Alexey Ragozin about Java Mission Control on jug.msk.ru

March 1? 2018 was the first in this season meeting of the Moscow community of Java developers jug.msk.ru . Alexey Ragozin conducted a master class on the use of Java Mission Control . How was the meeting, what exactly was told on it, how the participants took the report - about all this further.
 
 
Alexey Ragozin about Java Mission Control on jug.msk.ru
 

 

About the speaker


 
Alexey performed at jug.msk.ru for the fourth time. On the impressions of his previous performances, you can read ...[/h]
+ 0 -

Strategy Bottom-Up on the introduction of changes in the organization

I'm certainly not the first one to face obstacles in implementing changes in the organization from the bottom up, and not the last. I want to share some of the observations, conclusions and mistakes that I made along the way. Perhaps someone was in a similar situation, faced with similar obstacles and he managed to overcome them. It would be interesting to hear their experience.
 
 
The story is simplified as follows. There is a need for specialists in Data Science. There is some vision of top management about how it should be and it ignores people who are interested in this direction and are already ...
+ 0 -

Environment for 1C-Bitrix based on Docker

Why is this necessary?


 
For a long time all projects of our company worked on PHP? and now there was a desire to accelerate them by switching to PHP? simultaneously update all the environment necessary for work. The question immediately arose: "How to make different projects run on different versions of PHP?"
 
 
What came to mind:
 
 
 
Contain 2 different servers
 
Use the virtual machine
 
Apply Docker
 
 
Option ? obviously not economically profitable. Option ? we found it difficult to configure and too resource-intensive. Many people probably will not agree with this, however, we ...[/h]
+ 0 -

Technical program PHDays: how to break IoT, bypass Windows Hello and are protected from the quantum computer

Technical program PHDays: how to break IoT, bypass Windows Hello and are protected from the quantum computer
 
 
Acceptance of applications for participation in the Positive Hack Days is in full swing. By popular demand, we extend the Call for Papers until March 31st. This means that everyone wishing to speak at the forum has a couple more weeks to
to apply for
.
 
 
Recently we announced the first keynote speaker PHDays 8 - it will become a well-known developer of the disassembler IDA Pro and the decompiler Hex-Rays Ilfak Gilfanov. Well, today we bring to your attention a group of participants whose reports have already been included in the main PHDays program. This year, the forum visitors will learn ...
+ 0 -

Looking for speakers on Front-End MeetUp on March 28

Looking for speakers on Front-End MeetUp on March 28  
 
Our internal Front-end community in Raiffeisenbank is actively developing, colleagues meet regularly to exchange experiences and useful useful knowledge. We know how important it is to communicate with people from other teams and projects, have the opportunity to ask for advice, discuss the technologies that have just appeared and share experiences. Therefore, on March 28 we will organize a Front-End MeetUp. We invite speakers !! Details under the cut.
 
fill out the form !! [/b] Applications are accepted until March 20 inclusive.   Our internal Front-end community in Raiffeisenbank is actively developing, colleagues meet regularly to exchange experiences and useful useful knowledge. We know how important it is to communicate with people from other teams and projects, have the opportunity to ask for advice, discuss the technologies that have just appeared and share experiences. Therefore, on March 28 we will organize a Front-End MeetUp. We invite speakers !! Details under the cut.  fill out the form !! Applications are accepted until March 20 inclusive...
+ 0 -

The scientific approach to the selection of the illustration for the post on Khabr

The choice of illustrations for an article is the author's concern. Well, or the one who publishes it. I chose the wrong picture - I received less attention and views. A jaundiced headline can increase their number, but readers can not be deceived. They will read the article and trash the author's karma into nanopiles. Not once I saw the discrepancy between the title and the content and what it led to. I looked through all the illustrations in one day and that's what I found.
 
Shchi, or Recognition of 330 million people at a speed of 400 photos /sec
 
The scientific approach to the selection of the illustration for the post on Khabr
 
 
The te...
+ 0 -

Unit testing. Chip-tuning

Unit testing. Chip-tuning
 
It does not matter which approach is used when writing tests: TDD, BDD, or some other. Unit tests are the primary protective barrier that helps to avoid bugs. Well-described cases will help colleagues understand what is happening in the project and not break the firewood in the code.
karma-sharding , which allows you to run several browsers in parallel, the distribution of test cases in them will fall on the shoulders of the developer.
 
The usual configuration for unit tests in an angular starter with webpack and karma is as follows:
 
Configurations of karma ...
+ 0 -

March 22-2? Moscow, OpenHack on containers and micro services from Microsoft

March 22-2? Moscow, OpenHack on containers and micro services from MicrosoftI am now at Microsoft in the engineering team responsible for supporting projects with containers and micro services on Azure. In the process of communicating with partners and customers, there are a lot of questions. Often the very first question is why we need containers. My favorite answer, if you do not need containers, you do not need containers :) But still I offer several classic container applications. The second question is whether containerization is a transition to a microservice architecture. The general answer, of course, is not. A simple example is the transfer of a monolith entirely ...
+ 0 -

SOC are people. Downloading the EXPO or how to become an analyst at 20 level

SOC are people. Downloading the EXPO or how to become an analyst at 20 levelIn the previous article it was about finding and training engineers for the first line of the monitoring and response center for cyberattacks. Today we will talk about the search and training of personnel for the second line - analysts who investigate atypical incidents and work with the content of the SIEM system, as well as engineers for the operation of the GIS, responsible for configuring the protection, attack analysis and development of custom signatures.
 
 
If we ask what requirements we are applying to the candidates, the answer may seem very trivial: certain technical competencies...
+ 0 -

Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓: use of non-standard methods of blurring of pieloads

Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓: use of non-standard methods of blurring of pieloads  
 
The use of non-standard techniques for obfuscating the payload (payload) during testing for the penetration of web applications can allow to bypass the filtering of protective means and facilitate the implementation of the attack vector. In this article I will talk about the so-called. Z̴a҉̠͚l͍̠̫͕̮̟͕g͚o̯̬̣̻F̮̫̣̩͓͟u̯z̡͉͍z̪͈̞̯̳̠i̴̜̹̠͇n̰g͕̫̹͉͓ as a method of obfuscation (blurring) of peyloadov.
 
HackerOne ).
 
 
These methods can be either separate application vectors or specific ones related to the specifics of an application, for example, AngularJS:
 
 
{{'a'[{toString:[].join...
+ 0 -