Prairie.Code() Sessions

♫ Come Pair Away With Me ♫

Let's sail away on a journey to build software as a pair. In this session one lucky audience member will do some live coding with me as we demonstrate pair programming, discuss what effective pairing looks like, and how to appropriately support pairing in your organization.

Speaker

Ross Sickora

Ross Sickora

Software Engineer, Principal Financial Group

A Recipe for Infrastructure as Code

As an infrastructure engineer or developer, most of us have probably gone to the web looking for an example. Maybe it was something that was too abstract to fully-grasp or maybe we just weren't quite sure how to get started. Whatever the reason, we were sure that an example would help us take that first step. That is what this presentation intends to do for those who are interested in Infrastructure as Code. Whether you are currently serving as an infrastructure engineer or an application developer this session is for you. As an infrastructure engineer you need to embrace what this means to your career and start taking steps to position yourself for success. As an application developer, you need to realize that the lines between infrastructure and application are blurring and in many cases your application is going to start bundling things that were traditionally considered infrastructure into its build and deployment process.

In this session we will begin by introducing concepts such as immutable infrastructure, the golden image, configuration management, and orchestration. From there, we'll quickly move onto patterns for combining these concepts in different ways to meet the needs of your organization. Finally, we will look at a specific recipe for leveraging Hashicorp Packer and Terraform along with SaltStack's Salt configuration management tool and Docker Swarm to provide a loosely-coupled stack that enables infrastructure and applications to be managed independently.

Speaker

Dave Woodward

Dave Woodward

Co-Founder, Salte

An Introduction to WebAssembly

Want to write a web application? Better get familiar with JavaScript! JavaScript has long been the king of front-end. While there have been various attempts to dethrone it, they have typically involved treating JavaScript as an assembly-language analog that you transpile your code to. This has lead to complex build pipelines that result in JavaScript which the browser has to parse and you still have to debug. But what if there were an actual byte-code language you could compile your non-JavaScript code to instead? That is what WebAssembly is.

I'm going to explain how WebAssembly works and how to use it in this talk. I'll cover what it is, how it fits into your application, and how to build and use your own WebAssembly modules. And, I'll demo how to build and use those modules with both Rust and the WebAssembly Text Format. That's right, I'll be live coding in an assembly language. I'll also go over some online resources for other languages and tools that make use of WebAssembly.

When we're done, you'll have the footing you need to start building applications featuring WebAssembly. So grab a non-JavaScript language, a modern browser, and let's and get started!

Speaker

Guy Royse

Guy Royse

Developer Evangelist, DataRobot

API Security

Security Three Golden Rules As Per Robert Morris Chief scientist of the NSA's National Computer Security Center

do not own a computer do not power it on do not use it


Evolution Of Security

Dark Ages

Basic Authentication HTTP Header Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ= Base64 Encoded username:password

Basic Authentication inadequate, large exposure, risk

SAML XML-based security specification for exchanging authentication and authorization information Developed by the OASIS standards organization Use HTTP as a communication protocol Designed to addresses the complexities of establishing Business-to-Business communication between differing systems Not adequate for use cases like Single Page Application (SPA), Connected Devices, API etc

OAuth

OAuth is a delegation protocol, a means of letting someone who controls a resource allow a software application to access that resource on their behalf without impersonating them. The application requests authorization from the owner of the resource and receives tokens that it can use to access the resource.

OIDC Single Sign On based on OAuth

Speaker

Rajneesh Ranjan

Rajneesh Ranjan

United States, John Deere

ASP.NET Core Development Workshop with CI/CD

Sometimes all you need is a little push to make a leap to a new technology stack, but the learning curve can after push back against a desire to move foward. In this full-day workshop we will work through the entire software development lifecycle of a project created with ASP.NET Core, Entity Framework, and Azure DevOps. In this full day session we will cover. * Basic project Architecture * Code Re-Use and Dependency Injection * Entity Framwork Core Basics, including databse migrations/deployment * Unit Testing Implementation & Limitations * Response and Object Caching * Azure DevOps Builds & Deployment At the end of the day attendees will be able to create their own projects from end-to-end with a solid platform including Continous Integration/Continous Development practices and unit testing.

Speaker

Mitchel Sellers

Mitchel Sellers

CEO, IowaComputerGurus, Inc.

Beautiful SDK Design in Java for APIs

Abstract

Often times Java SDKs for APIs look more like the API they represent than idiomatic Java.

This talk examines how great SDKs are built using design patterns.

It covers: enforced separation of Java api and implementation, use of generics, a caching layer and hiding network traffic.

Description

The (now defunct) Stormpath SDK had a great design approach from its original author, Les Hazlewood.

It has an enforced separation of api and implementation. It does this by using the api module as a compile time dependency and the implementation module as a runtime dependency.

It has a DataStore interface that makes heavy use of generics to support CRUD operations for all objects represented in the API. The implementation hides the actual network traffic and includes rich support for retry with backoff and error handling. Developers only ever have to deal with the DataStore, POJOs and method calls to "interact" with the API.

It also has a rich, interface-based caching layer. The default implementation is robust and suitable for single-JVM environments. It's easy to drop in a distributed caching layer, such as Redis or Hazelcast.

All of this combined makes this one of the best designed SDKs in Java. In this talk, all these secrets are revealed against a completely different API: DigitalOcean's Droplet API. There's a few slides and lots of code, including some live-coding.

Speaker

Micah Silverman

Micah Silverman

Senior Developer Advocate, Okta

Believe in the Power of CSS

You know that song by Huey Lewis and the News, The Power of Love? "First time you feel it, it might make you sad." Might be how you feel about CSS right? What about the power of CSS? CSS has received a bad name as of late, but truth of the matter is that CSS is such a powerful piece of the front-end puzzle and you should really be excited for what's already here and what's to come! Who would have thought we could create magazine-style layouts with CSS grid? What about ruleset variable scoping with custom properties(CSS variables)? And last but not least, the pain of centering content horizontally and vertically which is now possible in three lines with flexbox! Let's talk about how awesome CSS is, and how we can restore our faith in one of the best things that makes the web amazing!

Speaker

Chris DeMars

Chris DeMars

Front-End Developer, Tuft & Needle

Blazing the Web - Building Web Applications in C#

With WebAssembly, creating web applications can be built with any programming language; JavaScript is no longer the only choice. In this session, you'll see how you can use Blazor to run C# natively in the browser. We'll also cover Razor Components, JavaScript interop, server-side Blazor, and so much more!

Speaker

Jason Bock

Jason Bock

Practice Lead, Magenic

Blending Product Thinking with Architecture

Too much design up front and you are bumping into the design all of the time (and losing time). Not enough design and your system can crumble in reality. How do you blend architecture so you have the right decisions at the right time, and give them enough due dilligence? How do you embrace cloud and microservices and not risk getting into different failure scenarios or overly complicated maintenance and ripple effects?

In this session we will walk through visualizations that help teams blend product thinking with architecture. Along the way, we will look at microservices and domain modeling as well as chaos engineering and fault tolerance - blending all of these into a context that is consumable by all and gives the right emphasis at the right time.

Leave this session with simple visualizations and approaches that you can apply immediately to start blending product with architecture, especially if you are looking to run in a cloud world.

Speaker

Joel Tosi

Joel Tosi

Hands-On Coach, Dojo & Co

Building a UI Component Library with Styled Components

At Hy-Vee, we reached a point where we were spinning up new teams so quickly that we found it difficult to maintain consistency across products. How could we ensure every person created a button that looked and functioned the same way across all digital properties?

Our first step in tackling this problem was having UI/UX define a style guide that all consumers should implement. Ultimately, we found it was hard to regulate consistent output across the organization. We needed a simple approach to ensure adoption of the style guide and a set of shared components consumers could use without having to worry about styling.

That's where our UI component library came into play. I'll talk about how we created it, the benefits you can receive, and how we migrated to using a Monorepo containing a variety of different packages to decrease bundle sizes. These libraries have allowed us to ship code faster and more efficiently as we've scaled.

Some specific technologies used: styled-components (CSS in JS), JavaScript, Lerna, Yarn Workspaces, Babel, Webpack, React.

Speaker

Lee Robinson

Lee Robinson

Senior Software Engineer, E-Commerce, Hy-Vee

Building Great Libraries with .NET Standard

For 17 years, the biggest decision was whether it was time to upgrade to the latest .NET framework or not. Not there .NET Framework, .NET Core, and .NET Standard. So many options and it is not completely obviously which one (or ones) you should be using. During this session we will review the different frameworks/standards and talk about where you should be using the different frameworks/standards. Then we will focus on how you can easily support multiple platforms with .NET Standard and no compromises, thanks to multi-targeting. We will also over the other aspects of building .NET Standard libraries such as versioning, strong naming, and binding redirects.

Speaker

Chad Green

Chad Green

Data & Solutions Architect, ProgressiveHealth

Building Large, Yet Maintainable, ASP.NET Applications

As an application adds more and more features, if you're not careful, it can quickly spiral into becoming the application no one on the team enjoys working on. This talk is structured as a series of lightning talks on various topics to help you improve the maintainability of your ASP.NET applications. We’ll discuss libraries and best practices to help with folder structure, validation, ORM’s, unit testing, code flow, profiling, and more. By the end, you should be able to take at least one thing away that you can start implementing immediately when you get back to the office.

Speaker

Scott Sauber

Scott Sauber

Professional Software Consultant, Lean TECHniques

Cloud Application Lifecycle Basics

There are a LOT of options out there these days. Depending on if you're on-prem, in AWS, or in Azure you have some very different options available to you. We'll go over how to make the most of what is available. Options for deployment/infrastructure/build automation, logging, config/secrets management, container orchestration, application performance, tracing, event streams and queues. Lets go through these options and show where different platforms really shine.

Speaker

Seth Larson

Seth Larson

Engineering Team Lead, Raven Industries

CloudWatch-ing: Creating More Useful Logs & Alerts with AWS

Logging is essential for visibility and resiliency, especially when monitoring and debugging software applications. However, overzealous logging of everything can do more harm than good. For integrated applications, generating massive files of data no one reads can lead to days of troubleshooting and weeks of fixing the “fix”. The time lost multiplies when these logs live in various places with no system to sound the alarm. Learning to use Amazon CloudWatch for streamlined, meaningful, centralized logging and alerts can drastically reduce the time it takes to notice issues, find bugs, and fix them. Attendees will leave with a better understanding of log levels, how to send logs to AWS Cloudwatch, and how to use those logs to generate alerts.

Speaker

Rhia Dixon

Rhia Dixon

Software Engineer, VeriShip

Common Dev Mistakes and How to Avoid a Breach

This talk will focus on some of the most common mistakes (e.g. the top 5) that application developers make and how penetration testers can easy spot and exploit them. Using programming methodologies like SecureDevOps can mitigate many of these risks. It will not necessarily focus on OWASP or similar lists, but it will loosely parallel those and explain how developers can (and should!) change their methods to more secure practices.

Speaker

Mark Bayley

Mark Bayley

Penetration Tester, NIC inc

Conceptualizing OAuth, OpenID and Implementation of the Identity Server.

In dealing with web security, the most common thing for a developer is to think like an attacker while writing his/her code.

For everyone, the standard of development is not bound to just deploy and fix the bugs, but to ensure every developer understands these concepts and helps his/her team for building a better and secure product.

This presentation will start with using some good secured services like OAuth and OpenId based IdentityServer, and understanding how to call it via our application.

Deep dive into dependency injection

Why do we need loosly coupled applications. Ways to impliment dependency injection. Deep dive into some advanced DI concepts. Talk about some Some of the benefits of using a DI framework. Cover some of the existing DI frameworks in C# with examples

Speaker

Yair Segal

Yair Segal

CEO/ Chief architect, Peach Software Inc

Docker: From Development to Production

Building applications across an organization can be a difficult process sometimes. Developer machines can have variation that can end up causing confusion and difficulty at deployment time. This can not only be problematic for the developers, but also the DevOps team as well.

Moving application development to containers can reduce friction across all teams by simplifying the process in which new developers build and ship those applications.

In this talk, Kelly will walk through utilizing Docker through the entire development lifecycle, from development to production of a containerized application. If you haven't started using containers, now is the time to learn how.

Speaker

Kelly Andrews

Kelly Andrews

Senior Developer Advocate, Nexmo

Easing Into Continuous Deployment

Have the confidence to deploy any time of the week? I've definitely been places where doing so would make everyone cringe. Lets talk about some lightweight tools and processes to greatly reduce that risk. We'll discuss feature flags, trunk based development, pairing on critical sections, and other ways to help you have confidence in your deployment pipeline.

Speaker

Seth Larson

Seth Larson

Engineering Team Lead, Raven Industries

Electricity and Electronics for Programmers

If you've been programming for the web or desktop, you've never had to wonder just how the electrons are getting from point A to point B. But if you're starting out in the Internet of Things, you are going to need to know a bit more than how to plug in the USB cord. This talk will cover intro level electrical theory and how it applies to an Internet of Things device. From batteries and mains power to motors and relays, we'll chat about how to keep you and your project safe!

Speaker

Bailey Steinfadt

Bailey Steinfadt

Owner and Lead Engineer, Stone Path Engineering LLC

Embrace an Experimentation Mindset

Organizations undergoing change must embrace the idea of experimentation. Those that only change vocabularies and not behaviors wonder why they quickly fall back into old habits, why the changes did not ‘stick’. Those organizations failed to embrace or misunderstood the objectives of experimenting. Organizational learning happens when people begin questioning the way things are done, they begin trying out different ideas together and share those learnings. Join me as we explore what it means to have an experimentation mindset.

Speaker

Diana Williams

Diana Williams

Director Agile Coaching, Project Brilliant

Encryption for Developers

Encryption has become a major part of the implementation of many products, but how many of us really understand what is going on behind the scenes. During your implementation, do you really know what an initialization vector does? What is the difference betwen AES-CBC and AES-CFB, and when should you use one over the other? How do you store the decryption key to prevent the same code leaking both the data and the key?

In this breakout section we will talk through some of the history of encryption, the different types of encryption, its appropriate uses, and the key elements that we are required to include encryption in your products.

Speaker

James McKee

James McKee

Developer Security, Trimble

Enterprise Project Architecture with .NET Core

Samples and documentation for ASP.NET Core are some of the best that we have seen in the .NET ecosystem in the past few years. However, even with that, I see many developers struggle to expand from the templates into a real-world application with full separation of concerns as well as modularity. This session will look at a few different architecture approaches and showcase tips and tricks to migrate from the examples into a more traditional architecture supportive of larger application development projects.

Highlights of the session will include: managing dependency injection across assemblies, managing logging and configuration information, creating a re-usable database context that can be used for web and other projects as needed, and general project cleanup/production readiness.

Attendees will be provided a link to a detailed GitHub repository that will allow them to follow along after the session with all of the information that was provided during the session. With a goal of providing the needed tools for success back at the office.

Speaker

Mitchel Sellers

Mitchel Sellers

CEO, IowaComputerGurus, Inc.

Extending Spring Boot for Enterprise

Spring Boot has been an incredibly successful at reducing the time and complexity of spinning up new projects. However enterprise demands often cause Spring Boot projects to become bloated, out of date, and have inconsistent implementations, leading to them being difficult to maintain both for the teams responsible for a project and from an enterprise level of ensuring projects properly implement features like security, logging, database connectivity, and other common concerns.

In this presentation we will look at some of the underlying philosophies of Spring Boot and see at how to apply them to the enterprise. Specific topics include creating customs starter libraries, BOMs, and easing project initialization steps all with the goal of reducing developer toil and frustration while ensuring consistent behavior across large enterprises but not blocking experimentation. If your organization has been struggling with bloated poms, projects full of dead code, and long pipelines from project conception to deployment to production this is a presentation you will definitely want to check out.

Speaker

Billy Korando

Billy Korando

Developer Advocate, IBM

Focus on People

In 2008 my mom was diagnosed with ALS. Over the next 18 months, ALS stole more and more abilities from my mom, including her ability to speak. But what ALS took, software was able to help restore.

While not everyone will receive an ALS diagnosis, most of us will interact with software on a regular basis. As a result, software engineers need to approach writing software with this in mind.

This talk explores the role of software engineering in human flourishing. You’ll learn how the software you write today impacts the lives of your users, and how you can make that better. You’ll also learn ways to improve interactions with your team, considering them not just as coworkers but also people.

Speaker

Nate Taylor

Nate Taylor

Aviture

From Zero to App: A React Workshop

You’ve heard about it. Maybe you even started looking at it, but you abandoned when you saw that you needed to re-learn all you thought you knew about JS. When starting to do your first steps in React, the learning curve can seem really steep. In this workshop, the attendees will be guided through the fundamental concepts behind React and will learn how to build a full application using those technologies. Covering packaging with webpack, routing, form manipulation and authentication, this workshop will get the attendees up to speed with this trendy framework that React is.

Speaker

Joel Lord

Joel Lord

Developer Advocate, Red Hat

Getting Started with Azure DevOps

DevOps is about people, process, and products; DevOps is about continually getting better in delivering value to your customers. Getting it right requires a lot of effort, but the benefits to your organization and customers are tremendous. Microsoft has a fantastic set of products that can help you get the most out of the cloud and help in deploying your application to any platform. In this demo-heavy session, Chad shows you how to go from zero to DevOps and how to being the transformation of your team to a well-oiled machine that is constantly making the customers happy.

Speaker

Chad Green

Chad Green

Data & Solutions Architect, ProgressiveHealth

GitHub Pages: An Often Overlooked Web Platform

GitHub Pages is a highly scalable web host with world class infrastructure, free SSL, and robust workflow tools. And it’s FREE. In this session Mike will explain how to determine if your project is a good fit for GitHub Pages and leave you with enough information to be able to implement from top to bottom. We'll go into the basics of setting up a new site and will cover some built-in functions to add a little dynamicity to your static site. He will show you how to set up a local development environment for you Windows developers out there, several scenarios dealing with different types of publishable content, and we'll look at a few third party services to complement your available toolset.

Speaker

Mike Cole

Mike Cole

Principal, Cole Consulting, LLC

Hack your brain - Ways to improve your thought processes

As developers we are always looking at improving and optimizing our workflows, but why don't we also do that with our thoughts? This talk will explore ways to improve those thought processes through looking at techniques like mindfulness, having a growth mindset, implementing new habits like how you do a sprint and even why speed reading might be for you!

Speaker

Christine Seeman

Christine Seeman

Software Engineer, Flywheel

Hacking JWTs

So you’ve finally secured your APIs. And it uses JWT because everyone else does. But is it secure? JWTs are the new great thing that everyone is talking about, but you need to use them correctly. During this talk, we will see how we can use various attacks to hack into OAuth systems that use JWTs as a token mechanism. From token validation to brute forcing HS256, by seeing the attackers’ point of view the attendees will learn how to better defend themselves and make more secure servers.

Speaker

Joel Lord

Joel Lord

Developer Advocate, Red Hat

Hacking Your Car - Driving Towards a smarter future

Inspired by everything from Star Trek to the Tesla car, I've embarked on a journey to transform my truck from mundane to something that is more than meets the eye. Ever since I was old enough to drive, I've dreamed of having a car with a computerized dashboard, but it seemed out of reach until recently. With the advent of affordable tiny embedded computers like the Arduino and Raspberry Pi I was finally ready to make this a reality. I wanted a system that could grow with my dreams, so I created CADI, an open source Computer Aided Dashboard Instrumentation system. I'll take you with me from concept to integration, taking a look at how I choose my hardware, what I've learned trying to integrate with my car's electronics, what it can do today, and where I'd like to take it moving forward. If you've ever wanted something more than that stock radio & analog A/C controls you'll want to check out project CADI (projectcadi.com).

Speaker

Duane Newman

Duane Newman

Co-Founder, Alien Arc Technologies, LLC

Have You Adapted Your AppSec?

In the ever-evolving, fast-paced development world, application security has not scaled well. Incorporating application security and testing into the current development process is difficult, leading to incomplete tooling or unorthodox stoppages due to the required manual security assessments. Development teams are working with a backlog of stories, stories that are typically focused on features and functionality instead of security. Traditionally, security was viewed as a prevention of progress, but there are ways to incorporate security activities without hindering development. There are many types of security activities you can bake into your current development lifecycles—tooling, assessments, stories, scrums, iterative reviews, repo and bug tracking integrations—every organization has a unique solution and there are positives and negatives to each of them. David will talk through the various solutions using his experiences to help build security into the development process.

Speaker

David Lindner

David Lindner

Director, Application Security, Contrast Security

How to Win Friends and Influence...Better Developer Estimates

Let's face it, creating estimates for tasks is not an exact science. Whether it is points, hours, level of effort, or whatever else the next fad is, it all mostly boils down to what feels like a shot in the dark.

Join my session to find out a few lessons learned, tips, tricks, and strategies for creating accurate and timely estimates on your developer tasks. I'll share my experiences for creating the majority of estimates at my company for the past 17 years. I'd estimate that the amount of estimates I have created is more than 500 or so..see what I did there?

At the end of the day, if you can create better estimates, than maybe your project managers will end up becoming another one of your long time friends.

Speaker

Brian McKeiver

Brian McKeiver

Co-Owner, BizStream

I Don't Care About Security (And Neither Should You)

Remember when setting up an auth system was easy? Me neither. From the signup form, the login form, password reset form, and all the validation in between it can easily take weeks if not months to get something basic up and running. Then you have to deal with all the security considerations. No thanks. During this presentation, the attendees will be introduced to OpenID and OAuth. They will learn how to leverage these technologies to create secure applications, but most importantly, they will learn why and how to delegate authorization and authentication so they can focus on their real work and forget about all that security stuff.

Speaker

Joel Lord

Joel Lord

Developer Advocate, Red Hat

I Feel the Need for Web Page Speed

We demand high performance web applications. To build them we need every single piece of information to help us find actionable ways of speeding up our applications. In this session learn how to use the performance API together with common browser performance tooling to determine down to the method level how long our pages take to perform operations. We’ll also touch briefly on instrumenting up popular frameworks such as React & Angular, running performance checks on mobile browsers, and free open source tools that can help you diagnose and monitor performance.

Speaker

Bill Dinger

Bill Dinger

Solutions Architect, VMLY&R

Inclusive Diversity: Do You Want to Build a Bracelet?

We want more diversity and more inclusion, but where do we start? Our efforts to meet quantitative diversity goals sometimes cause us to miss out on the qualitative value of diversity. There is a marked disconnect when trying to reach and engage those who differ from us in race, gender, religion, age, ability, etc. I believe this disconnect happens because we struggle to find genuine planes of engagement. It is not enough to hire or reach out to someone just because of how they fit in the demographic scheme of things. Tokenism is not the answer. People are different. People are the same. We are as wildly distinct and alike as a random assortment of beautiful beads! People need to feel truly included and valued as individuals. If there is no effort to engage on relatable levels and have genuine discussions about things we have in common, we will not be able to hold on to these very valuable people. This is NOT a lecture. Be prepared to be your authentic self and shuffle around a bit! In this interactive session, we will have meaningful conversations as we construct unique bracelets using the beads you select to explore a different perspective on diversity & inclusion.

Speaker

Rhia Dixon

Rhia Dixon

Software Engineer, VeriShip

Intro to Arduino

Arduino is a beginner friendly introduction to microcontrollers that allows you to easily and quickly get started on your own projects. In this class we’ll learn the basics of Arduino with a dash of electrical engineering. You'll work hands on the entire session to build devices with motors, lights, sensors, and more. This class should set you well on your way to being confident in the THING part of your first IoT project.

Participants should bring: Laptop (Mac, Windows, or Linux)

Speaker

Bailey Steinfadt

Bailey Steinfadt

Owner and Lead Engineer, Stone Path Engineering LLC

Introduction to Angular 8

Alain Chautard will go through an introduction to the Angular framework. If you don't know anything about Angular, that's a perfect opportunity to learn all of the basics and get you started with the framework and front-end development! Alain will talk about TypeScript, components, services, pipes, and how to work with Angular CLI through live coding.

More specifically, we are going to understand how Angular works and how it runs in a browser. We're also going to talk about Angular CLI, a tool to help scaffold an Angular application.

This workshop will be packed with examples and code labs to help understand how easy it is to write Angular web applications.

Speaker

Alain Chautard

Alain Chautard

Angular Consultant, Angular Training

Introduction to Reinforcement Learning

Have you ever wondered how Google DeepMind and OpenAI were able to get beyond expert level performance on video games? In this talk I will walk through the evolution of the Q Learning algorithm. From its birth from biology until the current iteration.

Speaker

Evan Hennis

Evan Hennis

Software Engineer

Introduction to the R Language and Ecosystem

This session will introduce you to R, a general purpose programming language and software environment that is popular for data analysis and visualization. We will introduce the R language, focusing on examples of the kinds of things that R excels at like data wrangling, exploratory data analysis, statistical computing, machine learning, and data visualization.

We'll also introduce the R ecosystem, including the tidyverse, an opinionated collection of R packages designed to make data science fast, fluent, and fun. We'll see examples of how you can create documents containing code and graphics using tools like R Markdown, as well as creating and publishing interactive data-driven web applications using Shiny.

No prior knowledge of R is required. The emphasis will be on breadth rather than depth. You'll come away with a basic understanding of what R is all about and suggestions for how to learn more.

Speaker

David Body

David Body

President, Big Creek Software, LLC

Introduction to Typescript

JavaScript is the language that enables all of the dynamic aspects of the web, such as real time updates, notifications, as well as more advanced features in the browser. TypeScript, a superset of JavaScript, enables great tooling and better structuring of large JavaScript applications.

In this session, we will cover the next big thing in modern web development: Typescript, which brings types, decorators and many more features on top of what JavaScript already does.

Speaker

Alain Chautard

Alain Chautard

Angular Consultant, Angular Training

Javascript / Not Javascript

If you have been using Typescript for a while you may have missed out on some of the new features in Javascript. Language features you thought were unique to Typescript may be available in Javascript as well. So just how different are these two today? Let's test your knowledge of the Javascript and Typescript by looking at code snippets and determining if it is Javascript or Not Javascript. You may even learn about a few new features in the process!

Speaker

Devin Kelly-Collins

Devin Kelly-Collins

Senior Software Engineer, Artisan Technology Group

JUnit 5 the Next Step in Automated Testing for Java

JUnit 5 has been out for a year, so what is the big fuss and why should I take the time to update my existing automated tests to use JUnit 5? In this presentation we will look at many of the new features that have been added in JUnit 5 and not only how they make automated testing easier, but allow developers to write tests in ways that were difficult or impossible to do before. If you have been wondering why you should make the switch from JUnit 4 to JUnit 5 you will definitely want to check out this presentation.

Speaker

Billy Korando

Billy Korando

Developer Advocate, IBM

Learning MVC and Practical Lessons Learned

After years of using MVC4, and now MVC5, I would like to share how we've leveraged it in an Enterprise level solution. In this presentation, I'll show to tie together the API layer, standard issues we've had with implementation, and how to keep it secure and fast. We will create an MVC app in Visual Studio to utilize the Scaffolding, and generate a useful tool for teaching this.

Speaker

Kevin Cox

Kevin Cox

Sr Web Developer, Tec Vector

Let's Get JAMming: An introduction to static site generators.

Static site generators are awesome. In under an hour you can build your blog, project documentation, or even a very basic eCommerce site. We’ll explore the JAMstack and bare bones implementations of these types of sites. We'll build a couple of sites with different site generators and show off automated deployment with GitHub hooks and Netlify CDN.

Speaker

Dennis Stepp

Dennis Stepp

Quality Assurance Engineer, Lirio, LLC.

Machine Learning for Gamers: Dungeon Forecasts & Dragon Regressions

It’s Friday night and you’re making your character for a fun evening of gaming. You’ve rolled your abilities and even got two 18s. But what class should you pick given your rolls? If you pick that class, is your character playable? What kind of character have you created?

Or maybe you’re a game master and you’ve been running a game for some time. Do you need to know how much treasure that dragon hoard should have? Or are you wanting to figure out how many encounters your players will make it through in an evening so you can prepare enough material?

These important questions can all be answered using machine learning.

Many developers want to make use of machine learning in their applications but aren’t sure what sorts of problems can be solved with it. This talk will explain the sorts of problems that can be solved, what data is required to solve them, and what the results look like. And, we’ll explore it using fun and geeky examples. We will cover five major types of problems that machine learning can solve: regression, classification, anomaly detection, forecasting, and impact analysis. When we’re done, you’ll have a basic understanding of what machine learning can do and what you might want to use it for. It might even be something other than role-playing!

Speaker

Guy Royse

Guy Royse

Developer Evangelist, DataRobot

Managing Agile Teams: A Servant-Leader Based Approach

Product Owner, Team Member, Scrum Master, Facilitator, Coach, Manager? The Work done by managers of agile teams can decide the success or failure of any agile initiative. The benefits of Agile adoption have become apparent even one of the biggest waterfall advocates, the Department of Defense is now requiring the adoption of Agile Development Methods. The day-to-day implementation of these initiatives requires the coordination between program management and the teams actually doing the work. The Management team must learn to co-create value for the customer in order to succeed and thrive in today's Agile world. How can management and technical leaders contribute to the success of an agile project at all phases of Agile adoption? How can years of experience, research, and knowledge of management principles be leveraged to meet the Agile goal of providing more value quickly. This presentation will provide a fact-based presentation on leadership, interpreting the results of multiple leadership surveys over the past 30+ years in a way that promotes Agility and empowers teams. This presentation will also provide examples from the Global Adaptive Planning Collaborative Information Environment (GAP CIE), a project which recently won the Aviation Week Program Excellence Award under the supplier aftermarket category for their Agile, Lean, and DevOps adoption on the project designed to support the U.S. Air Force’s contingency and crisis action planning operations.

Speaker

Scott Grimes

Scott Grimes

Software Engineer, Northrop Grumman

Managing Software Development for Change

One of the greatest challenges modern software developers encounter is the constant need to change how the software works or what the software does. I this talk I present an architectural pattern based on principles of SOLID. Contracts, Hosts, Managers, Engines, Services, and Tests eases these pains and creates natural and intuitive structure to managinge software development for change.

Speaker

Ken Hill

Ken Hill

IT Manager, UMB

Managing state in React

Should I use local or global state to manage my components. Do I need actions and reducers for my menus? What about forms? Should I be using providers instead? If you have asked yourself any of these questions, you're not alone. Managing state in an application is no longer a simple task. Join us as we look at the three popular ways to manage state, with component state, providers, and through Redux. We'll take a look at the advantages of each method and when you may want to use them.

Speaker

Devin Kelly-Collins

Devin Kelly-Collins

Senior Software Engineer, Artisan Technology Group

Mapping the User's Journey

Do you feel like you don't actually know your users? Do they struggle through the flow of your website, and you don’t know why?

This session will introduce you to empathy mapping, and how it will help you to relate to your users better. Once we have some empathy (mapping), we'll go over user journey mapping, so we can better understand what questions and pain points our users are having as they move through a website or application.

Speakers

Elizabeth Davies

Elizabeth Davies

Lead Developer, Gallup
Courtney  Heitman

Courtney Heitman

Scrum Master & UX Developer, Gallup

Metrics - Moving from what is easy to what matters

Metrics are a good thing when we ground them in decisions we want to make. Metrics for the sake of having metrics loses its purpose.

In this session, we will walk through a simple way of grouping metrics - from easy to collect, to directional, to impactful. Along the way, we will give examples of metrics in each group - what they mean, why they are good, where they fall apart. All along working towards better metrics and the approach to collecting and using them.

Additionally we will introduce and show process behaviour charts - a technique that looks at data and helps separate noise from signal.

Leave this session with simple ways to group metrics and ways to interpret if your changes (product, process, or people) are making a difference.

Speaker

Joel Tosi

Joel Tosi

Hands-On Coach, Dojo & Co

Micronaut For Simplifying Microservices On GCP

Google Cloud provides a powerful and highly scalable platform for delivering microservices and serverless applications, with a variety of tools to help developers make the most of the opportunities it offers. A new tool, the Micronaut framework, was designed from the ground up to simplify the architectural development and deployment of microservices, and it comes with built-in support for GCP services and hosting. In this session, we demonstrate in real time how to build a suite of lightweight microservices, wire them together in support of the intended architecture, and deploy the solution to GCP with minimal complexity and effort. Demonstrations will include deploying to Google App Engine Flex as well as the recently announced Google Cloud Run serverless environment.

Speaker

Jeff Brown

Jeff Brown

Partner, Grails and Micronaut Practice Lead , Object Computing, Inc.

MICRONAUT FROM IOT TO GCP

In this deep dive workshop, you'll learn how to use the new Micronaut Framework in concert with Google Cloud Platform services, such as Cloud SQL, Kubernetes, and Google’s Instance Metadata Server. Discover an easier way to build fast, lightweight JVM microservices and deploy them to Google Cloud.

OVERVIEW Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube.

Micronaut is a modern, JVM-based, full-stack framework for building modular, easily testable microservice and serverless applications, with an emphasis on developer productivity and code simplicity. Micronaut provides great support for simplifying the development and deployment of microservices to GCP.  

This workshop explores Micronaut's high-productivity capabilities and includes a hands-on demonstration of how to build a suite of services with the new framework, deploy them to Raspberry Pi edge devices and GCP, and get the whole architecture wired together with minimal effort.

COMPLIMENTARY HARDWARE Each participant will receive a Raspberry Pi Zero W device and the necessary, related hardware to complete the lab exercises. Participants may keep the hardware after completing the course! 

The following topics are covered in this workshop: * Controllers * Compile Time Dependency Injection * Application Configuration * HTTP Client * Service Discovery * Testing * Bidirectional JSON * Server Events * Databases * Management Endpoints * Aspect-Oriented Programming * Static-File Resolution * Security * Configurations * Web Sockets * Polyglot Micronaut * Distributed Tracing * Serverless Functions * Stand Alone CLI Apps * Deploying To GCP * Google Cloud SQL * Kubernetes on GCP

Speaker

Jeff Brown

Jeff Brown

Partner, Grails and Micronaut Practice Lead , Object Computing, Inc.

Mobile Apps: To SQL or Not to SQL

Throughout the course of the mobile apps revolution the world has seen many changes in the technology landscape. What started off with fewer than 500 apps has quickly surpassed the millions mark. As languages, platforms, and styles have come and gone one thing, above all else, has persisted; data.

In this session we’ll examine the data usage trends and the different data storage techniques for mobile apps. More specifically, we’ll take an in-depth look at the two main database options: SQL and NoSQL. We’ll learn what each is, and when to use them. As developers we know when it comes to technology options there’s no silver bullet, but you might be surprised how lop-sided the SQL vs. NoSQL debate is as it pertains to mobile.

Speaker

Robert Hedgpeth

Robert Hedgpeth

Senior Developer Advocate, Mobile & IoT, Couchbase, Inc.

Mocking .NET Without Hurting Its Feelings

Unit testing has become an accepted part of our lives as .NET programmers. To help focus our tests to only the code we want to validate, Mocking Frameworks are a powerful tool in our toolbox. Like many tools, if you have an understanding of how the tool works under the hood, you can bend it to your will (and also know where it'll break if you bend too much).

In this session, you'll learn about the two main types of mocking frameworks: constrained frameworks (like RhinoMocks and Moq) and unconstrained frameworks (such as Typemock Isolator and Telerik JustMock). I'll dig into how the two actually do their magic and we'll discuss the pros, cons, and limits of both. We'll look at examples of how to use the frameworks in your tests, mocking out dependencies from your own code and even third-party logic.

You'll get the most out of this session if you're comfortable reading C# code and have a general understanding of class inheritance in .NET, along with some experience writing and running unit tests. Prior experience using mocking frameworks is not necessary.

Speaker

John Wright

John Wright

Senior Software Developer, Stack Overflow

Offensive Application Security for Developers...

Application developers are the first line in defending applications from attack, there are thousands of software and hardware solutions to attempt to make your software more safe and secure. In the end if the software isn't developed properly and securly no amount of software or hardware is going to protect you. In this session I plan to go over, identifying weak code, testing for it, and fixing it.

In this session we will go over indepth the process for doing application security testing on your own applications. As part of the session we will go through and identify all of the items on the OWASP top 10, how to test them using hands on tool DVWA (the Damn Vulerable Web Application), and talk about strategies to mitigate the attacks. Participants should have working level development skills, but no previous security experince is needed.

Requirements: Students to the class must have:

  • A laptop that they have root or administrator access to.
  • A laptop capable of running a virtual box machine, multi-core, with 8gb+ of ram.

All materials outside of the Requirements will be provided.

Speaker

James McKee

James McKee

Developer Security, Trimble

Packaging your world with NuGet

Whether you are creating an open source library or building enterprise app core components, you need to get that functionality into other projects. But developing these resources is usually easier than consuming them. How about a worry free way to distribute and reference those resources in your project that will let you stay up to date, but allow you to avoid problems that may introduce breaking changes or new bugs? NuGet packages to the rescue! We'll also take a look at where you can find NuGet (packages aren't just for code any more) and how to create, distribute, and maintain your very own package. Then, you’ll be ready to share your package with your team, your enterprise, or even… The world!

Speaker

Duane Newman

Duane Newman

Co-Founder, Alien Arc Technologies, LLC

Pair Programming: Back to the Basics

Pair Programming is a highly recommended but seldom utilized agile development practice. Primarily originating and associated with Extreme Programming, Pair Programming is often misunderstood and therefore left by the way side when agile teams get going with development. I want to go back to the basics of pair programming and show why it should be a practice every team employs. In Design Studio and Senior Design, we manage nearly 40 projects with more than 200 student team members combined. Pair Programming can greatly impact these students’ careers in software development once they have realized its power and taken advantage of its benefits. Let’s bring it back down to the basics to remind you of this great opportunity.

Speaker

Jeremy Suing

Jeremy Suing

Design Studio Project Manager, UNL - Raikes School

Presentations, Storytelling, and How Not to Suck at it

Learn from UX Associate Ash Banaszek on how to give impactful and interesting technical talks. Ash is consistently rated highly by conference-goers as an informative and entertaining speaker, and is a decorated Toastmaster winning awards at Area and Division levels for humorous, impromptu, tall tales, and international speaking categories. In this talk, Ash will share her tips on organizing presentations, increasing engagement, when to add humor, how to fold a story into your tech talk, and using images effectively. Want to be a better presenter? After this talk you may not be a keynoter, but you definitely will "not suck at it."

Speaker

Ash Banaszek

Ash Banaszek

UX Associate, Union Pacific Railroad

Putting the D&D in TDD

Are you tired of TDD workshops that make you do boring things like calculate bowling scores and prime factors or demonstrate how to win at the game of life? If so, this is the session for you! In this TDD workshop we will be building the domain model for EverCraft -- a new MMORPG from Blizzards of the Coast. We have lots of story cards prepared covering features from combat to magic, classes to spells, and races to items. Plus, we'll be defining some of these cards during the session in case you want that +9 knife of ogre slaying or enjoy casting magic missile at the darkness.

This workshop is language agnostic and for all levels of developers. The focus is on TDD and emergent design but pair programming will be covered as well. The only requirement is that you bring a laptop and that you be able to test-drive you code with your language of choice. When you are done you will emerge a better programmer for the experience but there is small chance you will have a craving for Cheetos and Mountain Dew.

Speaker

Guy Royse

Guy Royse

Developer Evangelist, DataRobot

Quantum Computing and Q#

How does quantum computing work and how can you write quantum programs? We will explort Microsoft Q# and Microsoft Quantum Katas to learn quantum computing.

Speaker

Ken Hill

Ken Hill

IT Manager, UMB

React-A-Tron: React on the Desktop

Wouldn't you love to build fast applications for the desktop? If the answer is yes, than look no further than building React apps with Electron. Electron is a framework to build cross-platform applications using tools you already know and love, HTML, CSS, and JavaScript. Chances are you use an Electron app in your daily workflow. Still skeptical? If you use Slack, Atom, or VS Code, you are using Electron. When you pair Electron with React, you can build amazingly fast and robust applications for Windows, Mac, and Linux. In this session, we will walk through how to set up an application using Electron, than we will introduce React and build a small desktop app that looks and feels like a native desktop application.

Speaker

Chris DeMars

Chris DeMars

Front-End Developer, Tuft & Needle

Reactive for the Impatient (A Gentle Intro to Reactive Programming and Systems)

As Java is an object-oriented language that inherently supports the imperative programming style, asynchronicity presents a challenge that can turn the code into nightmare. One way to deal with the complexity of asynchronicity is to introduce reactivity onto the coding level (reactive programming), and/or to handle it on the design and architecture level (reactive systems design).

This talk presents to the audience a few of the major Java-based reactive frameworks and toolkits in the market today, such as RxJava, Spring Reactor, Akka, and Vert,x. It will start by going over the basic tenets of reactive systems, and some examples of the problems that these systems aim to solve. It will discuss the 2 most commonly used Java frameworks for implementing reactive coding - RxJava and Spring Reactor, and will show some code samples. It will then bring the audience to the next level of "reactivity' by introducing 2 reactive frameworks - Akka and Vert,x, which are usually used for implementing reactive microservices. It will draw some comparisons between these 2 frameworks and cite some real-life examples of their usages.

The takeaways for the audience will be an understanding of the key differences between reactive programming versus reactive systems, and the strength and weaknesses of each of the surveyed frameworks.

Speaker

Mary Grygleski

Mary Grygleski

Developer Advocate, IBM

Restful Grails

Grails includes a lot of features and functionality related to building RESTful services. These include a really powerful data binding system, runtime and compile time metaprogramming which greatly reduce the amount of code required in your RESTful services, a rich set of content negotiation tools and more. In this session Jeff will discuss and demonstrate many of the powerful REST features in Grails.

Speaker

Jeff Brown

Jeff Brown

Partner, Grails and Micronaut Practice Lead , Object Computing, Inc.

Rock-Solid Components with TypeScript and GraphQL

Most recent javascript frameworks bring a solid component model to modern web development, but how can you guarantee that your components work correctly? In this session, you learn how the features of Typescript can be leveraged to bring clarity and dependability when constructing components with React. Using Typescript can help to catch errors early in the development life-cycle. GraphQL and its type system can ensure confidence in your components while fetching remote data. This comprehensive approach ensures that your components behave as you expect, and allows you to eliminate run-time errors. Learn how using types can keep your users happy!

Speaker

Mat Warger

Mat Warger

Senior Consultant, Keyhole Software

Saving 60 Million Dollars: Steps Towards GDPR Compliance

A deep dive into finding and deleting your users' data.

Data privacy is becoming a priority on the political landscape. Legislation like the EU's General Data Protection Regulation (GDPR) imposes hefty fines on companies that mishandle their users' data. GDPR allows users to request a copy of their data, and to request that their data be deleted. For existing and legacy applications, this can be a non-trivial task. This talk discusses a first implementation of tools for finding and deleting user data, as well as more advanced approaches that can be used in new and actively developed projects.

Speaker

Harley Waldstein

Harley Waldstein

Software Developer, Gallup

Scrum Master, Beyond the Certification

Imagine if your job was to herd elephants, corral monkeys or discuss death defying acts overhead; under the bigtop of Scrum. Maybe a police officer protecting and serving the team working diligently to build potentially shippable products. Or a psychic foretelling of coming fortunes or doom. Most Scrum Masters start with a two day certification, but never learn about the plethora of other roles they need to perform outside of facilitating the events listed in the Scrum Guide. Join this session to find hidden treasures and adventurous roles inside the world of the Scrum Master.

Speaker

Diana Williams

Diana Williams

Director Agile Coaching, Project Brilliant

Secure by Design

As an industry we stand no chance against modern threats with our currently development process and mindset. In this session we’ll learn how good design drives security and can help mitigate some vulnerability to outside threats. This includes putting security at the forefront when designing an application by ensuring dependencies are up to date, performing server side validation and sanitation for all inputs, and running checks against our repository regularly, if not on every pull request.

Speaker

Matt Busche

Matt Busche

Consultant, Nationwide Insurance

Securing Java Microservices with Java JWT

Abstract

Micah will take you on a token based journey. The talk covers what tokens are, looking at cryptographically signed tokens, using the JJWT library to create JWTs, mitigating CSRF attacks using JWTs and establishing trust between microservices using JWTs. Some slides and lots of code.

Description

"Microservices are awesome, but they're not free" - Les Hazlewood, CTO Stormpath

This is a popular talk that I gave during my motorcycle road trip up and down the east coast. While I work for Stormpath, there are no Stormpath dependencies in the code. It's an example that uses Spring Boot with Spring Security and the open-source JJWT.

In the first part of the talk, I introduce JWTs and their utility by replacing the default CSRF functionality in Spring Security with a custom one that uses JWT. It demonstrates how, in addition to doing a "dumb" equals match for the submitted token and the one on record, a JWT can be inspected for expiration. This makes it so that you can have a form, protected by CSRF, that must be submitted within a certain period of time.

In the second part of the talk, I have a Spring Boot microservices example. I run two instances of the example and demonstrate how they initially do not trust signed JWT messages between each other. I then discuss how to establish trust between these microservices (by registering the public keys of each with each other) and then show how they now will trust messages. Finally, I talk about and demonstrate a more modern approach to microservices using Kafka messaging as the backbone rather than HTTP.

Here's a blog post I wrote on the subject as well.

Speaker

Micah Silverman

Micah Silverman

Senior Developer Advocate, Okta

SQL Server DevOps

In this session, we'll start from the beginning and discuss the decisions you need to make when deciding how you want to build and deploy SQL Server schema changes. We'll talk about Migration vs Model based approaches and the pros and cons of both. We'll discuss common gotcha's and review the workflows I've gone through to get to a successful build and deploy pipeline up and running in no time (including a SQL Server database that got its start over 25 years ago).

Speaker

Scott Sauber

Scott Sauber

Professional Software Consultant, Lean TECHniques

Test Driven Development: Back to the Basics

Test Driven Development (TDD) is a highly recommended but seldom utilized agile development practice. Primarily originating and associated with Extreme Programming, TDD is often misunderstood and therefore left by the way side when agile teams get going with development. I want to go back to the basics of TDD and show why it should be a practice every team employs. In Design Studio and Senior Design, we manage nearly 40 projects with more than 200 student team members combined. Test Driven Development can greatly impact these students’ careers in software development once they have realized its power and taken advantage of its benefits. Let’s bring it back down to the basics to remind you of this great opportunity.

Speaker

Jeremy Suing

Jeremy Suing

Design Studio Project Manager, UNL - Raikes School

The Dark Side of UX

User experience design brings clarity, removes obstacles. It rewards - makes us feel accomplished, successful... happy. Users are confident when using a well-designed application - as easy as clicking a button: [Buy]

Don't make me think - "did I opt in?" Don't make me think - "was that a hidden fee?"

Join us as we explore the wild world of user manipulation. The Bait and Switch. Trick Questions. Misdirection. Confirm-shaming! Discover the latest ways UX designers trick their users, how easy it is to do by accident and how it affects your brand.

[ Sounds great ] [ No, I hate knowing things ]

Speaker

Elizabeth Davies

Elizabeth Davies

Lead Developer, Gallup

The Dungeon Master's Guide to DevOps

Every good Dungeon Master needs a guide to help their party adventure through the world of DevOps. From the tools necessary to common monsters found along the way. Help your party succeed at a critical part of delivering quality software.

We'll go over the full CI/CD cycle: builds, commit hooks, static code analysis, pull request review tools, automated linting, QA/Security/Release automation and build automation. Gained from years of practical experience I’ll share what has worked best on projects cross industry and from teams ranging for 2 to 140.

Speaker

Bill Dinger

Bill Dinger

Solutions Architect, VMLY&R

The Slurm Framework: Toxic Company Cultures and How to Survive Them

Believe it or not, a Futurama episode and my experiences have led me to create the SLURM Framework which I believe will help you navigate toxic waters of a company's culture. In this talk I provide tips for Sensing the environment, Learning the telltale signs of negative and dangerous behaviors, Understanding how to cope and combat disruptive processes, Refactoring the norms and continuously improving, and when it's time to Move on. Let's open up the floor for a serious conversation about what I think is the single most important aspect of any company: culture.

Speaker

Dennis Stepp

Dennis Stepp

Quality Assurance Engineer, Lirio, LLC.

To retry or not to retry? That is the question.

So your system gets a failure calling a downstream dependency. What do you do? Should you retry? How often? Should we wait? How long?

While those are all good questions, they often miss the point. And if you stop at those questions, 'interesting' system behaviors can result, often leading to overwhelmed systems and downtime or poor performance and unresponsiveness.

Starting with real world analogies, we'll tease out principles that can be applied in most any situation.

Speaker

Avery Regier

Avery Regier

Operations Staff Engineer, Deere & Company

Tools of the trade: Error Logging, Web Request Tracing, and Background Jobs for your .Net applications

In this talk, we'll cover basic functionality and usage of three free tools for working with .Net applications.

The first tool we'll use is Hangfire for background jobs. This is an easy-to-add, lightweight tool for processing background work and allowing for us to integrate processes that would have needed a background service in the past. Hangfire is free and has a paid upgrade version available for additional functionality. It's also easy to add to your projects via nuget.

The second tool we'll look at is Elmah for error logging. This tool is available for free as a nuget package, and can be easily wired up to log your errors, as well as other critical application information at the time of the error.

The finall tool we'll look at is Stackify Prefix, which is a great tool for looking into your web requests, and can specifically help you recognize instances where you might be overworking your web and database resources.

All of the tools are good for any .Net application, however in this talk we'll be using a default ASP.Net MVC classic application for the purposes of our demonstration. All tools also work with .Net core applications.

Speaker

Brian Gorman

Brian Gorman

Lead .Net Developer, Far Reach

Usability Studies: The $1 Fix to the $100 Problem

Back by popular demand... Usability and User Experience are hot topics on the minds of both project stakeholders and customers. Many businesses are without dedicated UX professionals, committed to the research and design of key projects. As a developer, project manager, or business analyst, what can you do to improve the usability of your project? The answer: usability studies. Usability studies are an easy technique to learn and hard technique to master. Join Ash Banaszek, Sr UX Project Consultant at Union Pacific, as she walks you through the basics of usability studies to start finding real, actionable results to improve your applications. In this session Banaszek will take you through: * What are usability studies and why should we use them? * Pinpointing what parts of the app to study * Finding the right medium to test * Creating tasks and identifying users * Running a study * Interpreting results * Applying results to your design * Communicating results with stakeholders At the end of this workshop, participants have the ability to apply your knowledge by testing your own applications or an application the instructor provides. If you would like to test your own app, please be prepared to bring it and share.

Speaker

Ash Banaszek

Ash Banaszek

UX Associate, Union Pacific Railroad

Website Security for Web Developers: What You Need To Know

We live in a world full of news articles about hacking attempts, successful hacks, and malware spreading like wildfire. It is important to have an understanding of how, as web developers, we can work to ensure our systems are secure. Often times security, and related, concepts are discussed, but never fully implemented. This session will take a deep dive into considerations, tools, and techniques to ensure that your developed applications are secure, and that you have tools necessary to validate the security.

We will review various web security techniques including the proper usage of SSL Certificates, additional HTTP Headers for Browser security support, automation methods of validating integrity of your application, the OWASP Top 10 Issues list, and the role of security assertions from third-party vendors. After this sessions, developers will have a toolbox of items to review, and reference materials to further educate themselves on common security pitfalls that impact developers.

Speaker

Mitchel Sellers

Mitchel Sellers

CEO, IowaComputerGurus, Inc.

What does your Instagram say about you? Exploring Google Cloud Vision AI & Machine Learning Products

Attendees will get to explore application development with Google Cloud Vision API which can categorize photos, detect objects, identify landmarks, and extract corporate logos from images. From there, the sky's the limit with exploring the detected labels. We'll check out different photo sharing accounts, and see what we can know about them all through their photos. This will use Google Cloud Platform, Ruby, with JSON formatted labels that are translated into a tag cloud with what activities are being displayed through the images and shows a cross-section of different technologies.

Speakers

Christine Seeman

Christine Seeman

Software Engineer, Flywheel

What's New in C#8

C# is an open-source, mature object oriented language, used by millions of .NET developers, yet its evolution is still underway. In this session, we'll cover the latest features that have been added to C#8 and how they work in detail so you'll know when to use them effectively in your new .NET projects. You'll also see the direction C# may be going with future versions of C#.

Speaker

Jason Bock

Jason Bock

Practice Lead, Magenic

Where Did These Story Requirements Come From?

Have you ever wondered where your next chunk of work comes from? What goes into those user acceptance criteria that tell you what needs to be developed? The business analyst on your team has gathered those specifications and requirements from the product owner so that your team can deliver software to the business that will make their jobs and days easier! The role of the business analyst (BA) is to keep the team in line with the product vision and established timelines. The BA does this by working closely with the product owner, subject matter experts, and support members to understand the business workflow, needs, and challenges. The BA must understand the high-level features and goals of the project and break those down into manageable chunks of work. Documentation of the requirements may include wireframes, process maps, and use cases. The BA’s responsibility is to understand the business’s critical goals and fit those goals into software solutions. Attendees will leave this session with a better understanding of how Agile stories are investigated, created, and refined so the team can build a product that will thrill their business partners.

Speaker

Lindsey Schacherer

Lindsey Schacherer

Business Analyst, Corteva AgriScience

Working with PDFs in Python

In this talk, you will learn how to work with PDFs using Python. There are many PDF libraries in Python that allow you to interact with and create PDFs in different ways.

You will learn how to do the following tasks:

  • Extract metadata from a PDF
  • Split PDFs
  • Merge PDFs
  • Create watermarks
  • Rotate pages
  • Add encryption

All these things and more can be done with Python and a little bit of know how!

Speaker

Mike Driscoll

Mike Driscoll

Python Subject Matter Expert, Ag Leader Technology