DISC is a one-day conference dedicated to all avenues of cloud business software.
Registration is free and food & beverage will be provided.
Saturday 23 September 2017
8:00 – 18:00
Faculty of Informatics
602 00 Brno
Developers & QAs, security specialists, backend, XD and UI enthusiasts.
|9.00 – 9.05||
|9.10 – 9.55||
When the design spec is not enough there is a time to start an initiative to move your design forward in a different way. Let's take a look how to approach this problem from the perspective of cross-world collaboration.
Oracle Mulittenant: Ideal Architecture for World-Class SaaSPatrick Wheeler
Oracle Multitenant offers the perfect database architecture on which to develop an efficient, modern software-as-a-service (SaaS) application. Your customers want market-leading functionality and configurability at competitive prices. You need to deliver this with great agility combined with both an ability to scale as well as great economies of scale. In this session learn how application containers, new with Oracle Multitenant in 12.2, provide this winning combination.
|10.00 – 10.45||
Content Delivery Networks, shoot in the foot or a silver bullet?Antonin Crha
What defines uptime in the highly distributed CDN world? What complexities does CDN bring to your – already complicated – stack? This and few lessons we learned from implementing and talking to some of the most respected CDN vendors is the topic of this talk.
How to spend $3.6mil on one coding mistake, and other fun stuff you can do with $3.6mil.Matias Madou
In a recent global study, the average cost of a data breach is $3.62M globally. This session will discuss infamous examples of data breaches that has made headlines around the world. We will explore the technical details of the vulnerability itself and what a coding solution may have been to prevent the breach. We will also dive deeper on exploring different solutions, processes and techniques you can apply in your day-to-day to prevent application security vulnerabilities in your code.
|10.50 – 11.35||
Taking the Leap: Navigating to Business Careers from Technical BackgroundAnisha Bhatia
Many of us in technical roles want to move beyond building the product, and play a bigger role in defining and influencing the product and company direction. Join this session to learn how to successfully apply for and transition to business roles such as product management, product marketing, business development or consulting services.
How to Stand Up a Security Design Review PracticeDouglas Held
Security Design Review can prove intractable to Software Security Assurance program, due to the chicken-and-egg problem of identifying experienced design reviewers. Instead, it is possible to set up a Security Design Review practice from scratch, using a principles based approach. Learn how to assesses a design; understand how to balance the risks and benefits of mandatory review. Learn how to scale the practice, how to measure progress, and finally, what attributes of the ecosystem will grease the wheels of the design review process.
|11.40 – 12.25||
Garbage Collection and Memory Leaks in JavaFilip Konecny / Jozef Puchly
Java's automatic memory management does not prevent applications from experiencing memory-related problems. In this talk, we will cover principles of garbage collection and discuss how its configurations impact performance. The focus will be on HotSpot's CMS and G1 collectors. We will also touch upon the topic of memory leak investigations and explain basic concepts of Eclipse Memory Analyzer.
|12.30 – 13.20||Lunch|
|13.20 – 14.05||
Oracle Performance at Scale: how do you design a schema, write SQL, and configure a database to service millions of SQL transactions per day?Todd West
Database performance is critically important to the success of every cloud application. This session provides sound principles for database design, schema design, and query writing. But just as important are the "tools and tricks" that come from an empirical, fact-based approach to performance tuning. This session shares concepts and tools any software engineer can use to understand and prevent database performance problems. The ultimate goal: deliver order-of-magnitude scalability improvements.
Java Security Survival Guide for Software EngineersMilton Smith
You don’t want to be a security expert but you also don’t want to be responsible for the vulnerability that brings down the system. What are the basics of a balanced approach to security that developers need to know? What are some of the platform security and open source security resources available to you? Do you understand the significance of recent security improvements in JDK 8 and JDK 9? Join Milton in this session and learn about Java platform security, open source resources, as well as techniques to strengthen your software projects.
|14.10 – 14.55||
Not Just Browsers: Enabling crawlers to process modern web appsTao Klerks
Modern web apps are increasingly implemented with portions, or even all, of the user-facing content rendered on the client-side. This trend, while not universal, is important enough to need addressing in a modern web platform, especially in applications where SEO matters. This session will take a look at various pre-rendering and snapshotting techniques and considerations to ensure that your customers can deliver the most sophisticated user experiences, without compromising on the parseability & searchability of their content.
Oracle Cloud InfrastructureSteven B. Nelson
Oracle Cloud Infrastructure provides an Enterprise grade cloud platform suitable for your most demanding workloads. In this session, you will learn about the capabilities of the OCI platform, with discussion of the current and proposed future capabilities, built in security features, and ways of manipulating the platform. The session will demonstrate working with the platform, including setting security policies, methods of using Terraform to deploy infrastructure as code, and how to use both our API and SDK to manipulate our to your needs.
|15.00 – 15.45||
OpsMCL : The hero we need, not the hero we deserveKurt Wubbels
How Oracle | NetSuite addresses the challenge of building repeatable, automated operational processes in heterogeneous environments.
|15.50 – 16.35||
Skills of a Highly Productive Operations TeamBryan Washer
Presentation on skills that can take a functional operations team to a highly effective operations team.
|16.40 – 17.25||
Role of test automation in software developmentMilan Vondra
Without development there is no software but without testing there is not a good one. And efficient testing cannot exist without automation. This presentation is focused on test automation, how we do it at NetSuite and why. This is not theoretical presentation! You will see real examples of problems and how we are solving them. You will see different types of tests and how they are used to test different layer of functionality from component tests to UI tests. You will have a chance to speak with people working on these problems. You will see how Continuous Integration works at NetSuite and more.
|17.30 – 18.15||
Getting Started w/ BeyondCorp - Being More Secure Without VPNFredrick Lee
VPN is a great solution for enabling secure transmissions across untrusted networks. However, it's not always practical and sometimes doesn't provide enough security. Several companies are adopting a BeyondCorp philosophy instead of relying upon VPN. This talk goes over some of the key strategies and philosophies behind BeyondCorp and how companies can get started adopting these strategies.
|18.15 – 22.00||After party|
"Flee" is the Head of Information Security at Square. He has a history of solving security problems for a range of organizations all the way from large enterprises (Bank of America) to small startups (Twillio). He's experienced in building and leading global security teams and specializes in application security. He's passionate about all things security, but finds time to indulge in other hobbies including road cycling, mountain biking, rock climbing, snowboarding, backpacking, and photography.
Patrick Wheeler joined Oracle in 1986. He worked as Consultant and Consulting Practice Manager for several large financial institutions in London and San Francisco. He was closely involved with the development of Oracle CASE and was responsible for the worldwide launch of CASE and establishment of custom consulting practices in the early nineties. In 1995, Mr Wheeler joined Siebel Systems and was a member of the Founder's Circle. As Data Architect and Director of Data Modeling he oversaw the development of Siebel's Data Model from Sales Force Automation startup to CRM juggernaut. He went on to establish the Reliability Engineering practice at Siebel Systems, guiding the product from pre-release instability to production release solidity. He has been awarded three US patents as Inventor. Now back at Oracle, Mr Wheeler is Senior Director, Product Management, Oracle Database, with responsibility for Oracle Multitenant.
Milton Smith (California, USA) leads product security for the NetSuite division at Oracle. Previously Milton was security leader for the Java platform engineering group. Outside the company, Milton is the project leader for both the OWASP DeepViolet TLS/SSL scanning API and OWASP Security Logging Projects. Previous employers include companies like Yahoo and SuccessFactors. For more information visit securitycurmudgeon.com or follow Milton on Twitter(@spoofzu).
Steven B. Nelson has been a Solutions Architect, Systems Administrator/Engineer for over 20 years, working with both Windows and *NIX operating systems, various storage systems and major cloud/virtual infrastructure providers. His past roles included Director of Technology for a machine learning startup, Enterprise Architect for a major storage system provider, supporting the global Fortune 50, and the Global Solutions Architect for storage for AWS. He currently is a Senior Solutions Architect for Oracle Bare Metal Cloud, providing prototyped solutions to engineering and architected solutions for customers of BMCS, and is an Adjunct Professor of Computer Science at a local college. Steve hold various certifications and has a Masters in Computer Science. Publications include Pro Data Backup and Recovery, as well as several articles and white papers.
Filip Konecny is a software engineer at NetSuite focused on application performance including GC tuning and memory leak analysis. Prior to joining NetSuite he worked as a researcher in the field of formal verification.
Bryan Washer is the Principal Site Reliability Engineer and Manager of the Engineering Operations Architecture group at Netsuite. He has over 20 years experience in supporting production environments across several fortune 500 companies. He specializes in designing solutions easy to maintain, quick to deploy and the flexibility to scale. Currently, he is developing an Elasticsearch implementation enabling extensive mining of data to provide world class event and data correlation.
Tomas is User Experience designer with 10 years of experience in digital design industry. For many years he worked as freelance designer and consultant for clients ranging from agencies to corporations. Currently he leads NetSuite UX team in Brno and he is also involved in educating and mentoring next generation of designers in UX Well. Together with his wife they run startup which focuses on crafts & DIY activities for kids.
Anisha is a Product Manager at Oracle | Netsuite, a leading provider of cloud based business software. After completing a Bachelor’s degree in Computer Science and a Master’s degree in Information Systems she started her career as a Software Quality Assurance engineer. She successfully transitioned into product management, where she enjoys turning ideas into solutions to solve real problems. She is passionate about encouraging women to pursue technology roles and works with the Women in NetSuite Recruiting team that aims to increase the recruitment of women into NetSuite and inspire girls to choose a tech career.
Passionate front-end evangelist, focused on computer human interaction, with more than 5 years of experience in cloud application development such as NetSuite, GoodData and OpenAir. Currently works on products next generation front-end experience in NetSuite UI Brno team. Life hacker, fascinated by graphics, psychology and optimization loves to create tools to allow rapid prototyping of designs to make programming fun again. In his spare time, he’s always in the move on his kick scooter in the city, running around the trails, cruising the slopes, riding bike or dancing.
Chris Blum is a Co-founder of NeSuite and its former Chief Security Architect. His career spans three decades and several compute architectures. He wrote his first formal security paper entitled “Computer Crime” at the age of 13 in 1982 using an IBM Selectric II typewriter.
Jozef Puchly is a performance engineer at NetSuite focused on optimizing systems running the Java Virtual Machine, identifying performance issues and creating strategies for performance analysis and optimization of various components in NetSuite’s technology stack.
Matias Madou is the co-founder and CTO of Secure Code Warrior where he is responsible for leading the company’s technology vision and overseeing the engineering team. Matias has more than 15 years of hands-on software security experience and has developed solution for companies such as Fortify and HP, and founded a company called Sensei Security. Over his career, Matias has led multiple application security research projects which have led to commercial products and boasts over 10 patents under his belt. When he is away from his desk, Matias has served as an instructor for advanced application security training courses and regularly speaks at global conferences including RSA Conference, Black Hat, DefCon, BSIMM, OWASP AppSec and BruCon. Matias holds a Ph.D. in Computer Engineering from Ghent University, where he studied application security through program obfuscation to hide the inner workings of an application.
Kurt Wubbels is the Senior Manager of the Operations Tools and Automation group at NetSuite. In over a decade with the company he’s been designing systems and solving problems in roles ranging from Systems Engineer to Infrastructure Developer. Prior to his career in technology, Kurt spent his weekends traveling the US as a Pokemon master.
Douglas Held has been working in technology since 1998 and has been working exclusively in security for the past eight years. In 2008, Doug used Fortify SCA, a commercial static analyzer, to find a buffer overflow in Ron Rivest's MD6 hashing algorithm, contributing to its withdrawal from the US National Institutes of Standards and Technology's Secure Hash Algorithm (NIST SHA-3) competition. He continued to advise industry on application security best practices until joining NetSuite in March 2015 to consult internally full-time. His role at NetSuite is to guide and evangelize security, and owns the company's security design review practice.
Milan Vondra is the Senior QA Director and has been working in NetSuite for more than 5 years. His main credo is to lead by example. Besides managerial duties he works as individual contributor in User Interface team where he is responsible for design and together with rest of the team also for development of NextGen UI automation framework, where he can use years of experience in the field.
Todd West, Sr. Manager of Database Engineering and Schema, is an Oracle database professional with 18 years of experience in performance optimization and design. Education: BA and MA in English Literature from University of California, Santa Barbara. His degrees contributed little to his current role other than to heighten his sense of personal irony. Connect: www.linkedin.com/in/toddwest/
Tao Klerks is an Architect in the Commerce Engineering group at Oracle Netsuite. He has 15 years of experience building internet software systems, and currently focuses on building the platform for Commerce at high scale. He is particularly interested in the challenges of developing a backwards-compatible and extensible platform supporting commerce sites from the distant past and into the far future. He studied Psychology with Artificial Intelligence at Edinburgh University, and in his free time (before having children) enjoyed rock climbing in Italy and Spain.
Tonda regrets not paying more attention during computer network lectures back at university. Turns out statements like "Who needs to understand details of the computer networking these days?" couldn't have been more wrong. Those topics once regarded as obsolete are precisely what he is doing for living at NetSuite Infrastructure. Before joining NetSuite, Tonda led development department of one of the largest e-commerce platforms in Europe.
Saturday 23 September 2017
8:00 – 18:00
Faculty of Informatics
602 00 Brno
There will be several events running simultaneously with all the presentations and we would like to invite you to participate, enjoy and learn! This is your chance to shine in the SuiteBot melee fight, earn glory as the Secure Code Warrior or join our design thinking workshop and learn the secret tricks!
All the events are free and with some great prizes to win. Space is limited, so register early:
Please note that only DISC attendees can participate, so before you register to your favorite event, make sure to register for DISC first!
Do you want to let your code compete against others? Then you will love our SuiteBot tournament!
In the SuiteBot tournament, you will be creating an AI for a simple game. You will code your bot, watch your bot fighting other bots, improve the bot for next round and maybe win some valuable prizes in the end! Plus you will have fun and learn some valuable programming skills.
We keep the game rules top-secret up to the very start of the tournament. It is a brand new game, created just for this event. We strived to make it interesting to play and adrenaline to watch 🙂 Check out a replay from last year.
We have designed the game so Test-Driven-Development is an advantage, but you can code anyhow you like.
Do you like to code alone? Then enroll yourself in! Do you like to code with someone? Bring one of your friends too and do pair-programming!
Join us and have some nerdy fun together! More info and registration is here: http://suitebot2.netsuite.com
Join Secure Code Warrior's live tournament to prove your web application security knowledge of the OWASP Top 10 or if you simply want to learn more about secure coding.
Players will be presented with a series of vulnerable code challenges that will ask them to identify the problem, locate the insecure code, and fix the vulnerability. Select from various software languages to complete the tournament, including: Java EE, Java Spring, C# MVC, C# WebForms, Ruby on Rails, Python Django, Scala Play & Node.js.
Watch as you climb to the top of the leaderboard and be crowned the Secure Code Warrior. Prizes will be provided to the top 3 winners.
Follow us on social media and use hashtag #securecodewarrior for a chance to win extra prizes.
To pre-register, visit Secure Code Warrior registration page
Enter the Invitation token: 786 222 982 702 and fill in your details.
The join code to enter the tournament will be provided on the day.
Join the NetSuite UX Design team at DISC conference for a session of hands-on design thinking workshop!
We'll show you how to tackle a design problem, from understanding the customer’s pain points to coming up with a viable design solution.
This time we chose to solve a problem everyone came across at least once: helping people take better care of their dental hygiene! Come work side by side our UX designers and front-end developers and help us find an out-of-the-box solution that will teach people to take better care of their teeth, learn about the tricks we use in our trade and get the chance to talk to a real user persona: a dentist!
If this doesn't sound like a whole lot of fun already, we've sprinkled the workshop with a few surprises and will be awarding some of the best ideas at the end! 🙂