HTTP. Key points discussed include:
- Using multiple Akka actors to retrieve student, schedule, subject and mark data from various data services.
- A worker actor that processes the retrieved data and returns student week marks.
- A REST API with routes to get lists of students and individual student week marks.
- The application server is initialized by binding the API routes to an HTTP server.
"It’s open source. It’s highly opinionated.
Build greenfield microservices and decompose your Java EE monolith like a boss."
Lightbend (formerly Typesafe) has come up with their own framework, Lagom, for architecting microservices based systems. With Lagom, Lightbend wants to take up the competition with the Spring Cloud stack.
Lagom is built upon Akka and Play and focuses on reactive and message-driven APIs, distributed persistence with Event Sourcing and CQRS and high developer productivity. On the 10th of March a first MVP version has been released with a Java API, the Scala API is being worked on.
This workshop acts as an introduction to Lagom during which we will have a look at developing and deploying Lagom microservices.
As a warm-up, you could check out the newest blogpost on the JWorks Tech Blog: https://ordina-jworks.github.io/microservices/2016/04/22/Lagom-First-Impressions-and-Initial-Comparison-to-Spring-Cloud.html.
Github repo with presentation: https://github.com/yannickdeturck/lagom-shop
Blogpost Lagom: First Impressions and Initial Comparison to Spring Cloud: https://ordina-jworks.github.io/microservices/2016/04/22/Lagom-First-Impressions-and-Initial-Comparison-to-Spring-Cloud.html
Podcast Lightbend Podcast Ep. 09: Andreas Evers test drives Lagom in comparison with Spring Cloud: https://www.lightbend.com/blog/lightbend-podcast-ep-09-andreas-evers-test-drives-lagom-in-comparison-with-spring-cloud
This document discusses different approaches to dependency injection in Scala, especially for use with Play!. It evaluates Spring, Spring-Scala, CDI, Guice, SubCut and Cake based on criteria like idiomatic Scala usage, testing support, and fit with Play!. Spring-Scala is recommended for projects that need to integrate Java and Scala code. Guice and Cake are recommended for standalone Scala projects. Cake provides additional type safety while Guice and Cake are good options for Play! projects.
This document provides an overview and introduction to Akka HTTP, a Scala library built on Akka Streams for HTTP-based applications. Some key points:
- Akka HTTP uses Akka Streams to model HTTP requests and responses as streaming data flows.
- It allows building both HTTP clients and servers by composing stream processing stages together.
- Common directives and operations like routing, marshalling, validation, and testing are supported through a high-level API.
- Examples demonstrate basic usage like creating a route that returns XML, running a server, and writing tests against routes.
Web pages can get very complex and slow. In this talk, I share how we solve some of these problems at LinkedIn by leveraging composition and streaming in the Play Framework. This was my keynote for Ping Conference 2014 ( http://www.ping-conf.com/ ): the video is on ustream ( http://www.ustream.tv/recorded/42801129 ) and the sample code is on github ( https://github.com/brikis98/ping-play ).
This document provides an overview of Akka HTTP, a library for building HTTP-based services using Scala and Akka. It describes the common abstractions used in Akka HTTP like HTTP requests, responses, entities, and marshalling/unmarshalling. It also explains the low-level and high-level APIs, with the low-level API providing basic request handling functionality and the high-level API using directives and routing DSL for defining routes in a more flexible way.
The Modern Java Web Developer Bootcamp - Devoxx 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS.
These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
This presentation is from the University session I delivered at Devoxx 2013, in Antwerp. http://devoxx.be/dv13-matt-raible.html?presId=3648
The Modern Java Web Developer - JavaOne 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS. These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
Securing Microservices using Play and Akka HTTPRafal Gancarz
Going down the microservices route makes a lot of things around creating and maintaining large systems easier but it comes at a cost too, particularly associated with challenges around security. While securing monolithic applications was a relatively well understood area, the same can't be said about microservice based architectures.
This presentation covers how implementing microservices affects the security of distributed systems, outlines pros and cons of several standards and common practices and offers practical suggestions for securing microservice based systems using Play and Akka HTTP.
Akka Streams & HTTP provides reactive, asynchronous, and non-blocking streams for processing data and HTTP requests and responses. It builds upon Akka IO and the Reactive Streams initiative to allow stream-based topologies to be declared and run for tasks like processing big data, serving clients simultaneously with limited resources, and building distributed applications that integrate with external systems over HTTP. Key features include stream sources, sinks, and transformations along with a routing DSL for building HTTP servers and clients on top of Akka IO and HTTP Core.
Building scalable rest service using Akka HTTPdatamantra
Akka HTTP is a toolkit for building scalable REST services in Scala. It provides a high-level API built on top of Akka actors and Akka streams for writing asynchronous, non-blocking and resilient microservices. The document discusses Akka HTTP's architecture, routing DSL, directives, testing, additional features like file uploads and websockets. It also compares Akka HTTP to other Scala frameworks and outlines pros and cons of using Akka HTTP for building REST APIs.
Building a Reactive RESTful API with Akka Http & SlickZalando Technology
Dan Persa, Senior Software Engineer at Zalando
Dan Persa has been a software engineer at Zalando since 2013 and is a member of the Fashion Store team, which is responsible for Zalando’s core ecommerce business. He loves Java and Scala and more recently has been exploring Go and Node.js. He’s a big fan of Clean Code and Software Craftsmanship. In addition to coding, he enjoys mentoring new developers, organizing coder dojos and reading groups and giving tech talks. In his free time he likes to take photos and dance salsa.
tech.zalando.com
Comparing JVM Web Frameworks - Jfokus 2012Matt Raible
The document provides a comparison of various Java web frameworks, including Grails, GWT, Ruby on Rails, Spring MVC, Vaadin, Tapestry and Wicket. It discusses the challenges in choosing a web framework, outlines various comparison points, presents the results of framework ratings in matrix and weighted forms, and provides analysis on the state of the frameworks in 2010 based on conferences and community metrics.
Comparing JVM Web Frameworks - Spring I/O 2012Matt Raible
Comparing JVM Web Frameworks Presentation from Spring I/O Conference in Madrid, Spain. Compares many different JVM-based web frameworks, ranks them based on 20 different criteria and compares the Pros, Cons and other stats of the top 5. Also talks about how web developers might need to learn client-side MVC frameworks and Java developers need to learn web technologies (JavaScript and CSS) or become RESTful services developers.
See video of this talk at https://www.youtube.com/watch?v=QlQMt3W9fpU.
This document provides an overview of building a Scala web application using the Play! framework. It begins with introductions to Scala and the Play! framework. It then covers topics like request handling, views, forms, database integration, the build system, internationalization, and testing. Exercises are provided to demonstrate creating routes, controllers, actions, views, forms, database models and more. The presenter is available to answer questions after the session and provides information on open positions at their company Lucid Software.
The document discusses the Play Framework, a web framework for Java and Scala. It introduces Play and outlines why it is useful, how to install it, and how to structure a new Play application. It then discusses moving a Play application to Google Cloud Platform for scalability. Key points are that Play provides predictable scalability, is developer friendly, and has a large ecosystem. The document recommends using Play Framework with Google Cloud Platform to achieve scalability without having to manage servers directly.
Voxxed Days Vienna - The Why and How of Reactive Web-Applications on the JVMManuel Bernhardt
The document discusses the need for reactive and functional programming approaches to build scalable applications that can take advantage of many-core processors and distributed systems. It introduces key concepts like immutability, functions, and declarative programming. Specific frameworks like Scala, Play and Akka are presented as tools that support this reactive, functional style for building web applications that can horizontally scale across multiple cores and nodes. The talk promotes adopting these approaches to build systems that can better handle concurrency, distribution and failure.
Over the past few years, web-applications have started to play an increasingly important role in our lives. We expect them to be always available and the data to be always fresh. This shift into the realm of real-time data processing is now transitioning to physical devices, and Gartner predicts that the Internet of Things will grow to an installed base of 26 billion units by 2020.
Reactive web-applications are an answer to the new requirements of high-availability and resource efficiency brought by this rapid evolution. On the JVM, a set of new languages and tools has emerged that enable the development of entirely asynchronous request and data handling pipelines. At the same time, container-less application frameworks are gaining increasing popularity over traditional deployment mechanisms.
This talk is going to give you an introduction into one of the most trending reactive web-application stack on the JVM, involving the Scala programming language, the concurrency toolkit Akka and the web-application framework Play. It will show you how functional programming techniques enable asynchronous programming, and how those technologies help to build robust and resilient web-applications.
This document discusses the development of a single-page web application for a student markbook using Akka actors and HTTP. Key points discussed include:
- Using multiple Akka actors to retrieve student, schedule, subject and mark data from various data services.
- A worker actor that processes the retrieved data and returns student week marks.
- A REST API with routes to get lists of students and individual student week marks.
- The application server is initialized by binding the API routes to an HTTP server.
"It’s open source. It’s highly opinionated.
Build greenfield microservices and decompose your Java EE monolith like a boss."
Lightbend (formerly Typesafe) has come up with their own framework, Lagom, for architecting microservices based systems. With Lagom, Lightbend wants to take up the competition with the Spring Cloud stack.
Lagom is built upon Akka and Play and focuses on reactive and message-driven APIs, distributed persistence with Event Sourcing and CQRS and high developer productivity. On the 10th of March a first MVP version has been released with a Java API, the Scala API is being worked on.
This workshop acts as an introduction to Lagom during which we will have a look at developing and deploying Lagom microservices.
As a warm-up, you could check out the newest blogpost on the JWorks Tech Blog: https://ordina-jworks.github.io/microservices/2016/04/22/Lagom-First-Impressions-and-Initial-Comparison-to-Spring-Cloud.html.
Github repo with presentation: https://github.com/yannickdeturck/lagom-shop
Blogpost Lagom: First Impressions and Initial Comparison to Spring Cloud: https://ordina-jworks.github.io/microservices/2016/04/22/Lagom-First-Impressions-and-Initial-Comparison-to-Spring-Cloud.html
Podcast Lightbend Podcast Ep. 09: Andreas Evers test drives Lagom in comparison with Spring Cloud: https://www.lightbend.com/blog/lightbend-podcast-ep-09-andreas-evers-test-drives-lagom-in-comparison-with-spring-cloud
This document discusses different approaches to dependency injection in Scala, especially for use with Play!. It evaluates Spring, Spring-Scala, CDI, Guice, SubCut and Cake based on criteria like idiomatic Scala usage, testing support, and fit with Play!. Spring-Scala is recommended for projects that need to integrate Java and Scala code. Guice and Cake are recommended for standalone Scala projects. Cake provides additional type safety while Guice and Cake are good options for Play! projects.
This document provides an overview and introduction to Akka HTTP, a Scala library built on Akka Streams for HTTP-based applications. Some key points:
- Akka HTTP uses Akka Streams to model HTTP requests and responses as streaming data flows.
- It allows building both HTTP clients and servers by composing stream processing stages together.
- Common directives and operations like routing, marshalling, validation, and testing are supported through a high-level API.
- Examples demonstrate basic usage like creating a route that returns XML, running a server, and writing tests against routes.
Web pages can get very complex and slow. In this talk, I share how we solve some of these problems at LinkedIn by leveraging composition and streaming in the Play Framework. This was my keynote for Ping Conference 2014 ( http://www.ping-conf.com/ ): the video is on ustream ( http://www.ustream.tv/recorded/42801129 ) and the sample code is on github ( https://github.com/brikis98/ping-play ).
This document provides an overview of Akka HTTP, a library for building HTTP-based services using Scala and Akka. It describes the common abstractions used in Akka HTTP like HTTP requests, responses, entities, and marshalling/unmarshalling. It also explains the low-level and high-level APIs, with the low-level API providing basic request handling functionality and the high-level API using directives and routing DSL for defining routes in a more flexible way.
The Modern Java Web Developer Bootcamp - Devoxx 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS.
These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
This presentation is from the University session I delivered at Devoxx 2013, in Antwerp. http://devoxx.be/dv13-matt-raible.html?presId=3648
The Modern Java Web Developer - JavaOne 2013Matt Raible
HTML5, CSS3, JavaScript, jQuery, Angular JS, Bootstrap, Mobile, CoffeeScript, GitHub, functional programming, Page Speed, Apache, JSON with Jackson, caching, REST, Security, load testing, profiling, Wro4j, Heroku, Cloudbees, AWS. These are just some of the buzzwords that a Java web developer hears on a daily basis. This talk is designed to expose you to a plethora of technologies that you might've heard about, but haven't learned yet. We'll concentrate on the most important web developer skills, as well as UI tips and tricks to make you a better front-end engineer. Some of the most valuable engineers these days have front-end JS/CSS skills, as well as backend Java skills.
Securing Microservices using Play and Akka HTTPRafal Gancarz
Going down the microservices route makes a lot of things around creating and maintaining large systems easier but it comes at a cost too, particularly associated with challenges around security. While securing monolithic applications was a relatively well understood area, the same can't be said about microservice based architectures.
This presentation covers how implementing microservices affects the security of distributed systems, outlines pros and cons of several standards and common practices and offers practical suggestions for securing microservice based systems using Play and Akka HTTP.
Akka Streams & HTTP provides reactive, asynchronous, and non-blocking streams for processing data and HTTP requests and responses. It builds upon Akka IO and the Reactive Streams initiative to allow stream-based topologies to be declared and run for tasks like processing big data, serving clients simultaneously with limited resources, and building distributed applications that integrate with external systems over HTTP. Key features include stream sources, sinks, and transformations along with a routing DSL for building HTTP servers and clients on top of Akka IO and HTTP Core.
Building scalable rest service using Akka HTTPdatamantra
Akka HTTP is a toolkit for building scalable REST services in Scala. It provides a high-level API built on top of Akka actors and Akka streams for writing asynchronous, non-blocking and resilient microservices. The document discusses Akka HTTP's architecture, routing DSL, directives, testing, additional features like file uploads and websockets. It also compares Akka HTTP to other Scala frameworks and outlines pros and cons of using Akka HTTP for building REST APIs.
Building a Reactive RESTful API with Akka Http & SlickZalando Technology
Dan Persa, Senior Software Engineer at Zalando
Dan Persa has been a software engineer at Zalando since 2013 and is a member of the Fashion Store team, which is responsible for Zalando’s core ecommerce business. He loves Java and Scala and more recently has been exploring Go and Node.js. He’s a big fan of Clean Code and Software Craftsmanship. In addition to coding, he enjoys mentoring new developers, organizing coder dojos and reading groups and giving tech talks. In his free time he likes to take photos and dance salsa.
tech.zalando.com
Comparing JVM Web Frameworks - Jfokus 2012Matt Raible
The document provides a comparison of various Java web frameworks, including Grails, GWT, Ruby on Rails, Spring MVC, Vaadin, Tapestry and Wicket. It discusses the challenges in choosing a web framework, outlines various comparison points, presents the results of framework ratings in matrix and weighted forms, and provides analysis on the state of the frameworks in 2010 based on conferences and community metrics.
Comparing JVM Web Frameworks - Spring I/O 2012Matt Raible
Comparing JVM Web Frameworks Presentation from Spring I/O Conference in Madrid, Spain. Compares many different JVM-based web frameworks, ranks them based on 20 different criteria and compares the Pros, Cons and other stats of the top 5. Also talks about how web developers might need to learn client-side MVC frameworks and Java developers need to learn web technologies (JavaScript and CSS) or become RESTful services developers.
See video of this talk at https://www.youtube.com/watch?v=QlQMt3W9fpU.
Comparing JVM Web Frameworks - 33rd DegreeMatt Raible
Comparing JVM Web Frameworks Presentation from 33rd Degree Conference in Krakow, Poland. Compares many different JVM-based web frameworks, ranks them based on 20 different criteria and compares the Pros, Cons and other stats of the top 5.
Carsten Ziegeler presented on using Apache Sling for web development. Sling uses OSGi, a Java content repository (JCR), and scripting to build dynamic websites. It follows a RESTful, resource-oriented architecture where content is stored in a JCR and retrieved via URLs. Scripts can be written to render resources and are resolved based on the resource type and request details. Sling uses OSGi to modularize the framework and allow dynamic extensions through bundles and services. It currently resides in the Apache incubator but is gaining community support.
The survey of 31 members of the Hybrid User Forum found the following:
- Most respondents were public transport operators or local/regional authorities.
- The majority of hybrid fleets were in cities with populations between 100,000-1 million people.
- Respondents reported an average 16% reduction in fuel consumption for hybrids compared to diesel buses. Fuel savings varied depending on route and season.
- Maintenance costs for hybrids were reported to be similar to or slightly higher than diesel buses on average.
- Respondents expected hybrid purchases costs to be up to 26% higher than diesel but fuel savings, emissions reductions, and political support could motivate higher costs. Driver training was
This document provides a review of graphing points on the coordinate plane. It includes an explanation that graphing points is similar to the game Battleship by using an x and y coordinate to locate a point. The four quadrants of the coordinate plane are defined, with the x-axis and y-axis dividing it. Several examples of coordinate pairs like (2,7) are given to represent points. Finally, 12 specific points are graphed on the coordinate plane for practice.
This document summarizes genetic sequence alignment results. It found 87% similarity over 636 base pairs between chromosomes 3 and 5, and 95% similarity over 1211 base pairs between chromosomes 2 and 5. It also describes using Google Chart API and dot plot analysis to visualize genetic sequence alignments and pathways.
Corona SDK is a software development kit that allows developers to code mobile apps faster using the Lua programming language. Lua is an industry standard scripting language that is simple yet powerful. Corona allows developers to write their code once and deploy their apps to multiple mobile app stores.
Similar to HTML5 with Play Scala, CoffeeScript and Jade - Devoxx 2011 (8)
Keep Identities in Sync the SCIMple Way - ApacheCon NA 2022Matt Raible
What if keeping your user stores in sync across domains was as simple as running "java -jar"? With Apache SCIMPle, it is!
Apache SCIMple is a SCIM 2.0-compliant server powered by Spring Boot 3. You can run it standalone or embedded in your existing app. It exposes user management REST endpoints and handles the hassle of user synchronization for you. If your identity provider supports SCIM, use the simple way!
GitHub example: https://github.com/mraible/okta-scim-spring-boot-example
Demo script: https://github.com/mraible/okta-scim-spring-boot-example/blob/main/demo.adoc
Micro Frontends for Java Microservices - Belfast JUG 2022Matt Raible
You've figured out how to split up your backend services into microservices and scale your teams to the moon, right?
But what about the frontend? Are you still building monoliths for your UI?
If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend.
Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently.
In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud.
Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices
GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example
Micro Frontends for Java Microservices - Dublin JUG 2022Matt Raible
The document discusses micro frontends for Java microservices. It provides an overview of microservices and frameworks like Spring and JHipster that can be used to develop microservices in Java. It then introduces the concept of micro frontends as an architecture for microservice applications and demonstrates how to build a sample application with micro frontends using JHipster. It also covers securing microservices with OAuth 2.1 and shows a live demo of creating and running microservice applications with JHipster.
Micro Frontends for Java Microservices - Cork JUG 2022Matt Raible
You've figured out how to split up your backend services into microservices and scale your teams to the moon, right?
But what about the frontend? Are you still building monoliths for your UI?
If so, you might want to check out micro frontends—basically extensions to the microservices pattern, where the concept is extended to the frontend.
Find out how to package and deploy your microservices and their UIs in the same artifact, as well as make it possible to test and develop them independently.
In this live session, Matt will show you how to build a microservices and micro frontends architecture using Angular, Spring Boot, and Spring Cloud.
Related blog post: https://auth0.com/blog/micro-frontends-for-java-microservices
GitHub repo: https://github.com/oktadev/auth0-micro-frontends-jhipster-example
Comparing Native Java REST API Frameworks - Seattle JUG 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Reactive Java Microservices with Spring Boot and JHipster - Spring I/O 2022Matt Raible
Microservice architectures are all the rage in JavaLand. They allow teams to develop services independently and deploy autonomously.
Why microservices?
IF
you are developing a large/complex application
AND
you need to deliver it rapidly, frequently, and reliably over a long period of time
THEN
the Microservice Architecture is often a good choice.
Reactive architectures are becoming increasingly popular for organizations that need to do more, with less hardware. Reactive programming allows you to build systems that are resilient to high load.
In this session, I'll show you how to use JHipster to create a reactive microservices architecture with Spring Boot, Spring Cloud, Keycloak, and run it all in Docker. You will leave with the know-how to create your own resilient apps!
Related blog post: https://developer.okta.com/blog/2021/01/20/reactive-java-microservices
YouTube demo: https://youtu.be/clkEUHWT9-M
GitHub repo: https://github.com/oktadev/java-microservices-examples/tree/main/reactive-jhipster
Comparing Native Java REST API Frameworks - Devoxx France 2022Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!! What about Helidon?
There are a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, Spring Boot, and Helidon. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Helidon companion post: https://developer.okta.com/blog/2022/01/06/native-java-helidon
GitHub repo: https://github.com/oktadev/native-java-examples
Lock That Sh*t Down! Auth Security Patterns for Apps, APIs, and Infra - Devne...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Native Java with Spring Boot and JHipster - Garden State JUG 2021Matt Raible
Do you want to deploy your Spring Boot apps in a serverless environment and have them start up in milliseconds? Of course, you do!
In this talk, Josh Long and Matt Raible will introduce you to Spring Native. They'll teach you all about how it can compile Spring Boot apps into native binaries that start faster than a speeding bullet! You'll learn about native testing support with JUnit 5 and the pros and cons of native vs JVM deployments.
This talk will also highlight a customer, the JHipster project. JHipster generates Spring Boot-based monoliths and microservices. You'll learn about the project's experience with Spring Boot, Spring Cloud, Spring WebFlux, and Spring Native. It ain't easy being a Java Hipster, but the Spring ecosystem does simplify the process quite a bit.
Recording on YouTube: https://youtu.be/k6nBB8FOmQ8
Examples on GitHub: https://github.com/mraible/spring-native-examples
Writeup on LinkedIn: https://www.linkedin.com/pulse/jhipster-works-spring-native-part-2-matt-raible/
Java REST API Framework Comparison - PWX 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Web App Security for Java Developers - PWX 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Keycloak, Auth0, and Okta.
Mobile App Development with Ionic, React Native, and JHipster - Connect.Tech ...Matt Raible
Mobile development offers a lot of options. To develop native apps, you can use Java or Kotlin on Android. On iOS, you can use Objective C or Swift. There are other options, too. You can build hybrid mobile apps and Progressive Web Apps (PWAs). Hybrid mobile apps are those created with web technologies (HTML, JavaScript, and CSS) that look like native apps. PWAs have the ability to work offline and act like mobile apps.
In this talk, we'll explore a few different mobile technologies: PWAs, React Native, and Ionic (with Angular). You'll walk away with knowledge of how to build mobile + Spring Boot apps in minutes with JHipster.
* GitHub repo: https://github.com/mraible/mobile-jhipster
* Demo script: https://github.com/mraible/mobile-jhipster/blob/main/demo.adoc
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Joker...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open-source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Delivered at JokerConf on October 28, 2021 at 11am MDT: https://jokerconf.com/en/talks/lock-that-sh*t-down-auth-security-patterns-for-apps-apis-and-infra/
Web App Security for Java Developers - UberConf 2021Matt Raible
Web app security is not just authentication and authorization. It's also the things you do to protect your web app from attackers with their XSS (cross-site scripting), SQL injection, DoS/DDoS attacks, and CSRF (cross-site request forgery), to name a few.
Web app security is a central component of any web-based business. The internet exposes web apps to attacks from different locations and various levels of scale and complexity. Web application security deals specifically with the security surrounding websites, web applications, and web services such as APIs.
In this presentation, you'll learn seven ways to better web app security, using Spring Security for code samples. You'll also see some quick demos of Spring Boot, Angular, and JHipster with Okta.
Java REST API Framework Comparison - UberConf 2021Matt Raible
Use Spring Boot! No, use Micronaut!! Nooooo, Quarkus is the best!!!
There's a lot of developers praising the hottest, and fastest, Java REST frameworks: Micronaut, Quarkus, and Spring Boot. In this session, you'll learn how to do the following with each framework:
✅ Build a REST API
✅ Secure your API with OAuth 2.0
✅ Optimize for production with Docker and GraalVM
I'll also share some performance numbers and pretty graphs to compare community metrics.
Related blog post: https://developer.okta.com/blog/2021/06/18/native-java-framework-comparison
Native Java with Spring Boot and JHipster - SF JUG 2021Matt Raible
Do you want to deploy your Spring Boot apps in a serverless environment and have them start up in milliseconds? Of course, you do!
In this talk, Josh Long and Matt Raible will introduce you to Spring Native. They'll teach you all about how it can compile Spring Boot apps into native binaries that start faster than a speeding bullet! You'll learn about native testing support with JUnit 5 and the pros and cons of native vs JVM deployments.
This talk will also highlight a customer, the JHipster project. JHipster generates Spring Boot-based monoliths and microservices. You'll learn about the project's experience with Spring Boot, Spring Cloud, Spring WebFlux, and Spring Native. It ain't easy being a Java Hipster, but the Spring ecosystem does simplify the process quite a bit.
Recording on YouTube: https://youtu.be/F9oydL_MndA
Examples on GitHub: https://github.com/mraible/spring-native-examples
Writeup on LinkedIn: https://www.linkedin.com/pulse/jhipster-works-spring-native-matt-raible/
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Matt Raible
In this session, you'll learn about recommended patterns for securing your backend APIs, the infrastructure they run on, and your SPAs and mobile apps.
The world is no longer a place where you just need to secure your apps’ UI. You need to pay attention to your dependency pipeline and open source frameworks, too. Once you have the app built, with secure-by-design code, what about the cloud it runs on? Are the servers secure? What about the accounts you use to access them?
If you lock all that sh*t down, how do you codify your solution so you can transport it cloud-to-cloud, or back to on-premises? This session will explore these concepts and many more!
Reactive Java Microservices with Spring Boot and JHipster - Denver JUG 2021Matt Raible
Microservice architectures are all the rage in JavaLand. They allow teams to develop services independently and deploy autonomously.
Why microservices?
IF
you are developing a large/complex application
AND
you need to deliver it rapidly, frequently, and reliably over a long period of time
THEN
the Microservice Architecture is often a good choice
Reactive architectures are becoming increasingly popular for organizations that need to do more, with less hardware. Reactive programming allows you to build systems that are resilient to high loads.
In this session, I'll show you how to use JHipster to create a reactive microservices architecture with Spring Boot, Spring Cloud, Keycloak, and run it all in Docker. You will leave with the know-how to create your own resilient apps!
Related blog post: https://developer.okta.com/blog/2021/01/20/reactive-java-microservices
YouTube demo: https://youtu.be/clkEUHWT9-M
YouTube recording: https://youtu.be/8OuZMFyh0xE
GitHub repo: https://github.com/oktadev/java-microservices-examples/tree/main/reactive-jhipster
Get Hip with JHipster - Colorado Springs Open Source User Group 2021Matt Raible
JHipster is bad-ass. It's an Apache-licensed open source project that allows you to generate Spring Boot APIs and Angular (or React/Vue) apps. It has a vibrant community and ecosystem with support for deploying to many cloud providers and using the latest DevOps buzzwords, like Docker and K8s.
This session will show you JHipster, why it's cool, and show you how to create an app with it.
JHipster 7 Demo: https://www.youtube.com/watch?v=6lf64CctDAQ
JHipster 7 Tutorial: https://github.com/mraible/jhipster7-demo#readme
JHipster and Okta - JHipster Virtual Meetup December 2020Matt Raible
YouTube video: https://www.youtube.com/watch?v=ym-OPn4e_nQ
When I first started working at Okta, I refactored JHipster's OAuth support to move from authentication on the client to the server, leveraging Spring Security. This allowed for easier client integration since we didn't need to worry about finding an OIDC client for each frontend framework.
Fast forward four years and JHipster's OAuth 2.0 and OIDC support is first-class! It uses Keycloak in a Docker container by default, but it's easy to switch to another identity provider (IdP) thanks to Spring Boot. Other blueprints like Micronaut, Quarkus, Node.js, and .NET support OAuth and OIDC too!
This presentation explains what OAuth 2.0 and OIDC is, gives an overview of JHipster’s OAuth implementation, and provides three quick demos with Keycloak, the Okta CLI, and Heroku.
See https://developer.okta.com/blog/tags/jhipster for Okta + JHipster tutorials and screencasts! 邏
You also might enjoy my What the Heck is OAuth? blog post:
https://developer.okta.com/blog/2017/06/21/what-the-heck-is-oauth
Multimodal Retrieval Augmented Generation (RAG) with MilvusZilliz
We've seen an influx of powerful multimodal capabilities in many LLMs. In this talk, we'll vectorize a dataset of images and texts into the same embedding space, store them in Milvus, retrieve all relevant data using multilingual texts and/or images and input multimodal data as context into GPT-4o.
Sustainability requires ingenuity and stewardship. Did you know Pigging Solutions pigging systems help you achieve your sustainable manufacturing goals AND provide rapid return on investment.
How? Our systems recover over 99% of product in transfer piping. Recovering trapped product from transfer lines that would otherwise become flush-waste, means you can increase batch yields and eliminate flush waste. From raw materials to finished product, if you can pump it, we can pig it.
Artificial Intelligence (AI), Robotics and Computational fluid dynamicsChintan Kalsariya
Dive into the intersection of Artificial Intelligence (AI), Robotics, and Computational Fluid Dynamics (CFD) in pharmaceutical sciences. This presentation provides a comprehensive overview, from the foundational principles to advanced applications in pharmaceutical automation. Explore the transformative impact of AI and robotics on drug discovery, manufacturing, and delivery, alongside CFD's role in optimizing processes. Delve into the advantages and disadvantages of integrating these technologies, uncover current challenges, and envision future directions shaping the future of pharmaceutical innovation.
This presentation will explore the intersection of artificial intelligence, robotics, and computational fluid dynamics in the context of pharmaceutical automation. We will provide an overview of these technologies, discuss their applications in the pharmaceutical industry, highlight the advantages and disadvantages of their use, and examine current challenges and future directions.
The integration of artificial intelligence, robotics, and computational fluid dynamics in pharmaceutical automation has the potential to revolutionize the industry, improving efficiency, safety, and quality control. However, challenges related to data management, standardization, workforce adaptation, and regulatory compliance must be addressed. The future of pharmaceutical automation lies in the continued development and integration of these technologies, leading to more efficient, reliable, and innovative drug manufacturing processes.
AI in Pharmaceutical Industry
Pharmaceutical Automation
Robotics in Pharma
Computational Fluid Dynamics (CFD)
Drug Discovery
Pharmaceutical Manufacturing
Pharmaceutical Applications
Advantages of AI and Robotics
Disadvantages of AI and Robotics
Challenges in Pharmaceutical Automation
Future of AI and Robotics in Pharma
Artificial Intelligence
Robotics
Computational Fluid Dynamics
Pharmaceutical Automation
Drug Discovery
Manufacturing Optimization
AI in Healthcare
Robotics in Pharmaceuticals
CFD Applications
Pharmaceutical Industry
Advantages of AI
Disadvantages of Robotics
Challenges in CFD
Future of AI in Pharma
Automation Trends
Building an Agentic RAG locally with Ollama and MilvusZilliz
With the rise of Open-Source LLMs like Llama, Mistral, Gemma, and more, it has become apparent that LLMs might also be useful even when run locally. In this talk, we will see how to deploy an Agentic Retrieval Augmented Generation (RAG) setup using Ollama, with Milvus as the vector database on your laptop. That way, you can also avoid being Rate Limited by OpenAI like I have been in the past.
Dev Dives: Mining your data with AI-powered Continuous DiscoveryUiPathCommunity
Want to learn how AI and Continuous Discovery can uncover impactful automation opportunities? Watch this webinar to find out more about UiPath Discovery products!
Watch this session and:
👉 See the power of UiPath Discovery products, including Process Mining, Task Mining, Communications Mining, and Automation Hub
👉 Watch the demo of how to leverage system data, desktop data, or unstructured communications data to gain deeper understanding of existing processes
👉 Learn how you can benefit from each of the discovery products as an Automation Developer
🗣 Speakers:
Jyoti Raghav, Principal Technical Enablement Engineer @UiPath
Anja le Clercq, Principal Technical Enablement Engineer @UiPath
⏩ Register for our upcoming Dev Dives July session: Boosting Tester Productivity with Coded Automation and Autopilot™
👉 Link: https://bit.ly/Dev_Dives_July
This session was streamed live on June 27, 2024.
Check out all our upcoming Dev Dives 2024 sessions at:
🚩 https://bit.ly/Dev_Dives_2024
In this follow-up session on knowledge and prompt engineering, we will explore structured prompting, chain of thought prompting, iterative prompting, prompt optimization, emotional language prompts, and the inclusion of user signals and industry-specific data to enhance LLM performance.
Join EIS Founder & CEO Seth Earley and special guest Nick Usborne, Copywriter, Trainer, and Speaker, as they delve into these methodologies to improve AI-driven knowledge processes for employees and customers alike.
Distributed System Performance Troubleshooting Like You’ve Been Doing it for ...ScyllaDB
Troubleshooting performance issues across distributed systems can be intimidating if you don’t know where to start, and it’s even harder when the system is running on hundreds or thousands of nodes. We’re well past the point of logging into random nodes and poking around hoping we spot the problem. It’s critical to have a methodology to follow as well as a deep understanding of the tools that are available to help you prove (or disprove) your mental model.
In this session, we’ll explore how to go about diagnosing performance problems you might run into, and teach you the tools and process for getting to the bottom of any issue, quickly -- even when it’s one of the biggest distributed database deployments on the planet.
Navigating Post-Quantum Blockchain: Resilient Cryptography in Quantum Threatsanupriti
In the rapidly evolving landscape of blockchain technology, the advent of quantum computing poses unprecedented challenges to traditional cryptographic methods. As quantum computing capabilities advance, the vulnerabilities of current cryptographic standards become increasingly apparent.
This presentation, "Navigating Post-Quantum Blockchain: Resilient Cryptography in Quantum Threats," explores the intersection of blockchain technology and quantum computing. It delves into the urgent need for resilient cryptographic solutions that can withstand the computational power of quantum adversaries.
Key topics covered include:
An overview of quantum computing and its implications for blockchain security.
Current cryptographic standards and their vulnerabilities in the face of quantum threats.
Emerging post-quantum cryptographic algorithms and their applicability to blockchain systems.
Case studies and real-world implications of quantum-resistant blockchain implementations.
Strategies for integrating post-quantum cryptography into existing blockchain frameworks.
Join us as we navigate the complexities of securing blockchain networks in a quantum-enabled future. Gain insights into the latest advancements and best practices for safeguarding data integrity and privacy in the era of quantum threats.
The presentation will delve into the ASIMOV project, a novel initiative that leverages Retrieval-Augmented Generation (RAG) to provide precise, domain-specific assistance to telecommunications engineers and technicians. The session will focus on the unique capabilities of Milvus, the chosen vector database for the project, and its advantages over other vector databases.
Attending this session will give you a deeper understanding of the potential of RAG and Milvus DB in telecommunications engineering. You will learn how to address common challenges in the field and enhance the efficiency of their operations. The session will equip you with the knowledge to make informed decisions about the choice of vector databases, and how best to use them for your use-cases
The document discusses fundamentals of software testing including definitions of testing, why testing is necessary, seven testing principles, and the test process. It describes the test process as consisting of test planning, monitoring and control, analysis, design, implementation, execution, and completion. It also outlines the typical work products created during each phase of the test process.
AI_dev Europe 2024 - From OpenAI to Opensource AIRaphaël Semeteys
Navigating Between Commercial Ownership and Collaborative Openness
This presentation explores the evolution of generative AI, highlighting the trajectories of various models such as GPT-4, and examining the dynamics between commercial interests and the ethics of open collaboration. We offer an in-depth analysis of the levels of openness of different language models, assessing various components and aspects, and exploring how the (de)centralization of computing power and technology could shape the future of AI research and development. Additionally, we explore concrete examples like LLaMA and its descendants, as well as other open and collaborative projects, which illustrate the diversity and creativity in the field, while navigating the complex waters of intellectual property and licensing.
Test Management as Chapter 5 of ISTQB Foundation. Topics covered are Test Organization, Test Planning and Estimation, Test Monitoring and Control, Test Execution Schedule, Test Strategy, Risk Management, Defect Management
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/07/intels-approach-to-operationalizing-ai-in-the-manufacturing-sector-a-presentation-from-intel/
Tara Thimmanaik, AI Systems and Solutions Architect at Intel, presents the “Intel’s Approach to Operationalizing AI in the Manufacturing Sector,” tutorial at the May 2024 Embedded Vision Summit.
AI at the edge is powering a revolution in industrial IoT, from real-time processing and analytics that drive greater efficiency and learning to predictive maintenance. Intel is focused on developing tools and assets to help domain experts operationalize AI-based solutions in their fields of expertise.
In this talk, Thimmanaik explains how Intel’s software platforms simplify labor-intensive data upload, labeling, training, model optimization and retraining tasks. She shows how domain experts can quickly build vision models for a wide range of processes—detecting defective parts on a production line, reducing downtime on the factory floor, automating inventory management and other digitization and automation projects. And she introduces Intel-provided edge computing assets that empower faster localized insights and decisions, improving labor productivity through easy-to-use AI tools that democratize AI.
GDG Cloud Southlake #34: Neatsun Ziv: Automating AppsecJames Anderson
The lecture titled "Automating AppSec" delves into the critical challenges associated with manual application security (AppSec) processes and outlines strategic approaches for incorporating automation to enhance efficiency, accuracy, and scalability. The lecture is structured to highlight the inherent difficulties in traditional AppSec practices, emphasizing the labor-intensive triage of issues, the complexity of identifying responsible owners for security flaws, and the challenges of implementing security checks within CI/CD pipelines. Furthermore, it provides actionable insights on automating these processes to not only mitigate these pains but also to enable a more proactive and scalable security posture within development cycles.
The Pains of Manual AppSec:
This section will explore the time-consuming and error-prone nature of manually triaging security issues, including the difficulty of prioritizing vulnerabilities based on their actual risk to the organization. It will also discuss the challenges in determining ownership for remediation tasks, a process often complicated by cross-functional teams and microservices architectures. Additionally, the inefficiencies of manual checks within CI/CD gates will be examined, highlighting how they can delay deployments and introduce security risks.
Automating CI/CD Gates:
Here, the focus shifts to the automation of security within the CI/CD pipelines. The lecture will cover methods to seamlessly integrate security tools that automatically scan for vulnerabilities as part of the build process, thereby ensuring that security is a core component of the development lifecycle. Strategies for configuring automated gates that can block or flag builds based on the severity of detected issues will be discussed, ensuring that only secure code progresses through the pipeline.
Triaging Issues with Automation:
This segment addresses how automation can be leveraged to intelligently triage and prioritize security issues. It will cover technologies and methodologies for automatically assessing the context and potential impact of vulnerabilities, facilitating quicker and more accurate decision-making. The use of automated alerting and reporting mechanisms to ensure the right stakeholders are informed in a timely manner will also be discussed.
Identifying Ownership Automatically:
Automating the process of identifying who owns the responsibility for fixing specific security issues is critical for efficient remediation. This part of the lecture will explore tools and practices for mapping vulnerabilities to code owners, leveraging version control and project management tools.
Three Tips to Scale the Shift Left Program:
Finally, the lecture will offer three practical tips for organizations looking to scale their Shift Left security programs. These will include recommendations on fostering a security culture within development teams, employing DevSecOps principles to integrate security throughout the development