Amsterdam JUG Meetup at Snowflake

This Amsterdam JUG meetup will be hosted and sponsored by Snowflake, in their office at Gustav Mahlerlaan 300-314, 1082 ME Amsterdam. The Event Space is located on the 3rd floor.

Agenda

• 18:00 Doors open, food, and welcome to Snowflake!
• 18:30 Talk 1: Soroosh Khodami (Code Nomads) presenting “Are We Ready For The Next Cyber Security Crisis Like Log4Shell?”
• 19:15 Break
• 19:30 Talk 2: Danica Fine (Snowflake) presenting “A Fearless Introduction to Apache Iceberg”
• 20:15 Break
• 20:30 Talk 3: Simone Romani (ING) presenting "More Code Confidence with Mutation Testing"
• 21:15 Networking
• 21:30 End

Information about the talks:

Talk 1: “Are We Ready For The Next Cyber Security Crisis Like Log4Shell?” by Soroosh Khodami (Code Nomads)

In a world where vulnerabilities like Log4J, Spring4Shell, and the XZ Backdoor make headlines, securing our software ecosystem has never been more critical.

In this session, Soroosh, a hands-on solution architect with experience working on security platform services for large enterprises like Rabobank, will share practical strategies and best practices for securing the software development process, applicable to both small startups and large organizations.

Key questions that will be answered in this session:

• Can basic SQL Injection threats extend beyond accessing a database server within a restricted network?
• What is a "Supply Chain Attack," and how dangerous can it be?
• What are the most effective low-hanging practices to secure your CI/CD process?
• Shift-Left Security & DevSecOps? What’s the hype, and how is it going to redefine the way we build software?
• How can Software Bill of Materials (SBOM) help us prepare for the next Log4Shell crisis?
• What do EU supply chain security-related regulations (DORA/CRA) mean for developers?

Talk 2: “A Fearless Introduction to Apache Iceberg" by Danica Fine (Snowflake)

New to Apache Iceberg or just starting to test the waters? Time to take the plunge! In this beginner-friendly session, we’ll introduce you to the core features of this high-performance table format and what it has to offer your data team as you build out your modern data lakehouse.

We’ll start by exploring where Iceberg fits within the context of data warehouses, data lakes, and other data storage formats. From there, you’ll be introduced to some of Iceberg’s key features, like schema evolution, hidden partitioning, and ACID-compliant transactions. Next, we’ll dive beneath the surface and explore the open-source tools, query engines, and catalogs that make up the Iceberg ecosystem. We won’t stop there, though! Together, we’ll dive deeper to learn the inner workings of Iceberg when you interact with and maintain your data over time.

By the end of the session, you’ll have the foundation you need to get started applying Iceberg to solve your own data challenges. So come along, and we’ll take the polar plunge together!

Talk 3: "More Code Confidence with Mutation Testing" by Simone Romani (ING)

One of the best ways to assess if code is resilient against bugs is to break it on purpose and see how it reacts. The reaction should be a failure in the tests. If there is no reaction, it means that the tests are not effective enough, meaning their assertions are broad and imprecise.

Mutation testing comes to the rescue for this specific challenge. This methodology changes the source code and then runs the unit tests against the mutated codebase. The generated report helps the engineer find where the weak spots in the tests are.

In this talk, we will cover the theory behind this methodology, followed by a live demo where code which could be described as "100% tested" would still be subject to bugs and how its related tests can be improved. This approach will offer a way for engineers to gain confidence in their code and especially in their tests. With a high test strength, source code will not only be strong but also malleable to modifications, with the safe guardrails of unit tests protecting them from introducing bugs.

You will learn how to write more efficient and resilient tests due to the mutation tests giving them a different perspective on their code quality, compared to the normal tests. Mutation testing will also drive better production code, following the principle of Test Driven Design.