Vranac has been in this industry for a long time. He had good fortune to work with a lot of talented people, and had a chance to see some brilliant code, and some of the worst ever written. He gets paid for writing code that performs exceptionally. He runs Code4Hire, a small outfit dedicated to solving tough problems.
In May 2018 something happened to the internet, GDPR came online, and suddenly users in the EU had a lot more rights to their digital privacy, which is awesome. But on the flip side the implementation of the GDPR and procedures regarding it, are very vague, and were meant to be written as we go along, with whatever comes up as best practices. Books and talks have been written and given about the data encryption, problems encountered with event sourcing systems, questionaires about the purposes of collecting user data... So many words, and hours of many lives spent... Yet, something has been overlooked, something so basic, we do not even notice it. If you are working on an enteprise class project, or on other large projects, you might have an infra team that would deal with this and tell you what you need to do to be secure (at least good ones will) But... if you are working on smaller projects, and you have mom and pop shops to support, you deserve the same level of security bigger projects have... I am talking about secrets and credentials management for your application, the most overlooked aspect of any application. This is a talk in three acts. In first act I am going to give an overview of the problems we all encounter, or fear we will encounter, about current common patterns, and why they might be bad. In second act I will talk about what we can do to improve this, about crypto and security. In the last act I will give an overview of the tools available. But don't be fooled, you will hear about the good stuff, but you will hear about downsides as well.
More will be announced. Keep up-to-date.
Full-day workshops take place on 28th Aug. and require a separate ticket.