DeveloperSteve comes from a strong background as a developer, with over 20 years industry experience he has worked with companies, startups and not for-profits of all sizes.
DeveloperSteve has worked closely with developer communities as a Tech Evangelist and Advocate to develop and nurture the healthy developer and start-up culture that continues to flourish. With a passion for sharing knowledge DeveloperSteve is an established international speaker and loves geeking out with people everywhere.
As a Tech Evangelist and Advocate he has represented and worked with global companies such as IBM, PayPal, Braintree, Xero, Telstra, Nginx, Gitlab and more.
Stranger Danger: Finding Security Vulnerabilities Before They Find You!
Open-source modules on the PIP ecosystem are undoubtedly awesome. However, they also represent an undeniable and massive risk. You’re introducing someone else’s code into your system, often with little or no scrutiny. The wrong package can introduce critical vulnerabilities into your application, exposing your application and your user’s data. This talk will use a python sample application which uses various vulnerable dependencies, which we will exploit as an attacker would. For each issue, we’ll explain why it happened, show its impact, and – most importantly – see how to avoid or fix it.
Voted into the Wisconsin Basketball Hall of Fame, former professional and collegiate basketball player turned Pythonista Tonya Sims is currently a Python Developer Advocate at Vonage.
She considers herself to be humble and down to earth as well as having a great deal of empathy. With an eclectic background in business, pharmaceutical sales and as a self taught developer it has allowed her to see the world from many different perspectives.
Tonya started her technology career working as an executive assistant for a leading financial investments company in their IT department. She transitioned into a computer operator role and started learning how to code. Eventually she worked her way up from an entry-level position to earn roles as a software engineer in test and software developer contracting with some of the top financial services companies in Chicago.
She is passionate about helping other budding engineers and loves to see people succeed. When she’s not working she enjoys playing the piano, watching documentaries and listening to music.
Faceoff Fun with Python Frameworks: FastAPI vs Flask
“All the cool kids are using FastAPI for API development.” Imagine hearing this just as you start getting more comfortable using other frameworks, like Python’s Django or Flask, to build out your APIs. Folks, there’s a new kid on the block! In this talk, there’s going to be an epic face-off between FastAPI and Flask.
Flask is a micro web framework built for Python designed to get your application up and running quickly. It’s lightweight and used by many different well-known projects.
FastAPI (aka the new kid) is a modern Python web framework that takes all your favorite features from other tools and combines them into one. It was built for speed, rapid development, and enhanced developer experience.
We’ll do a side-by-side comparison of the two frameworks, including features and code structure, using a REST API. By the end of the face-off, you’ll have a much better understanding of which one you’ll use in your next project.
Let’s analyze the pros and cons of each and why you’d use one over the other. You may even find a lot of similarities between the two and some contrast as well. You’ll see different categories of features for the frameworks, and a winner will be chosen for each.
Finally, no matter which you prefer, FastAPI and Flask are both great choices for API development, so let’s have fun and let the face-off begin.
Thomas Chen is a machine learning researcher from the New York Metro area in the USA who is passionate about machine learning, computer vision, and artificial intelligence. He is highly involved in applying ML and AI to real-world issues that face society (e.g. deep learning-based computer vision for damage assessment post-natural disaster). He has been an invited speaker at conferences like the IEEE Conference on Technologies for Sustainability, American Geophysical Union Fall Meeting, and the Energy Anthropology Network. Thomas has also spoken at event like NeurIPS and CVPR workshops, Applied Machine Learning Days, the Open Data Science Conference, and Machine Learning Week Europe. He is considered a leading expert in the area of machine learning-driven earth observation (EO) applications. Thomas is a member of the U.S. Technology Policy Committee (Association for Computing Machinery) and the Research Data Alliance.
Informing Extreme Weather Event Relief Using Earth Observation, Social Media, and PyTorch
Climate change is causing wide-ranging impacts on society that will only become even more amplified as the phenomenon progresses. One such impact is the prevalence of natural disasters, which increase in frequency and intensity due to the warming globe. In order to respond to disasters, we envision the development of interconnected AI-driven systems that detect damage and enable near-instantaneous pipelines for disaster relief. These technologies utilize computer vision to assess the severity of damage and aid in the timely and equitable allocation of resources. While currently AI models are being developed, the deployment process is complex, especially in the context of IoT. In this session, we discuss a pipeline for creating such systems by first training convolutional neural networks (CNNs) using Python (the PyTorch library, specifically) both on multitemporal earth observation data (satellite imagery) and on social media data. Both of these sources of data are key assets in assessing impacts of natural disasters (from above and on the ground), and can enable the systems that are deployed in a mobile setting. We’ll briefly examine the efficacy and efficiency of the aforementioned deep learning models/algorithms in completing the task at hand. Finally, we discuss the deployment process, whereby ethics, interpretability, and accessibility considerations must be taken into account. These apps will aid in the allocation of resources and personnel in these devastating events and help save lives, property, time, and economic resources.
Pratibha is a passionate Senior software engineer who loves to explore the inners of Python and design principles.
SOLID Principles with Python
The SOLID principles are key guidelines for good object-oriented software design. When we design a software, we are dealing with the future, and the future is uncertain — there is no way to determine if our design will be correct and if our software will be flexible and adaptable for years to come. It is precisely for that reason that we have to stick to principles. The idea isn't to get all the requirements right from the very first version, but to achieve a design that's extensible and flexible enough to change, so that we can adapt it as needed.
SOLID principles stand for:
In this talk, the speaker will share her understanding of Robert C. Martin’s SOLID Design Principles along with Python examples. She will share what she has learnt so far and encourage you to try it with your own projects. She will walk through a simple example, with screenshots and code wherever required.
Jhonnatan is a System Engineer and Software Developer who loves Linux. He likes to share tech knowledge he learnt and make some proof-of-concept that provide solutions for current problems.
The role of Python with IaC concept
Makes with Python a new tool for your IT teams, and increase the value for generate more ROI for your organization using the IaC concepts with all your IT teams, from develop, QA, operation, Network and IT teams along the organization to reduce the toil across your teams. From SRE practice and DevOps definitions use a tool capable to deploy and broke the paradigm in your organization.
Harsh Bardhan Mishra is a Google Summer of Code 2021 Student at MetaCall. He is a Junior Year Student at Sathyabama Institute of Science and Technology and is currently undertaking a Bachelors in Computer Science and Engineering. He holds more than 2 years of experience building Web Applications using Python and JavaScript, with a core interest in DevOps & Cloud development. In the past, he has worked at Qxf2 as a Software Engineer Intern, Explorer Fellow at Major League Hacking and a Summer Intern at Scholify. He writes blogs with his experience working with libraries and frameworks. Through PyCon MY 2021 he is looking forward to sharing his experiences and understanding of working with MetaCall Core as an Open-Source contributor.
Building Polyglot Python applications using MetaCall Core
MetaCall Core is an open-source polyglot runtime library that allows developers to mix code from different programming languages amongst each other. It allows the users to embed multiple runtimes into the same application and execute code from the same memory process. MetaCall Core currently supports C/C++, Python, JavaScript, C#, Ruby and more and is intended to simplify the processes for developers who are looking to collaborate across multiple programming languages.
In this talk, the speaker will be sharing a high-level overview of how MetaCall Core works internally and how to use it to develop polyglot applications. The speaker will be demonstrating a Machine Learning-based News Scrapper where Python and Node are used together to build a Polyglot application.
The outline for this talk is as follows:
At the end of the talk, the audience would be able to get a start with the MetaCall Core library and leverage it for building polyglot applications. Audience will also have a holistic understanding of how MetaCall works internally with the Python API that extends its usage with other languages and frameworks. Audience will also understand other alternatives, like GraalVM and take a look at benchmarks through example.
Preparation
The Prerequisites for this talk aren’t hard and fast. The Code demonstration would be done on Visual Studio Code. The viewers should have an understanding of the following:
MetaCall Core features a handy Shell Script that can be used to set up the Command Line interface in a handy way. Viewers can use either BASH or PowerShell to set up the same which would be instructed during the session.
The Code has been made available on a public GitHub repository which would be shared during the session. During this session, The speaker will be speaking through his experiences and understanding of MetaCall Core and instruct on how the library can be used for Polyglot development.
Aravind is a loquacious person, who has something to talk about everything. He is passionate about evangelising technology, meeting developers and helping in solving their problems. He is a backend developer and has six years of development experience.
Currently he works at Elastic as Developer Advocate. He has deep interest in Machine Learning, Security Incident Analysis and IoT tech. In his free time, he plays around Raspi or a Arduino.
Collecting Logs, Metrics, Traces from Python Flask App using Elastic Stack
Every team aspires to discover the issues that are hurting the application’s performance and scale. But, more so, it directly affects the developer productivity of the team.
And hence the collection of logs, metrics, and traces are so crucial for any team! In this talk, the speaker will explain how and why to collect logs, metrics, traces from a Python Flask Application.
The following will be discussed, with live demo:
Cory Althoff is an author, programmer, and speaker. He is best known for his book "The Self-Taught Programmer", which has been published in seven languages and introduced the term “self-taught programmer” into the common lexicon. Book Authority named "The Self-Taught Programmer" one of the greatest programming books of all time, and The Next Web listed it as one of the ten books that will help you become a better software engineer. Over 200K developers are part of the self-taught programmer community he created through his popular Facebook group, blog, newsletter, and Udemy course. In 2019, Cory gave the opening keynote speech at Pycon JP. Cory is currently a developer advocate at Vonage and lives in the Bay Area with his wife and daughter.
How to Build a Brand as a Python Programmer
In this talk, Cory Althoff will explain why it is essential to build a brand as a Python programmer and show you how to build your brand. Cory will teach the audience the techniques he used to sell over 150K copies of his Python book "The Self-Taught Programmer", land a publishing contract for his second Python book with Wiley, create a community of over 200K developers and land his dream job as a developer advocate at Vonage.
Zac’s modest goal is to help everyone write better code - mostly via bug-finding tools.
He spends his time working as a core dev on Hypothesis, Pytest, and other open-source projects; along with HypoFuzz and his PhD at the Australian National University. And if you can’t get to him via a computer, Zac can probably be found with a good book, a pile of chocolate, a long walk in the bush… or all three!
Introduction to Property-Based Testing
Has testing got you down? Ever spent a day writing tests, only to discover that you missed a bug because of some edge case you didn’t know about? Does it ever feel like writing tests is just a formality - that you already know your test cases will pass?
Property-based testing might be just what you need!
After this introduction to property-based testing, you’ll be comfortable with Hypothesis, a friendly but powerful property-based testing library. You’ll also known how to check and enforce robust properties in your code, and will have hands-on experience finding real bugs.
Where traditional example-based tests require you to write out each exact scenario to check - for example, assert divide(3, 4) == 0.75, property-based tests are generalised and assisted. You describe what kinds of inputs are allowed, write a test that should pass for any of them, and Hypothesis does the rest!
from hypothesis import given, strategies as st
@given(a=st.integers(), b=st.integers())
def test_divide(a, b):
result = a / b assert a == b * result
There’s the obvious ZeroDivisionError, fixable with b = st.integers().filter(lambda b: b != 0), but there’s another bug lurking. Can you see it? Hypothesis can!
Preparation
The tutorial is structured as three blocks, consisting of a short talk and extensive exercises for attendees.
The audience must be comfortable with decorators and traditional unit testing, with e.g. pytest.
Filipi has been working as a Principal Security Engineer and Security Researcher at Zup Innovation, as a Global Research Manager at Hacker Security, and as a staff of DEFCON Group São Paulo-Brazil. He talked in Security events in US, Germany, Poland, Hungary, Czech Republic, Brazil and others countries, served as University Professor in graduate and MBA courses at Brazilian Colleges e.g. FIAP / Mackenzie / UNIBTA and UNICIV. In addition, he is the founder and instructor of the Course "Malware Analysis - Fundamentals". (HackerSec Company - Online Course).
Malware Hunting - Using python as attack weapon
The purpose of this presentation is to use python scripts to perform some efficiency tests in various endpoint solutions. In this tutorial, the speaker will show a defensive security analysis with an offensive mind, and perform an execution of python scripts responsible for downloading some malware in Lab environment. The first objective will be to simulate targeted attacks using a python script to obtain a panoramic view of the resilience presented by the solution. with regard to the efficiency in its detection by signatures, NGAV and Machine Learning. The idea is to download these artifacts directly on the victim’s machine. The second objective is to run more than one python script with daily malware, made available by MalwaresBazaar upon request via API access, downloanding daily batches of malwares . With the final product, the front responsible for the product will have an instrument capable of guiding a mitigation and / or correction process, as well as optimized improvement, based on the criticality of the risks.
Joshua Arvin Lat is the Chief Technology Officer of NuWorks Interactive Labs. He previously served as the CTO of 3 Australian-owned companies and startups. He is also an AWS Machine Learning Hero and has spearheaded and led the Machine Learning Zero-to-Hero online international events. For the past couple of years, he has been sharing his knowledge in several international and local conferences and events to discuss practical strategies for companies and professionals. He is also the author of a Machine Learning and Machine Learning Engineering book called Amazon SageMaker Cookbook: Practical Solutions for Developers, Data Scientists, and Machine Learning Engineers using R and Python (to be released this year [2021])
Pragmatic Machine Learning and ML Engineering in the Cloud with Amazon SageMaker
It is not an easy task to design and build systems in the cloud that involve Machine Learning and Data Science requirements. It also requires careful planning and execution to get different teams and professionals such as data scientists and members of MLOps teams to follow certain processes in order to have a sustainable and effective ML workflow. In this tutorial, I will share the different strategies and solutions on how to design, build, deploy, and maintain complex intelligent systems in AWS using Amazon SageMaker and Python. Amazon SageMaker is a fully managed machine learning service that aims to help developers, data scientists, machine learning practitioners, and MLOps teams manage machine learning experiments and workflows.
We will start by learning some of the important concepts and patterns used in production environments through some initial short laboratory exercises using Python and the SageMaker Python SDK. As we take on more complex topics, we will work on a couple of practical solutions and examples using the different features and capabilities of Amazon SageMaker to solve the different needs of data science and MLOps teams.
Yevonnael is from Indonesia. He is currently finishing his Master’s in ML & AI at Liverpool JMU, UK. Currently, he is serving his internship at UNDP in Indonesia as Data Analyst. He is also a Digital and Data bureau at one of the Indonesian political parties. He has multiple teaching experiences, to name a few, DTS Kominfo (Ministry of ICT Indonesia), Bootcamp by DQLab, teaching on local universities, etc. He has delivered a talk at Pycon Indonesia last year on a similar topic. His hobbies are all about science and technology. His mission is to make data science more accessible to everyone.
Stock Portfolio Optimization for Beginner Investors using Python
Investors of all levels have common problems with investing: What to invest? How much to invest? and How much risk to take? Many investors, at their early stage, did not use the required analytical techniques, due to the lack fundamental knowledge. In this tutorial, the speaker will cover the minimum theory the audience need as well as the Python skills needed to do a portfolio analysis. After this session, the audience can immediately start your own portfolio analysis for a more optimal return.
The tutorial won’t go into much of the math formulas, as Python will do that. Rahter, the audience will be shown some concepts, with the help of examples. The optimization method, Markowitz model, will be showcased. This model is essential for looking for a combination of stocks that has the highest ratio of returns and the lowest volatility.
The speaker will conduct an investment simulation in a portfolio. The results of this simulation will be compared to an unoptimized portfolio. From the simulation, it shows that with just a simple optimization using Python, it can produce a more optimal portfolio.
Mohammed Fazalullah is a Developer Specialist Solutions Architect at AWS Malaysia who helps developers to architect and build products on the cloud. An Architect and technical evangelist at heart, he speaks on various trends in the technology space with the focus of building and scaling in the cloud in and around Malaysia. He has designed and built products for over 16 years in the enterprise and SME space, along with building engineering teams and helping them scale.
Rapid Serverless APIs with Flask and AWS Amplify
When getting started with serverless functions, one is constantly confronted with multiple deployment options to the cloud for Python applications. This talk will demonstrate an opinionated approach to designing REST APIs, deploying serverless Flask applications using AWS Amplify and AWS Lambda, and connecting them to a NoSQL database to support basic CRUD operations. Additionally, we will demonstrate how a Python developer can debug a serverless application using the CLI.
Preparation
The audience is expected to be familiar with the concepts of REST APIs, and have the following setup prior to the session to follow-along:
Trishank is the Staff Security Engineer at DataDog. He helped in researching and developing The Update Framework and Uptane.
PEP 458 -- Secure PyPI downloads with signed repository metadata
This PEP proposes how The Update Framework should be integrated with the Python Package Index. TUF was designed to be a flexible security add-on to a software updater or package manager. A full implementation of the framework integrates best security practices, such as separating role responsibilities, adopting the many-man rule for signing packages, keeping signing keys offline, and revocation of expired or compromised signing keys. As a result, attackers would need to steal multiple signing keys, which are stored independently, in order to compromise the role responsible for specifying a repository’s available files. Or, alternatively, a role responsible for indicating the latest snapshot of the repository may also have to be compromised.
The initial integration proposed in this PEP will allow modern package managers, such as pip, to be more secure against attacks on PyPI mirrors and PyPI’s own content distribution network, and to better protect users from such attacks. Specifically, this PEP describes how PyPI processes should be adapted to generate and incorporate TUF metadata (i.e., the minimum security model). This minimum security model supports verification of PyPI distributions that are signed with keys stored on PyPI. Distributions that are uploaded by developers are signed by PyPI, requiring no action from developers (other than uploading the distribution), and are immediately available for download. The minimum security model also minimizes PyPI administrative responsibilities by automating much of the signing process.
There is no discussion in this PEP of support for project distributions that are signed by developers (maximum seciurity model). This possible future extension is covered in detail in PEP 480. The maximum security model requires more PyPI administrative work (though no added work for clients), and also proposes an easy-to-use key management solution for developers/publishers, ideas on how to interface with a potential future build farm on PyPI infrastructure, and the feasibility of end-to-end signing.
While it does provide implementation recommendations, this PEP does not prescribe exactly how package managers, such as pip, should be adapted to install or update projects from PyPI with TUF metadata. Package managers interested in adopting TUF on the client side may consult its library documentation, which was created for this purpose.
Idris has been playing with microcontrollers for more than 10 years. He loves technology, robotics and Python. "It’s a headache and I only have a little bit of knowledge for it."
Build a Mobile Robot using Maker Pi RP2040 and CircuitPython
Python is the fastest growing programming language. It's taught in schools and universities. It's a high-level programming language which means it's designed to be easier to read, write and maintain. It supports modules and packages which means it's easy to reuse your code for other projects. It has a built in interpreter which means there are no extra steps, like compiling, to get your code to work. And of course, Python is Open Source Software which means it's free for anyone to use, modify or improve upon.
CircuitPython adds hardware support to all of these amazing features. If you already have Python knowledge, you can easily apply that to using CircuitPython. If you have no previous experience, it's really simple to get started!
Developer Advocate for Elastic, a search, observability and security company. Communicate with developers who leverage Elastic technology and help solve a variety of problems through search technology.
Use Elasticsearch DataFrame in Python
Introduce Eland, a tool enables python to use elasticsearch data in Pandas-like format.
Poonam Sampat is a Cloud Solution Architect at Microsoft, focusing on Data & AI, working with partners and customers in the Asia region, to enable their Data & AI journey on the cloud.
Prior to Microsoft, Poonam was engaged as a Senior Architect at Honeywell, building analytical solutions in the Oil and Gas vertical. Building scalable architectures for Internet Of Things data ingestion, transformation and building Machine Learning models to deliver Business Insights. She has also worked with Goldman Sachs , architecting solution for Investment Bankers to help streamline their processes.
Poonam is an ISB (Indian School Of Business) alum, passionate about analytics, how analytics can shape industries.
End to End Industrial IoT with Azure
The Industrial Internet of Things (IIoT) has grown over the last few years as a grassroots technology stack being piloted predominantly in the oil & gas industry to wide scale adoption and production use across manufacturing, chemical, utilities, transportation, and energy sectors. Traditional IoT systems like Scada, Historians and even Hadoop do not provide the big data analytics capabilities needed by most organizations to predictively optimize their industrial assets due to the following factors.
This talk will cover how to architect an end-to-end IOT solution from ingestion, to processing analyzing and serving time series data from Historians.