Hackers vs. APIs: The Hidden Weaknesses in Your Code

APIs are the backbone of modern software, enabling seamless communication between applications. While their importance is undeniable, APIs can be susceptible to security breaches if not properly secured. This talk dives into the OWASP and CWE top security vulnerabilities, established frameworks that identifies the most critical API security vulnerabilities.

We'll explore real-world examples of these vulnerabilities, along with corresponding code samples, to illustrate the potential threats and their impact. Through this exploration, you'll gain a deeper understanding of how to fortify your APIs against malicious actors, ensuring the safety and reliability of your software ecosystem.

Preferred session duration: one slot, 30-60 minutes

Target audience:
Software Developers - this includes backend developers responsible for building and maintaining APIs, as well as frontend developers who integrate with APIs
API Designers - those involved in designing and documenting APIs will benefit from understanding common vulnerabilities
Security Professionals - anyone involved in application security will find this talk valuable for identifying and mitigating API-specific risks
Architects and Team Leads - those responsible for the overall security posture of applications will benefit from understanding API security best practices

GitHub Copilot: The Smartest Way to Code?

This workshop “GitHub Copilot: The Smartest Way to Code” is designed to help software developers learn how to use GitHub Copilot, an AI-powered code suggestion tool that can help you write code faster and more efficiently. The workshop will cover topics such as setting up GitHub Copilot, configuring it, troubleshooting, and using it with Visual Studio (Code). The workshop will include a hands-on exercise where you will develop with AI-powered code suggestions using GitHub Copilot and Visual Studio (Code). By the end of the workshop, you will have a good understanding of how to use GitHub Copilot and how it can help you write better code leading to better software quality.

Preferred workshop duration: 2 hours, half day, one day, I will adapt the content depending on the time

Target audience: SW Engineers, QA Engineers, SW Development Team Leaders

Technical requirements: Visual Studio (Code) or any other IDE with GitHub Copilot extension, GitHub Copilot (Chat) extension installed

Beyond the Basics: Advanced Exception Handling Techniques in C#/.NET

Exception handling is a fundamental concept in C#/.NET for managing unexpected errors. While basic try-catch blocks are essential, robust applications require a more sophisticated approach. This talk dives deeper into advanced exception handling techniques that empower you to write cleaner, more maintainable, and informative code.

We'll explore concepts like:
- Exception Hierarchy and Specificity: Mastering the hierarchy of exception classes and using specific exceptions for better error identification. This will help you differentiate between programmer errors ("boneheaded" exceptions), logical errors ("vexing" exceptions), and external factors ("exogenous" exceptions).
- Rethrowing and Catching Exceptions: Understanding the nuances of rethrowing exceptions and selective catching for improved control flow.
- Custom Exceptions: Crafting custom exceptions to convey clear and context-specific error messages.
- Logging and Exception Handling: Integrating logging mechanisms with exception handling for detailed error tracking and debugging.
- Async/Await and Exceptions: Handling exceptions effectively in asynchronous programming with async/await patterns.

Target audience: intermediate C# developers who want to elevate their exception handling practices and write more resilient applications.

Preferred session duration: one slot, 45-60 minutes

GitHub Copilot: A Game Changer for Software Development?

GitHub Copilot, an AI-powered code completion tool, has rapidly transformed the development landscape. This talk explores Copilot's potential to be a game changer for software development.

We will delve into how Copilot can supercharge developer productivity by automating repetitive tasks, suggesting code completions, and generating entire functions. We will also examine the impact of Copilot on software quality, considering potential benefits like reduced boilerplate code and improved code consistency. We will discuss the potential drawbacks of relying on AI-generated code, including the risk of bugs and the importance of maintaining developer judgment.

Target audience: SW Engineers, QA Engineers, SW Development Team Leaders

Preferred session duration: one slot, 45-60 minutes

The Power of Ubiquitous Language: Bridging the Communication Gap in Software Development

DDD emphasizes the importance of a shared language between developers and domain experts. This talk delves into the concept of Ubiquitous Language, exploring how it fosters better communication, reduces misunderstandings, and leads to better software that reflects the true needs of the domain. We'll discuss practical techniques for developing and maintaining a shared language within your team.

This talk targets software engineers, architects, and anyone seeking to master complex software domains.

Preferred session duration: one slot, 45-60 minutes.

Conquering the Chaos: Mastering Flaky Tests

Flaky tests are the bane of every developer's existence. They can slow down development cycles, erode confidence in test suites, and make debugging a nightmare. In this talk, we'll dive deep into the root causes of flaky tests, from timing issues and race conditions to environmental factors and test design flaws. We'll explore practical strategies to identify, diagnose, and eliminate these elusive bugs. Learn how to write robust, reliable tests that consistently deliver accurate results, saving you time and frustration in the long run.

TARGET AUDIENCE:
- Software engineers at all levels, from junior to senior.
- QA engineers and test automation specialists
- DevOps engineers who are involved in CI/CD pipelines and test infrastructure
- Technical team leads and managers who are interested in improving software quality and delivery efficiency

Breaking the Chains: API Versioning Strategies for a Changing World

In the dynamic world of software, APIs are the lifeblood of modern applications. But how do you evolve your API while ensuring compatibility and avoiding breaking changes for your clients? This talk will explore effective API versioning strategies, from simple semantic versioning to more advanced techniques. We'll discuss the trade-offs of each approach, best practices for managing version transitions, and how to gracefully deprecate old versions. By the end of this session, you'll have a solid understanding of how to version your APIs effectively, ensuring a smooth and sustainable development lifecycle for your clients and your own team.