SF Python Presentation Night - Observability w/OpenTelemetry and Securing PyPI

Want to learn more about Python and meet other Pythonistas?

👉 Submit your 5, 15 or 25 mins talk proposals here: https://bit.ly/sfpythoncfp

Join SF Python on https://live.remo.co/e/sf-python-aug2022

Enjoy a virtual platform that allows you to interact with others like you would in an in-person event

SCHEDULED TALKS

🔎 Short talk (~15 mins + Q&A)
Securing PyPI repository packages from supply chain poisoning attacks
Munawar Hafiz
The latest trend in attacks has been focusing on supply chain poisoning. This talk will focus on an ambitious project to scan the source code of the PyPI repository packages, detect bugs, and report them back to the project stakeholders. Intelligent Code Repair (iCR) for Python, which detects the hard-to-find bugs and does so with very low false positives, will be used for the scan. The talk will be a combination of quantitative results and anecdotal stories of lessons learned.
Munawar Hafiz is the founder and CEO of OpenRefactory, Inc., an application security company that intends to improve the way developers write secure, reliable and compliant code. Munawar had a body of work on automated bug fixing in academia which lays the foundation for OpenRefactory. He is a champion of pushing SAST bug detection tools for better precision and introducing code rewriting capabilities to fix bugs automatically.

🔎 Main talk (~25 mins + Q&A)
Observing Python — OpenTelemetry from Code to Prod
Roni Dover
Observability can be about more than pretty dashboards, it can be a powerful tool for designing better code. Just like tests, metrics and traces can be leveraged to challenge code assumptions and develop for real-world requirements in an evidence-based manner.
This talk is relevant to any Developer or DevOps practitioner seeking to understand how to use current observability technologies effectively. It will explore practical ways in which OpenTelemetry combined with open-source tools such as Jaeger, Prometheus, and others can be integrated into the modern Python development stack.
We'll review OTEL and how to leverage it effectively in different Python setups. Looking at specific examples we will examine how and what can be measured in order to make an impact on the dev and release process. Finally, we'll look into Continuous Feedback, a new dev practice, and the technology eco-system that enables it.

Over the past two decades, Roni Dover was focused on incepting, building, and scaling great products including Torque, an IAC Control Plane, and CloudShell, a platform for 'as-a-service' provisioning of environments. Currently building something exciting and new at digma.ai

FAQ
👉 How does one network at a virtual event?
https://youtu.be/k87zAKm60UA - join different virtual tables to chat with speakers, find out about how others are using Python, and start your own discussion topic. Simply turn on your mic and video when you arrive at the event link, double click on different tables to join different conversations

AGENDA
6:30p Get familiar with remo.co and reconnect with friends!
7:00p Opening remarks, sponsors acknowledgement
7:10p Scheduled talks and Q&A + networking & yoga break
8:30p Wrap up last talk, more networking

THIS EVENT IS PRODUCED BY
SF Python, a volunteers-run organization aiming to foster the Python Community in the Bay Area

Video Sponsor is IBM

For over a century, IBM has led world-changing progress by uniting, empowering, and relentlessly reinventing itself and their customers. The IBM Data Science Community is the place for data scientists and developers to learn, share, and engage with their peers and industry renowned data scientists. Join the IBM Data Science Community and participate in shaping the digital future

Virtual Platform sponsor is Sauce Labs

Continuous testing is a key enabler of digital confidence — the knowledge that you’re delivering the best possible user experience to your customers. Digitally confident organizations know that their web and mobile applications look, function and perform exactly as intended, every single time they’re used. That’s the value of Sauce Labs