This is the first Software Developer Conference with a 100% focus on Black and Brown software developers.
The conference was designed and developed in Detroit!
February 24 & 25, 2021
All Times are Eastern Time (GMT -5)
We will discuss the concerns when deploying an application to the cloud. One of the first major decisions consist of selecting which public or private cloud platform to leverage. If a public cloud is selected you have to decide if you want to be tightly coupled to a particular cloud vendor such as AWS, Azure or GCP. The decision to be tightly coupled to a cloud provider will decrease your development time, but it has the potential to lock you into a particular cloud provider. An alternative approch consist of making your application cloud agnostic as much as possible so that you can move the application between cloud providers or distribute your application accross multiple cloud providers to minimize downtime from Internet outages.
The goal of WebAuthn is to standardize an interface for authenticating users to web-based applications and services using public-key cryptography. It strengthens the authentication of users to websites, services, and applications significantly, WebAuthn takes web authentication beyond the limitations of passwords, improving data security while making user login faster and easier than ever before.
In this session we will walk-thru an example of using WebAuthn
Terraform is a tool for building, changing, and versioning infrastructure safely and efficiently. Terraform can manage existing and popular cloud service providers such as AWS, Azure and GCP as well as on-premise private cloud infrastructure.
In this session we will walk thru deploying your application using HashiCorp Terraform. It uses infrastructure as code to deploy consistently to a cloud provider. This means that you can spin up the infrastructure, test it and destroy it without having to login to the cloud provider console and manually setup the components.
Probably the most difficult task in building a CIAM (Customer Identity Access Management) solution is being able to strike a balance between Security and User Experience. Any missteps in 'Over Securing' your customer experience will drive customers away from your service and damage your business. An effective CIAM strategy should enable your business in ‘speed to market’ and not compromise the security posture of your organization or your customers. This session will dive into best practices around advanced CIAM security topics such as Authentication, Identity Analytics, Profile Management, and Privacy and Compliance. By the end of the session you will have guidance in how to implement advanced security principles into your own CIAM solutions that are based on key industry standards and fundamental practices."
Deploying to the cloud can be complicated. There are a number of things that you need to understand in order to deploy your application in a highly available architecture in the Cloud - it's not free. In some cases, your don't need or have the time to deal with the complexity.
In this session we will walk thru how to deploy an application using Jamstack to a cloud service that abstracts us from the complexity of deploying to the cloud. That's the easy part...but, we still have design decisions that we have to make such as security and which database backend should we use.
While there are many tools that manage some secrets, most tools are designed specifically for one platform (i.e. Docker), or a small subset of platforms. Then, there are application password management tools that can broadly manage application passwords, eliminate hardcoded and default passwords, and manage secrets for scripts. In this session we will introduce you to HashiCorp Vault, a secrets management platform thats cloud agnostic. It gives you the flexibility of deploying your application across multiple clouds using a single tool for storing and retrieving secrets. We will walk-thru an example of how to integrate Vault into your application.
Twilio is probably the defacto standard when needing to implement SMS or voice Communications into your projects. But, there are other ways to implement that are more cost effective and gives you more control. In this session we will introduce you to Project Fonos, an OpenSource Alternative to Twilio. We will deploy Project Fonos, configure it and make an outbound call using the API.
At this point, we have all at least heard about the SolarWinds breach. We will provide an high-level overview of how this breach occured and provide some approaches on how to minimize this from happening to your organization.
In this session we will walk-thru how to inject checks to validate that the components being deployed into your cloud environment has not been compromised. Also, we will discuss how continous integration and deployment can contain the amount of damage a rogue hacker can do in your environment.
We are looking for sponsors that see value in building better software products by having a diverse set of software developers that have different perspectives
Our sponsorship packet can be found here
We are constantly looking to grow our community and looking to partner with organizations that believe in our mission