Christopher Judd

Tired of trying to manage and maintain servers? Never have a large enough operations team? Don’t have a budget for running lots of server? Don’t want to pay for servers siting idle? Afraid you might become so popular that you won’t be able to scale fast enough? Don’t worry, it is possible to alleviate these issues by moving to a serverless architecture that utilizes microservices hosted in the cloud. This type of architecture can support all different types of clients including web, mobile and IoT.

During this hands-on workshop, you will build a serverless application utilizing AWS services such as Lambda, API Gateway, S3 and a datastore.

During this session you will build a simple web application utilizing AWS services and Angular.

Docker and containers are getting a lot of attention these days but what do they mean for devs? How do they fit into DevOps and continuous delivery movements? Where do these tools fit into cloud computing? During this hands-on session we will learn how to install and configure Docker, build images and run containers in a local development environment. But we will also explore using them in a continuous deployment environment by deploying them to on premise as well as cloud services such as AWS.

• Setting Up Docker
• Creating Docker Machines
• Docker Lifecycle
• Finding & Running Containers
• Creating Images
• Linking Containers
• Sharing Images
• Composing
• Using the Docker API
• Private Repositories
• Swarm
• Kubernetes
• Cloud (Digital Ocean, AWS)
• Summary
• Resources

Enterprise applications are complex. A transaction starting in the browser will go through proxies, api gateways, security appliances, application performance monitoring tools, logs, microservices and more microservices. Historically there has been no standard way to get observability and traceability between all the enterprise components. Each product and framework has it's own proprietary way of identifying a transaction making it difficult if not impossible to stitch together a complete picture of a transaction. This is changing with the introduction of the W3C Trace Context standard and the open source initiative of OpenTelemetry.

In this session, you will learn how using Trace Context, OpenTelemetry and other open source and commercial products can improve your observability to help you better triage production issues, improve performance, be proactive and make your users happier.

It seems like everyday there is a new headline about a security breach in a major company’s web application. These breaches cause companies to lose their credibility and cost them large sums of money. Security is everybody’s job and requires us to be proactive.

This hands-on workshop is designed to teach you how to identify, exploit (legally) and fix vulnerabilities in modern Java web applications. Using an existing web application, you will learn ways to scan and test for common vulnerabilities using common penetration testing tools. You will learn about OWASP Top 10 vulnerabilities such as hijacking, injection, cross-site scripting, cross-site forgery and more. You will learn best practices around logging, error handling, intrusion detection, authentication and authorization. You will also learn how to improve security in your applications using existing libraries, frameworks and techniques to patch and prevent vulnerabilities making your software safer.

According to Akamai, more than 80% of internet traffic is now web API calls and makes up 90% of a web application’s attack surface. With such a critical and vulnerable piece of your architecture, do you know your APIs are secure? Do you know how and if attackers are attempting to exploit your APIs?

This hands-on workshop teaches you how to identify and fix vulnerabilities in Java web APIs. Using an existing API, you will learn ways to scan and test for common vulnerabilities such as excessive data exposure, broken authentication & authorization, lack of resource & rate limiting, and more. You will learn best practices around logging, intrusion detection, rate limiting, authentication, and authorization. You will also learn how to improve security in your APIs using existing tools, libraries, frameworks, and techniques to prevent vulnerabilities.

You spend a lot of time planning, developing, and deploying your mission-critical applications using Agile and DevSecOps. But how much time do you spend making sure your application is available for users, providing adequate performance, using resources efficiently, and notifying the appropriate support team if there is an incident using Site Reliability Engineering (SRE)? Probably not enough until something goes bump in the night. If it does, does your support team know how to gather the necessary data to triage the incident with the development team before they resolve the problem and return to bed?

In this workshop, you will learn how one of the greatest strengths of the JVM is its operational tools and capabilities. You will learn to use JMX, Flight Recorder, jcmd, Mission Control and JXRay to capture and analyze JVM and application intelligence. You will learn how to use OpenTelemetry to capture distributed tracing and metrics. Most importantly, you will leave with a list of data to capture during an incident so you can arrive at the root cause with confidence in a shorter amount of time.

It’s impossible to follow a leader who isn’t moving forward. They wouldn’t be a leader; they would be a stander or an observer. So, if you aren’t personally growing and improving, why do you think anybody wants to follow YOU? Personal growth is one of the most critical characteristics of being a leader others desire to follow. So how can you develop a growth mindset? What areas should you focus on growing in? What habits can develop to help you continuously grow daily?

In this session, we will focus on proven, effective, and actionable tactics, resources, and tools to elevate your leadership now.

I know what you are thinking. Another unit testing presentation/workshop? That is so early 2000s. But a lot has changed if you haven't been keeping up with the unit testing space recently. Frameworks such as Junit 5 and Mockito 3 have been updated significantly. New programming styles such as lamdas and reactive are becoming mainstream, changing how we test our code. We also have new frameworks for integration testing, such as Testcontainer.

Whether you're a unit testing veteran or a newbie, this hands-on workshop will give you the experience and confidence necessary to write unit tests today.