...never mind, I'll do it myself!
In a competitive working environment, peers compete fiercely to be the best, leading to a natural isolation to achieve more on their own. However, mature teams grow with each individual contributing towards a shared goal. Each with their speciality, experience and appetite, sharing what they know and helping each other. The result is a strong performing team, united and achieving way beyond the sum of its members.
A Pragmatic Approach to Software Supply Chain Security
At the start of this year, two major security incidents impacted developers: log4shell and spring4shell. Both involved trusted standard Java libraries that turned out to have critical vulnerabilities, and both led to headaches and long hours for developers and security staff alike. These are only the tip of the iceberg when it comes to software supply chain issues though – malicious attackers, unsuitable licences and deprecated code can all lead to problems in stuff that used to “just work”. So, what can you do about it?
Having worked on both sides of the security fence, I’ve seen all the challenges of software composition analysis, and the importance of taking a “big picture” view of your development toolchain. In this talk I’ll use log4shell as an example of how software supply chains can go wrong and talk about what you can do when it does. I’ll also go through all the elements of the software supply chain, talk about how (despite what sales teams might tell you) there’s no single simple solution to this, and show you how to manage your risk in an achievable way. You’ll leave with concrete steps you can take to improve not just the security but the reliability of your software delivery process, and an understanding of what you can do the next time something like log4shell comes along.
Batteries Might be Included
Starting a new web project can always be a mammoth task. Which framework/library to choose, what about additional utility libraries. Do you go with a framework that includes most of what you need like Angular or something less opinionated like React? What about starter kits? Which to choose? Maybe pick an off the shelf solution like NextJS or Create React App.
Let’s dig into the world of opinionated and unopionatated web applications and see if you need the batteries included or not.
Breaking down silos with InnerSource
InnerSource, or the use of open source methods inside a firewall, is emerging as the best way to facilitate collaborative development within large corporate organizations. It breaks down silos and enables distributed teams to innovate faster. It appeared on the latest Gartner Hype cycle for the first time in 2022 as an emerging practice globally. It also has proven to be a great step on the path to open source readiness for organizations who wish to begin working in the open. In this session, we will be joined by Clare Dillon, Executive Director of InnerSource Commons, the world’s largest community of InnerSource practitioners. Clare will give an introduction to the practice of InnerSource and share some of the latest trends on where and how it is being used.
Building 3D Scenes for the Web with React Fiber
Three.js is probably the most popular library for building 3D experiences on the web so what happens when you throw React into the mix? Three.js can seem daunting to work with so this talk will delve into some of the reasons you might want to use React as an abstraction on top of it in the form of React Three Fiber.
Building for VR in the Browser
Virtual Reality (VR) has evolved in recent years. No longer a cyberpunk fantasy, we can immerse ourselves in other worlds for entertainment, education, art and science. The industry saw fresh growth during COVID lockdowns, and the next generation of hardware is now on the horizon.
While the barrier to entry for consumers gets lower, starting as a VR creator can be daunting. Despite the accessibility and power of modern creation engines, the learning curve can still be steep. There is another way, though.
Join me for a beginner’s dive into creating for VR in the browser. We will explore the creation of environments and interactive elements, using web technologies and established VR best practices. Sit back, relax, and let’s jack in - no headset (or brain implants) required.
Championing Accessibility by Building a Community
How do we create more accessible experiences for users of digital products and services? Where do we begin if this is new territory? This talk will look at some of the key challenges of building accessibility into digital estates and explore how creating an accessibility community that welcomes all disciplines can make those challenges much less daunting.
CouchDB - when, where and why?
A quick talk about the pros and cons of CouchDB, a niche but powerful when used correctly database.
CouchDB is a distributed document store which is believed by some to be one of the first major NoSQL databases to find a place in large scale enterprise deployments.
Talk will focus on experience of using CouchDB in a large scale production environment for two years now with take-aways around:
- What has worked well, discussing data replication features, sharding, clustering, redundancy and scaling.
- What hasn’t worked well, such as trying to handle data with OLAP needs (highly query-able, very relational) with CouchDB - virtualised deployments vs bare-metal deployments and so on.
- Discussing how CouchDB can be very query-able at scale, using search indexes based on Lucene.
Key learnings will cover what I’ve found CouchDB is incredibly good at, some of these putting it in a very unique position, such as deploying multi-tenant data in a very secure and segregated manner. This will be somewhat specific to our use-case at Budibase as it is a perfect example of what CouchDB is good at (a direct quote from Jan Lehnardt one of the creators of CouchDB).
Cracking the Furby code: The path to evolve an icon
It’s 1998. It’s the year of Britney Spears, The Spice Girls, the first Google Doodle, and the year Titanic dominated the box office.
It’s also the year Hasbro gifted us with the Furby, the first successful attempt at an interactive robot pet. It divided the playground, created a generation of spooky sleepover stories and sparked the xmas riots of 99’.
20 years on, creatives and engineers have started to crack the secrets of the Furby, evolving and unlocking its full potential using today’s technology.
During this session, The speaker will talk about their journey cracking the Furby code, revealing the software and hardware secrets that made it the toy of the millennium and how you too can reanimate your childhood Furby friend.
Data is Business, Business is Data
Data is at the core of the things we do as developers. This talk goes back to the start, what data is and how we can use it for business benefit.
I’ll cover how customer loyalty data is created and then used. How Tinder originally used a formula to create matches based on chess player ranking. And what happens when vendors and startups cross the creepy line and use the data against us.
What’s the long term value of a customer using a cardboard loyalty card? We can figure that out. I’ll show you how. Then also talk about where data, ethics and the use is heading.
This is a high level talk, so no programming experience is required.
DevOps: Dynamic branching strategy via IAC for serverless function development
Discuss how I used Azure Devops and Terraform to create a dynamic branching strategy in order to speed up the development of serverless functions in Azure.
Expectations vs Reality: Parsing files is difficult given vague definitions and an adversarial envir
Saying to the customers the email or file isn’t valid according to the definitions in the RFC or file format reference is problematic when they turn around and can say “Product X opens it and …”. This is especially difficult when Product X is made by the same people who wrote the RFC or reference documentation. We will look at a few common file formats where this is an issue.
Extending serverside applications with WebAssembly
You’ve been there. Searching for that missing API. Knowing you’d be done already if you could inject just a little bit of custom logic into an existing service.
…And knowing that your users face the same struggle with your application.
This talk explores how WebAssembly’s ability to safely execute user-provided code is powering a new wave of application extensibility.
We’ll take a critical look at server-side WebAssembly in production with an emphasis on its security, performance, and ergonomics. You’ll leave understanding what WebAssembly is, what it’s good at, what it’s NOT good at, how it compares to alternative solutions, and what to expect from the broader WebAssembly ecosystem in the coming year.
This talk is appropriate for anyone with an interest in understanding WebAssembly, but is most relevant for people working in backend, full-stack, or devops roles.
Feature Flagging with Harness
Feature Flags are a common tool in a developers toolbox. They make it easy to hide new features still under development.
Harness Feature Flags adds even more power, using a Feature Flag SDK features can be dynamically turned off/on in production, custom rules can be used to turn features on for certain segments of users and progressive rollouts allows new features to be gradually rolled out.
This talk is a brief introduction into getting started using Harness Feature Flags
Fighting Bots with Python and Machine Learning
Over lockdown, I re-explored old games that I had played in the past, one of them being League of Legends. One thing that interested me in particular is people using automated scripts or bots to play the game for them, often times to get the account to the lowest rank possible, and sell those accounts on for a substantial amount of money. This behaviour ruins the game experience for the rest of the players in the team, and so faced with this problem I aim to present a potential solution, using Python and machine learning libraries. As this is my first proper experience using machine learning in Python, I hope to share my insights on what I have learnt from my personal project and what you can take away from my experiences.
Giving your colleagues superpowers with autonomy and automation
Just as Hephaestus built tools for the Gods, you too can create tools that give your team superpowers. Creating an environment where each team has the autonomy and capabilities to perform their jobs quickly and reliably is key to having a scalable business, reducing toil and avoiding team-based bottlenecks.
In this session we’ll look at creating an automation platform from scratch, creating a sample job and running it. The goal of this talk is to spark some ideas about opportunities for improved velocity at your work place and to show that it’s possible to get going without too much effort.
How to secure privileged accounts across your org without causing a riot (with bonus mechs)
The idea that security is important is frequently disrupted by people who just need to get on with their normal workflow and have become used to a certain level of privilege. But the most powerful digital identities in your business are the ones with the potential to cause the most damage if compromised. So how do we secure them, and how do we do it in a way that people will accept?
This talk skews towards Azure but covers general concepts.
ID verification - who can you trust?
In an ever-evolving digital world trusting that someone is who they say they are, is harder than ever before. Checking somebodies' identity can involve a lot of manual checks and can be prone to human bias! As we move into the future with more remote jobs and even towards the metaverse, being able to perform automated identification checks has become more important! Whether you are an employer verifying someone’s identity during recruitment or even a social media platform looking to switch to ID verification! Identity documentation can differ over time and between countries, so follow me on this journey of building a scalable, secure, and adaptive service utilising services such as AWS Lambda, API Gateway and SQS.
In-Memory Integration Testing
In search of the best of both worlds in automated testing: Although the value of automated testing is almost universally accepted, teams that shoot for good coverage often end up with a mixture of cumbersome, mock-heavy unit test fixtures and long-running monolithic automation test suites. In-Memory Integration Testing is about finding ways to test an entire service, running exactly as it would in the wild, but before it has even been deployed. By testing in a CI build using unit test runners, but exercising the whole application, we can shift left for earlier feedback and more confidence of continuously deploying software that works.
Innovation in Esports - How do you build a backend that can win championships?
Evil Geniuses is one of the oldest esports teams in gaming, and we have a secret weapon that gives us an edge over our competitors: a full software engineering, data science and product team. But what are those engineers and data scientists actually working on?
We’re going to talk a little bit about our current tech & data initiatives, how we helped our League of Legends team win the teams first ever championship, the products that we’re creating in the space, and the challenges we’ve faced along the way.
Come and join us if you’re interested to hear about the future of technology in esports, and how we think it can explode in the coming years.
Machine Learning and AI for biosignal processing and medical applications
The session will provide some introductory information about the use of machine learning for processing biosignals produced by the human body (and some practical code examples of how someone can get started).
The talk will also provide a brief direction for where AI can play a role in medical applications and provide some examples as well as give a brief intro to Axonnr and how we are using AI to progress robotic prosthetic technology.
Mental Health in the Workplace - Imposter Syndrome
A short presentation on Imposter Syndrome:
- What is it?
- How to Spot it?
- Why is it a problem?
- What can I do about it?
Mind Your Metadata
In this talk we will examine the ever growing value of metadata, observability and data cataloging in delivering data solutions that are more trustworthy and understandable.
We will follow the Insider data team’s journey with DataHub - the open source metadata platform.
From expert advice on evaluating products in a competitive and evolving market and harnessing user research to inform decisions through to the process of building and populating a data catalog from the ground up using a modern data engineering workflow.
Attendees will learn about the capabilities of the DataHub platform and the benefits which it unlocks, creating an environment where data is trusted, accurate and accessible, resulting in new data products which are more likely to be adopted by analyst teams
Multiple Instance Learning: Cure cancer with Paul McCartney, Angela Lansbury and a threshing machine
I am trying to create advanced diagnostic tools using AI image algorithms on cancer biopsies, but biopsy images are huge, and the characteristics I’m trying to classify are subtle. In this talk I want to introduce you to the basics of Multiple Instance Learning, the method I’m trying to use to develop new tools for the NHS by chopping huge images into tiny pieces.
Neurodiversity in the workplace
An overview of neurodiversity and how to support neurodiverse candidates and employees.
No Fungin' Thanks
New things are exciting. So is being a part of a new thing. But sometimes that excitement can maybe get the better of us…
On a completely unrelated note, who has heard about these cool new NFT things?
In this session I will cover our latest buzz-acronym, why I’m personally okay with things being funged, and why I think we need to be very careful about which unique horse tokens we hitch our digital wagons to.
Performance, Promotions and Pay
Help me ad a manager to help you as an engineer to achieve the performance, promotions and pay you would like. So many people don’t communicate with their manager and then quit disappointed they didn’t get what they wanted leaving a job they didn’t want to leave which could have easily been avoided by talking - in this talk I’m going to cover how to talk to your manager about your performance, asking for more money and that promotion from the manager’s side of the table including “un-promotional work”, overview of a typical promotion process, what happens when you quit and expect a counter offer, evidence for performance and promotions, All those awkward conversations. Intension is for better outcomes and happier devs and managers for Northern Ireland
Protecting our culture as we grow our teams
As Mintel’s business has grown, so have our ambitions. That’s why, in early 2021, we decided to add roughly 40 IT roles - more than a 30% increase to our existing department - as part of a larger investment into growing our business. We elected to add the majority of these roles in Belfast, where we already had a small data science team This would give us a fourth location as an option for adding people in the future, too.
Takeaways: How we attracted 40% of women into Engineering & Data Science roles in Belfast? Lessons Learned & Tips of setting up an office space in Belfast. How we protected the Mintel culture across regions as the teams expanded.
Reimagining Test Automation
Releases can often be stressful and time-consuming for everyone involved. Looking to improve this, our goal was to streamline our deployment process, including getting quicker feedback from our automated tests. We identified pain points and found a number of solutions that included migrating our build and test pipelines from Bamboo/Jenkins to Azure Pipelines, and using In-Memory testing to address limitations in UI testing. We will take you through the process we followed to achieve this and the benefits it has made to ESO.
Security Data Magic With Elastic Cloud & Python
This technical session will cover ‘the what’, ‘the why’ and ‘the how’ of getting your data into the cloud - and taking a good old look at it! We’ll look at a sample dataset and go through setting up a data pipeline and monitoring stack in a fun and friendly way using Logstash, AWS, Elasticsearch, Elastic Agent, Elastic Cloud and Kibana - with some added Python to top it all off!
We’ll also see just how easy it is to set up security observability on your Elastic Cloud cluster once your data is ingested, helping to protect the world’s data from attack one datastore at a time!
Snakes and Ladders: Navigating the tech career ladder
Many people the tech industry start off with the expectation that growing from a junior to a senior role is a predictable, linear journey, only to be met with unexpected roadblocks and challenges along the way. Particularly for those looking to move into senior or leadership roles often the challenges can seem obscure and progress elusive, resulting in frustration.
In this session, Phil will use examples from his experience in growing and leading teams to provide some inspiration as to how individuals might think about their activities and communication in order to achieve the progress they desire.
Surviving downturns, remaining relevant and figuring out what's important in your career
The tech industry is undergoing a change not seen since the turn of the century - tech companies of all kinds are laying people off, hiring freezes are more frequent, the era of blitzscaling is over, and it’s becoming harder for startups to raise funding. All of this against a backdrop of economic uncertainty. However, in the words of Douglas Adams, don’t panic. Opportunity is everywhere in the technology industry, but following your passion is terrible advice for developing your career, as it turns out. This session talks about experiences and some lessons learned the hard way over a 24 year career in the industry, through downturns and upswings.
The Powerlifting Principal
Aspiring principals focus on technical skills. Often to the exclusion of all else. To succeed as a senior developer you need to collaborate, negotiate and work effectively with your team. These social skills can’t be learned in front of a compiler.
Competitive sports teach patience, discipline, persistence and how to deal with failure. You will coach others, be coached yourself and learn to manage injury. Inevitably you will face disappointment, and confront the ugly fact that you weren’t the best on the day.
In this talk the author will explain how her five-year journey into competitive powerlifting taught her the lessons that shaped her leadership style.
Zero To Serverless Car Insurance
At the start of 2021 we began an ambitious project, building a car insurance platform from scratch using serverless technology on AWS. Over the past 2 years we learnt a lot about what it takes to build a serverless platform: what it means to be serverless-first, what works well, what doesn’t, but above all we learnt to love the serverless offering on AWS. This talk describes our Serverless education, warts and all, in the hope that you can learn from it. We will discuss topics like why you shouldn’t try to stuff a Monolith into a Lambda, how you can avoid Lambda functions entirely, when to make use of Step Functions and what valuable advice you can take from the Well-Architected Framework. The talk is for anyone considering, or partially along, their transition to Serverless.