As developers, we continually put third-party code snippets into our organization’s websites to run features like chatbots, analytics, and payment gateways. However, these scripts have become a significantly increasing attack vector for cybercriminals—putting user data and businesses at risk. From the infamous British Airways breach to the recent Kaiser Permanente incident (and many more in between), the consequences of failing to secure these code vulnerabilities aren’t for the faint of heart.
In this Dev Innovation Summit session, we’ll dive deep into the unique challenges posed by the third-party code scripts that run behind the scenes in your user’s browsers. You’ll gain a technical understanding of how exactly these attacks occur and why they’ve been so difficult to monitor and secure. Through real-world examples and case studies, the talk will explore the tactics hackers employ to exploit these code vulnerabilities.
Simon Wijckmans is the CEO and co-founder of c/side. His career has focused on web security, product management, cloud solutions, and developer experience. His technical experience includes work at Cloudflare, Vercel, and Microsoft.
Venkatesh Kunchenapalli, Senior Devops and Infrastructure Engineer
In the rapidly evolving landscape of software development, the pressure on development teams to deliver high-quality applications swiftly is ever-increasing. This scenario often burdens developers with undifferentiated tasks, hindering their productivity and focus on core application development. Platform engineering, facilitated by Internal Developer Portals (IDP), presents a strategic approach to alleviating these challenges by automating infrastructure management and providing pre-configured tools and environments. Venkatesh Kunchenapalli's experience at Wipro, USA, has demonstrated significant enhancements in developer efficiency through the adoption of IDPs. This paper discusses the implementation of a self-service platform that automatically provisions GitHub repositories, CI/CD pipelines, and cloud infrastructure using templates tailored for various project types such as Java, Node.js, and Python. The automated setup includes comprehensive workflows for Terraform, Docker, and Kubernetes, ensuring environments are ready for immediate use. Key findings from our internal evaluations reveal a substantial improvement in productivity, with a 40-50% reduction in manual hours required for project setups, directly translating to an increase in the speed of application delivery. For instance, web application development saw man-hours reduced from 200 to 120, achieving a 40% productivity gain. Similarly, API service projects noted a 50% reduction, from 160 to 80 man-hours. Further, the introduction of IDPs has led to a notable increase in developer satisfaction, with survey results showing an improvement from 60 to 85 out of 100, marking a 42% increase in developer contentment post-implementation. These enhancements are supported by a robust support system that addresses issues through data-driven insights and proactive template updates, ensuring the IDP remains effective and relevant. This paper underscores the critical role of platform engineering in modern software development by demonstrating how it can significantly enhance developer experience and operational efficiency, thereby fostering faster and more effective application development cycles.
Venkatesh Kunchenapalli is a seasoned DevOps Engineer with over 15 years of extensive experience in various technical roles, including Site Reliability Engineer and Build and Release Engineer. He holds a Master of Science in Computer Engineering from California State University, Long... Read More →
With the AI craze taking over the world, a race is on to develop capable autonomous AI agents. For these agents to offer meaningful capabilities - they need to integrate with the outside world to get access to current information and be able to take actions on behalf of users. Two common approaches battle on for this - creating API integrations and using screen scraping. Each approach has advantages and risks - this session will introduce both approaches in depth, provide real world technical examples, and discuss when to choose which one!
Part of Forbes 30 Under 30 list, he's a 2017 Thiel Fellow. Previously, he was a Co-organizer of Hacking Gen Y. Iddo has been programming since he was a kid and continues to contribute to open-source projects. Originally from Haifa, Israel, Iddo is based in San Francisco, CA.
Alain Chautard, Angular Training, Expert Web Consultant
We will test a web application from scratch using Cypress. Step by step, we will learn about Cypress features, implement those in our tests. We will be testing various aspects of the application (navigation, clicks, user input), and see how to debug and improve our tests, make then more readable, and even how to mock the server-side in order to test more scenarios on the front-end.
Alain is a Google Developer Expert in Angular and Maps platform. He started working with Angular JS in 2011.Since then, he has worked with all Angular versions daily, both as a developer and as a technical trainer. He runs the Angular certification program for Angular Training.He... Read More →
Rust has been the most loved programming language for the past eight years, as highlighted by StackOverflow's developer survey. Its acclaim is backed by adoption from tech giants like Microsoft, Google, and Meta. Rust's blend of expressiveness, performance, safety, and fearless concurrency makes it ideal for multi-core CPUs. Additionally, Rust's ability to compile into WebAssembly enables seamless execution in browsers and edge computing environments.
Mastering Rust can be challenging, especially for developers with a background in non-system languages. Adopting Rust with the right mindset and suitable projects is crucial for a smooth transition and successful implementation.
In this talk, we will explore Rust's core principles and provide practical guidance for developers experienced in Java, TypeScript, and like languages. We will highlight projects where Rust excels, offering high value with minimal risk.
Ramnivas leads the development of Exograph, a declarative approach to implementing backends. He has led innovation in Spring Framework and Cloud Foundry since their beginning. Ramnivas is the author of AspectJ in Action, the best-selling book on aspect-oriented programming lauded... Read More →
Discover how Generative AI can revolutionize developer productivity, enabling teams to achieve unprecedented efficiency. This talk will explore cutting-edge AI tools and techniques that automate repetitive tasks, optimize code, and streamline workflows. Attendees will learn practical strategies to integrate Generative AI into their development processes, boosting creativity and accelerating project timelines. Ideal for software developers, team leads, and tech enthusiasts looking to harness the power of AI to enhance their productivity and deliver high-quality software faster.
Gautam is a technology leader with 16 years of experience in building and delivering technology solutions in data engineering, AI/ML modeling and cloud.He has worked in multiple geographies across Europe, Asia and USA. He is a seasoned professional in Fintech and Telcom billing domains... Read More →
In this session, Robert Krohn SVP Engineering at ServiceNow will examine how software teams can become expert practitioners of DevOps at scale. Starting with a DevOps overview, the keynote will then examine best practices for engineers to develop, deploy and operate the code they build for products that reach millions of customers every day. For products that require stringent uptime, have complex architecture and multi-tenancy, the goal is to operationalize a DevOps model.
