Knowledge transfer by source code and more


Details
After a summer vacation in August and September holidays we are back in full power, we will have a great lecture from Google and lightning talks.
Agenda:
18:00 - 18:30 Rally-up - Light sandwiches and beer courtesy of our host - Taboola
18:30 - 18:40 Lightning: OWASP A4 XML External Entities - Michael Furman / Tufin
18:40 - 18:50 Lightning: Open Source: Sawmill - high performance JSON transformation library - Ori Reichman / Logz.io
18:50 - 19:05 Short break
19:05 - 19:50 Knowledge transfer by source code - how to write more code and fewer emails - Ofer Bartal & Avital Zipori / Google
19:50 - 20:00 Short break
20:00 - 20:30 An open Discussion
20:30 - ... Wrap up and drinks at the nearest bar
- Knowledge transfer by source code - how to write more code and fewer emails
Email is just one way to pass knowledge. This talk is about how we use source code, compilers, and tests, to pass knowledge across different teams. We know that compilers do static analysis of code and that tests check certain conditions are met at runtime. We show how these can be used to change communication patterns across teams, using examples from three cross-language and cross-platform technologies: Protocol Buffers, gRPC and Bazel.
Ofer is a software engineer at Google, working on Google's Open Source ecosystem. He volunteers at The Public Knowledge Workshop, and you can find him there every Monday, hacking away at government data.
Avital is a software engineer at Google on a data processing team. Co-founder of "Extend", an organization that aims to open up the tech industry to diverse engineers, and "באות", Israel’s largest community of senior female software engineers.
- OWASP A4 XML External Entities
The lecture will elaborate what is XML External Entities (XXE) attack.
You will understand how to protect your Java code against the XXE attack.
Michael Furman, Tufin
Lead Security Architect
I have over 10 years of experience with application security. I have been the Lead Security Architect at Tufin for over 4 years. I am responsible for the security of all Tufin software products, including Tufin Orchestration Suite as well as our new products that integrate security directly in the DevOps pipeline. Tufin software is used in over 2,000 enterprises, including 40 Fortune 100 companies.
- Open Source: Sawmill - high performance JSON transformation library
Logz.io experienced extreme difficulties with Logstash: low performance, no visibility, async nature, etc. The solution was to write a high performance reliable JSON transformation engine as a Java library - Sawmill. I will introduce you to this open source library, show use cases and if time permits a quick under the hood peek.
Ori Riechman has been with Logz.io for 2.5 years at the core development team. He has vast experience with building data analysis platforms at large scale. When he is not coding he loves rock climbing and traveling.

Knowledge transfer by source code and more