Gregorio Palamà
GDE Cloud | Mia-Platform Expert | Senior Enterprise Architect @ Adesso | Community Manager @ GDG Pescara
Pescara, Italy
Actions
I have been working in the IT industry for over 15 years. I currently hold the role of Senior Enterprise Architect in Adesso. I am a Google Developer Expert on GCP and a Google Cloud Innovator Champion on the topic of modern architecture. I manage GDG Pescara together with other developers, I love sharing my knowledge and trying to do it in a fun way.
Links
Badges
Area of Expertise
Topics
See the Unseen: Perfecting image descriptions for screen readers with GenAIen
As the web evolves, so must our approach to accessibility. The potential of GenAI allows us to optimize digital content for users with visual impairments and with tools like Lighthouse we can improve the quality of the alt description of our images.
Providing an alt description is crucial, but how good is the text that we are using? Today’s technology gives us the great potential to create what we could consider a quality gate for accessibility powered by GenAI. Join us to understand how we made this possible with a custom Lighthouse audit and get ready to improve the accessibility of your websites!
SLSA on GCP: let's mitigate Supply Chain threatsen
The recent backdoor inserted in XZ makes us reflect on the ever-increasing importance of inserting mitigation mechanisms on threats to which the entire Supply Chain is exposed in the software development cycle. After introducing a classification of threats through the SLSA security framework, we will see how GCP allows us to address and mitigate the threats.
Even a Byzantine general can agree on lunchen
A group of Byzantine generals, notoriously unreliable and prone to treachery, are trying to agree on lunch.
This situation usually leads to failures. They even invented the "Byzantine generals problem" around it! Why is it so important? Well, imagine having distributed systems that have to agree on something. Oh, wait... isn't it just the same condition?
This talk will be your hilarious guide through the world of consensus algorithms, focusing on Paxos and Raft.
I will show you some examples and talk about products and services using both the algorithms.
Unlocking Data Secrets: Row Level Security with Spring and Hibernateenit
Row Level Security (RLS) lets us to achieve granular data protection in our Spring applications, but how to implement it in an effective way? Triggers, Filters, Aspects, there are a bunch of different approaches, and all of them lead to different considerations. This talk provides an insight into implementing RLS using Spring and Hibernate. We'll explore practical techniques like Hibernate filters, Spring AOP aspects for security enforcement, and robust testing strategies to guarantee data integrity.
K8s Gateway API 101en
As the Gateway API recently reached the stable level, we really should start switching from Ingresses to a more efficient way to route the requests to our k8s orchestrated services.
We will delve into this role-oriented, expressive and extensible project, with some examples and live demo, comparing it with other major solutions.
Tales of Dockerfile and Buildpacksen
Once upon a time, there were Dockerfiles. And developers used to write them, adding layers and layers on their own, manually. And then came Buildpacks, automating the containers' creation without the need of a Dockerfile. And it was great, if not for...
In this session, we will delve into the pros and cons of Buildpacks, a CNCF's incubating project that aims to automatically generate containers without a Dockerfile, just analyzing the source code of our application.
Si sta come sulle nuvole in un tubo i datien
Cloud Dataflow è un servizio disponibile sulla Google Cloud Platform che permette di trasformare e arricchire dati sia in modalità stream (real time) che in modalità batch. Il suo approccio serverless per la gestione e il provisioning delle risorse permette di avere a disposizione una potenza elaborativa virtualmente illimitata, pagando soltanto per quello che si utilizza. Ma quali sono le criticità da un punto di vista di uno sviluppatore? Vedremo insieme gioie e dolori di questo strumento potentissimo tramite esempi pratici di elaborazione dati in modalità stream.
Multi-Container Pod Design Patterns in Kubernetesenit
More often than not, a pod contains only one container. And this approach is correct for countless cases, although it is not the only approach we can adopt when we bring our Cloud Native application to a Kubernetes cluster. However, having multiple containers in the same pod brings benefits only in certain cases, mapped by Design Patterns suitably designed to ensure the simplicity of application containers, adding capabilities to solve specific problems using other containers. We will see together the most common patterns in detail, trying to understand in which occasion they are most useful.
How I will explain Kubernetes to my daughterenit
Once upon a time there was Bino, a little elephant who sold feathers. And Bino wanted to explore the world, and he ventured out to sea together with Ual, a whale who taught him to stay on a raft. But Bino wanted to meet many other animals, and learn about the world, and be able to be quick and efficient to sell as many feathers as possible, until he encountered a large ship full of promises and magic.
Kubernetes is a complex system and not at all obvious. It is almost impossible to explain its internal functioning to non-experts, but fairy tales allow us to use our imagination to transform usually complex concepts into something magical. In this talk I will tell you about the mechanisms of container orchestration as I intend to do it with my daughter in a few years, exploiting the magic of fairy tales.
The Agile danceenit
Scrum, Kanban, Scaled, XP. The Agile world has an ever-growing number of methodologies, but always refers to a single Manifesto, which is the main guide for each framework. Beyond methodologies, daily standups, sprint plannings, what can a developer do to be a better Agile developer? Let's retrace the career of a great sport champion like Michael Jordan to find out how Chicago Bull's two three-peats can also give advice in the Dev world.
Microservices: Awareness and Discovery Patterns on K8s enit
The potential offered by Kubernetes in orchestrating our microservices puts us with problems that we would not encounter in a monolithic context. Does a single microservice A need to know whether or not there are multiple replicas of a microservice B that it needs to query? And how is it best to solve this problem? These and other cases are the topic we will address, with examples and real use cases.
The good, the bad, the nativeen
Native image from GraalVM offers a good, wonderful way to optimize our application, written for the JVM, and transform it in a native executable that will guarantee low startup times, low resources consumption, high performances.
A lot of libraries and frameworks are still not ready for this, and that's bad!
Come discover my personal journey in the native compilation of a JVM-based application. We will see the good things, as well as the pains, the struggles and some of the ways I've found to be effective to solve difficult moments.
"Spanner"ing the competition: a wrench in the battle of SQL vs NoSQLen
Key-value store, but with a SQL interface. Shard-like, globally distributed, but with a full support for ACID transaction and TrueTime deceiving time under the hood. The power of Google Cloud Platform that brings scalability to a high standard. In this talk we will discover how Spanner can guarantee a strong consistency while seamlessly scaling and distributing datas all around the world: is it SQL or NoSQL? Or maybe we have a NewSQL?
OpenTelemetry and Black Holes: a security matteren
OpenTelemetry collector helps us to enable observability in an easy way. But are we aware of the security threats we could encounter if we are not using it correctly? Just think about the exposure of sensitive data... This talk wants to cover some of the vulnerabilities, and more importantly, to show the best practices we should implement when using observability tools like OpenTelemetry.
The sound of malwareenit
Hello CVEs, my old friends
I've come to deal with you again
Because a backdoor softly creeping...
Ops, sorry, we were singing out loudly. That's something we keep doing everytime a new vulnerability breaks in our daily routine. Lately, that has happened because of our software's dependencies, more and more often. Log4J, you say? Oh, well, let's not forget about XZUtils! Supply chain attacks, they call them. We started dealing with them to the rythm of SLSA (read "salsa"), but then we noticed that we could do more. A lot more! And we turned our malicious binaries into...well, waveforms, music. And we started rocking them! By reading those binaries like if they were normal waveforms, and by analyzing them with some math (Cepstum, Fourier series, etc.) we created a model that aims to detect if a dependency is malicious. And also, to classify it by the type of malware. Fascinating, isn't it? The sound of malware...
SharpCoding 2024 RomaSessionize Event
DevFest Venezia 2023Sessionize Event
DevFest Milano 2023Sessionize Event
DevFest Pisa 2023Sessionize Event
DevFest Bari 2022Sessionize Event
DevFest Pisa 2020Sessionize Event
GDG DevFest Urbino 2019Sessionize Event
GDG DevFest Pescara 2019Sessionize Event
Gregorio Palamà
GDE Cloud | Mia-Platform Expert | Senior Enterprise Architect @ Adesso | Community Manager @ GDG Pescara
Pescara, Italy
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top