Jump to navigation Jump to content

Most Active Speaker

Andrei Epure

Andrei Epure

Software Engineering Manager at Sonar

Genève, Switzerland

Seasoned software engineer and engineering manager specializing in developer tooling.

I work in the Analysis Team at Sonar. I began my software engineering career at Microsoft. I joined Sonar because I believe clean code is essential for the well-being of both developers and organizations.

Links

Awards

  • Most Active Speaker 2023

Area of Expertise

  • Information & Communications Technology

Topics

  • .NET
  • Roslyn
  • NuGet
  • MSBuild
  • Microsoft
  • Clean Code
  • Software Development
  • Software Craftsmanship
  • Security
  • Application Security
  • Engineering Culture & Leadership
  • Software Engineering

Sessions

Clean as you Code: use Sonar and Roslyn analyzers to focus on the code you modify

Clean code is crucial for ensuring the maintainability and scalability of software projects. However, it can be challenging for developers to improve the code quality of legacy codebases.

In this session, Andrei will introduce the Clean as You Code approach, which empowers developers to take ownership of their code and meet high-quality standards. Using the open-source tools SonarQube and SonarLint and various open-source Roslyn analyzers, developers and teams can focus on the code they modify and ensure that it adheres to Clean Code standards.

By adopting this low-effort approach, developers can quickly identify and fix code issues, resulting in a cleaner codebase and improved software quality. Over time, by cleaning the code you modify, you enhance the quality of the overall code and achieve a more maintainable, reliable, secure, scalable, and high-quality codebase.

How your .NET software supply chain is open to attack : and how to fix it

Software supply chain attacks can be catastrophic. For instance, the 2020 SolarWinds hack was considered an attack against the entire government and private sector of the United States of America.

Security researchers have shown that all significant package managers are vulnerable to supply chain attacks like typosquatting and dependency confusion. NuGet is vulnerable by design in its default configuration.

First, you will see how typosquatting and dependency confusion attacks can compromise .NET supply chains that rely on the default NuGet configuration. Second, I will show how you can secure your NuGet configuration to thwart evil hackers.

This talk will assume attendees have some basic knowledge of NuGet and MSBuild.

Events

.NET Developer Conference '23 Sessionize Event

November 2023 Köln, Germany

Techorama Netherlands 2023 Sessionize Event

October 2023 Utrecht, The Netherlands

.NET Day Switzerland 2023 Sessionize Event

August 2023 Zürich, Switzerland

Techorama 2023 Belgium Sessionize Event

May 2023 Antwerpen, Belgium

VisugXL 2022 Sessionize Event

October 2022 Hasselt, Belgium

.NET Day Switzerland 2022 Sessionize Event

August 2022 Zürich, Switzerland

Andrei Epure

Software Engineering Manager at Sonar

Genève, Switzerland

Links

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top