CodeMash V2.0.1.2

Technology/Platform: Other

Difficulty Level: Intermediate

Abstract: Please select from the following options – 1) Ruby 2) Java 3) Python 4) Node.js 5) Clojure 6) All of the above If presented with the above quiz, Heroku would pick #6. Heroku provides a fully managed cloud platform that lets you develop in any of the above languages (with more on the way). With no servers, routers, load balancers etc. to manage, you’re free to focus entirely on your code. With Heroku, you can scale your application up or down with a single command, deploy your code with a simple git push command and monitor your application logs and status in real time. Interested in finding out more? Come join us for an introduction to Heroku and see how you can develop your next application in the cloud. We promise – no more quizzes. Just some code and some command lines.

Presented By: Sandeep Bhanot

About the Speaker: Sandeep Bhanot is a Developer Evangelist at Salesforce.com. In a prior incarnation (he is Indian after all), he was an Enterprise Architect and SOA Consultant. As a Developer Evangelist at Salesforce.com, he helps spread the gospel of the Cloud and Heroku.

Technology/Platform: Other

Difficulty Level: Intermediate

Abstract: A common security mantra is "don't roll your own" - but when developing modern web APIs, this may seem easier said than done. Unlike older, over-specified API protocols, the general concepts which underpin REST APIs do not offer much guidance on security best-practices. Worse still, some techniques that have gained widespread use have been shown to be fundamentally flawed. This session will cover some common classes of mistakes in developing and using secure web APIs, and show how reinventing the wheel can sometimes be dangerous. Along the way, we'll cover problems with authentication and authorization, information leakage, and (im)proper uses of transport-layer security, among others.

Presented By: Adam Goodman

About the Speaker: Adam is a co-founder and Principal Security Engineer at Duo Security, where he and his cohorts work to radically improve the ease-of-use in strong authentication systems. He was previously a founding engineer at Zattoo, Europe's largest live-streaming Internet TV operator, where he led the development of the secure P2P distribution and digital rights management protocols that carried the first live broadcasts of Europe's second-largest pay TV operator over the Internet. Adam also enjoys puns way too much for his own good...

Technology/Platform: Other

Difficulty Level: Intermediate

Abstract: The recent break-ins at Sony and Epsilon were partially tracked to web application failures. Not network security problems. Not server misconfiguration. Coding failures. Defects. Does security make it into your unit tests? Do you do security checks as part of your integration testing? Bill will use BackTrack 5 - an industry-standard penetration testing tool - to show some techniques for breaking into your own applications, and making sure no one else does.

Presented By: Bill Sempf

About the Speaker: Hi, my name is Bill Sempf, and I am an enterprise architect. Though I used to hate the term enterprise architect, it is clearly the only thing out there that defines what it is that I do. My breadth of experience includes business and technical analysis, software design, development, testing, server management and maintenance and security. In my 18 years of professional experience I have participated in the creation of well over 200 applications for large and small companies, managed the software infrastructure of two Internet service providers, coded complex software happily in every environment imaginable, and made mainframes talk to cell phones. In short, I make the technology that people are using every play nicely together.

Technology/Platform: Other

Difficulty Level: Intermediate

Abstract: Have you ever wished that your local development sandbox could look exactly like production, but you've got a mismatch between your local OS and your production OS? And what about the age old "it works on my machine" excuse that quite often stems from differences between developer sandboxes? Many have turned to virtualization, creating a machine image that can be passed around the team. But who manages the template? How do you keep things in sync? In this session, we'll explore Vagrant (http://www.vagrantup.com), an open source tool that allows you to easily create and manage virtual development environments that can be provisioned on demand and "thrown away" when no longer needed. Our agenda will include: * Creating new base OS templates using the Vagrant Veewee plugin * Creating a new development box using Vagrant * Provisioning the box using Puppet * Provisioning the box using Chef * Deploying a simple web application to a multi-box development environment * Packaging and distributing the box within your team

Presented By: Matt Stine

About the Speaker: Matt Stine is a Technical Architect at AutoZone in Memphis, TN. He is an eleven year veteran of the enterprise software and web development industries, with experience spanning the healthcare, biomedical research, e-commerce, and now retail store domains. His current focus is the development and support of an enterprise Java platform supporting 4600+ AutoZone stores. Matt appears frequently on the No Fluff Just Stuff symposium series tour, as well as at other conferences such as JavaOne, SpringOne/2GX, The Rich Web Experience, and The Project Automation Experience. He has served as Agile Zone Leader for DZone, and his articles also appear in GroovyMag and NFJS the Magazine. Matt is also author of the Selenium 2.0 DZone Refcard. Matt is also the founder and past president of the Memphis/Mid-South Java User Group. His current areas of research emphasis include lean/agile software development, continuous delivery, DevOps, and infrastructure as code using tools such as Puppet, Chef and Vagrant.