Fredrik Ljung
Lead Developer and Architect at Datema Retail
Lead Developer och Arkitekt på Datema Retail
Stockholm, Sweden
Actions
Fredrik Ljung has been a professional developer since 2007, after spending nearly as long digitizing building drawings, installing building automation systems, and delivering snail mail. He has spent the past 12 years on the .NET platform, developing anything from embedded systems for handhelds to cloud-based services and APIs.
Today he works as a Lead Developer and Architect at Datema Retail, where he fights code entropy with his head in the clouds. After 15 years of reading and writing code, he has found an appreciation for code that has a clear structure and is easy to understand.
Fredrik Ljung har jobbat som professionell utvecklare sen 2007, efter att ha jobbat nästa lika många år med att digitalisera byggnadsritningar, installera fastighetsautomationssystem, och levererat snigelpost.
I dagsläget jobbar han som Developer Lead och Architect på Datema Retail där han med huvudet i molnen bekämpar kodentropi. Han är en sällanbloggare, förälder och partner, gitarrfuskare, och stundtals lite väl besatt i hockey.
Area of Expertise
Topics
Monitoring and Logging in .NET with OpenTelemetry
No matter how skilled you are as a developer, once you put your system into production and users are allowed in, unexpected things will happen. While most users are just doing their job, some may have far more nefarious purposes for interacting with your system. In both cases you need insight into what is happening in your system so you can ensure the legitimate users are able to do their jobs, while preventing the bad actors from abusing your system. This is where monitoring and logging really can make a difference by providing necessary data to improve and protect your system.
In this session we'll explore what monitoring is, how to effectively monitor an application in .NET. We'll look at what metrics .NET generates by default and how to create and collect custom application metrics. We'll trace requests as they move through the system and we'll use the Activity API's to add custom spans to the data. Additionally, we'll look at structured logging to log important application events and how to add your application specific data to the output.
Finally we'll look at how to correlated metrics, traces and logs using OpenTelemetry and export this data into a monitoring platform such as Azure Monitor or Datadog. With all the data centralized, you'll see how metrics can be displayed on dashboards, traces visualized as they propagate through your services, and alerts configured for key events or changes in system behavior. When things go wrong, or you need deeper insights, the correlated, searchable logs will significantly speed up your investigation and help you get to a resolution faster.
Securing your dependencies with the OWASP Dependency tools
Keeping your dependencies up to date is more important than ever. Unpatched software is an increasing problem in our industry, and in 2023 OWASP added A9-Using Components with Known Vulnerabilities onto their top 10 list for the first time. A recent study by Ponemon Institute revealed that 60% of all breaches were due to unpatched known vulnerabilities, but at the same time 62% of victims were unaware of that they were vulnerable.
Luckily OWASP has two projects that can help with this problem, Dependency-Check and Dependency-Track. Join me as we look at how Dependency-Check can be added to your build pipeline to prevent unpatched components from making it into your releases. And how to use Dependency-Track to monitor the dependencies of your deployed versions for new known vulnerabilities.
Cheating at .NET security, the right way
You might have heard of the OWASP Top 10 Web Application Security Risks, but did you know that OWASP publishes more than 80 Cheat Sheets with condensed information on how to improve security in your applications? With topics ranging from Authentication and Logging to Threat Modeling and User Privacy protection the Cheat Sheets provides both guidance as well as hands-on code examples. In this session we'll focus specifically at the DotNet Security Cheat Sheet and look at some practical examples on how to address the OWASP Top 10 Security Risks in .NET. And for those of you still using .NET Framework, don't worry there's some good stuff in there for you as well.
Analyze this: Raise your code quality and follow code standards with the Roslyn analyzers
If you are a developer using Visual Studio, chances are you have noticed squiggly underlines in your code that show up when you have written code the compiler cannot interpret. They are only a small part of the surprisingly extensive Roslyn analyzers tool kit.
Starting with .NET 5 a few analyzers are activated by default, but with some simple configuration, these and hundreds more can be enabled not just for .NET 5+ but previous versions of .NET such as .NET Core and .NET Framework. There are analyzers to help you improve your code quality and analyzers to help you maintain your coding standards. Using .editorconfig files you can configure these analyzers across your entire code base and control which analyzers should be active for different parts of your code base.
In this session, we will dive into how the Roslyn analyzers are activated and configured to display suggestions, warnings, or errors. I will look at strategies on how to add Roslyn analyzers to an existing code base without being swamped in warnings, and show how to validate the rules during a command-line build. Once enabled the Roslyn analyzers help ensure your code is easier to read and safer to run.
Improve your coding experience with tips and tricks of the trade
Each year at .NET Conf, Dustin Campbell and Mads Torgersen unwrap the gift of a new C# version. If you're anything like me, you can't wait to sink your fingers into its shiny new features, promising a vastly improved coding experience. Yet, the next day, you're back working on a .NET Framework solution still stuck in C# 7.old. But there's a cure for that. A cure that doesn't involve migrating to .NET 8. In this session, I'll show you that cure and share various tips and tricks to make C# coding easier.
We'll explore how to make NuGet package version management simpler and more secure, how to quickly test code snippets or explore how a .NET feature works, and how to use analysers to boost your productivity. Join me as we look at things that although they might not all directly involve writing code, they make coding more efficient and enjoyable.
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top