Dev, Cloud & Security

As more of the world uses the magic of applications to get things done there is an ever-increasing threat from those who would use your code to do harm. Security vulnerabilities are real and can have a significant impact on your employment. In this session, we will review the most significant threats to your applications and learn techniques to harden your applications against them. We will also cover some techniques that can improve your security standing before you even write the first line of code.

Public cloud services have become increasingly popular. We'll take a look at trends, use cases, and differences between hosting services before wrapping up with a discussion of public cloud security. 

We'll discuss how developing RESTful APIs enables services from your team's resources to be utilized by other teams while also allowing for automated testing of the services you provide. 

The speaker has been working on an in-house private cloud solution where Linux virtual machines running on the IBM mainframe are made available to application development and solution teams. The solution offers 'self-service' to the end-user teams and allows for a 'single pane of glass' across the enterprise.

The talk is designed to promote the idea of using semantic I/O as abstraction and discusses the implications for traditional computing paradigms from doing so. 

Bitcoin is the newest technology to serve the function of money. It is an invention for the digital age designed to solve a problem that has persisted for all of humanity’s existence: how to move economic value across time and space. Drawing upon research presented in Saifedean Ammous’ book, The Bitcoin Standard: The Decentralized Alternative to Central Banking, Ms. Daverington will discuss the history of money and share thoughts on Bitcoin from her perspective as an attorney and cryptoasset investment advisor. 

An overview of the 1C:Enterprise - a development platform, which is withal a unique business development framework, enabling business to create required applications really fast. 1C:Enterprise has the breadth of capability to address the diverse needs of today’s business of any scale, and it also dramatically changes the developer’s role in a project. This is achieved through "configurability" – the ability to customize the system based on the specific needs of companies and their business processes. 1C:Enterprise is more than just a solution automating fixed business rules.

Too often, content authors are the last to meet their tool of work. Despite all the effort focused on UX/UI for the end users, the needs of content authors are still often neglected. In this talk, we'll discuss the needs of content authors, what initiatives are across open source CMSs (Drupal, Wordpress, Contentful) and how tools such as OpenStory can open a new type of SaaS offering: Content As a Service. 

Join us for an unvarnished, broad level presentation about threat and risk considerations for technologists whether it is the development of their products/projects or in their personal use of technology. We'll discuss the cybersecurity mindset and how to apply it, starting with non-technical approaches and moving onto cybersecurity technologies and methodologies.

Overview of daily common and less common tasks and challenges a UX designer might face on the job. How to apply UX design processes and tools to create designs that are fully integrated into the development process and with that help improve communication between cross-functional teams and team members. 

The Open Web Application Security Project (OWASP) Top 10 for 2017 is based primarily on 40+ data submissions from firms that specialize in application security and an industry survey that was completed by 515 individuals. This data spans vulnerabilities gathered from hundreds of organizations and over 100,000 real-world applications and APIs. The Top 10 items are selected and prioritized according to this prevalence data, in combination with consensus estimates of exploitability, detectability, and impact.

This presentation covers observations and best practices related to supply chain hygiene in code development, infrastructure choices for “as a platform” architectures (IaaS, PaaS, SaaS), and concerns about open and closed sources. This session will benefit developers and infrastructure architects/engineers.

Traditional cybersecurity solutions are inadequate faced with today’s threat landscape. Effective protection requires a well-planned security stack, an integrated, layered set of services, designed to minimize risk, and facilitate business continuity and data recovery.

The discussion will include:

We’ll have a series of technical challenges where points are awarded for every solved task. The more complicated the task, the more points! Developers and administrators new to games will enjoy this workshop.

1C:Enterprise is a business-oriented development platform, which empowers thousands of developers worldwide with a comprehensive toolkit to build flexible and customizable business solutions. The workshop by evangelist Konstantin Rupasow is a perfect starting point for your 1C:Enterprise journey.

During the workshop, you will:

Once upon a time, organizations created a website and encouraged people to visit. Traffic was king. Nowadays, content is everywhere and the people engage on multiple platforms in a myriad of ways. What are the emerging trends in content "management"? Spoiler: It's systems! How can Hudson Valley organizations begin to take advantage of these opportunities? Where are the pitfalls and how do you avoid them?

The SecDevOps-Cuse/CyberRange aims to be an open-source offensive/defensive security project providing aspiring & experienced cyber security professionals a bootstrap framework. It serves to automate the creation of a private training lab in AWS. This talk reviews the project’s underlying technology components, identifies the dependencies, then outlines both use-cases & learning opportunities. The ultimate goal is to introduce a safe environment where security professionals work to expand their vulnerability management, cloud computing, & offensive security knowledge