There's plenty to get your teeth into
Check Out Our agenda
developer conference
Thursday, September 29th, 2022
08:30 - 09:00
registration
Tea, coffee and breakfast rolls
09:10 - 09:25
Welcome
Karen Meechan, CEO, ScotlandIS, and Global
11:00 - 11:40
Richard Archdeacon, Analyst CISO and Josh Green, Zero Trust Technical Lead EMEA, Cisco
Zero Trust has become a common buzzword. It can mean a lot of things, and no one does it all. Thus, a lot of the conversations are specific to vendor solutions and light on practical experience. So, what does Zero Trust mean in a business environment with increasing levels of connectivity and distance working. This session will look at lessons learned and some of the current and upcoming technologies enabling security and an improved user experience together.
11:00 - 11:40
Eli Holderness, Developer Advocate, Anvil
Building web apps is a complicated mess. You need to know Python, JS, HTML, CSS, SQL, Flask, Bootstrap, SQLAlchemy, Webpack...the list goes on. What if you could do it all in Python? That's what we built: an open-source framework with Python in the browser, Python on the server - even a Python UI toolkit. And then we built an online IDE, drag'n'drop designer and hosting platform for it - all available for free. In this talk, I'm going to discuss the current web landscape, why we built Anvil the way we did - then take a deep dive into how it works, including a live demo. How do you run Python in the browser? How do you build an autocompleter that knows about everything from your UI layout to your database schema? And what does it mean for a programming tool to be "accessible"? No web development knowledge required & no paid features of Anvil are showcased in this talk.
11:00 - 11:40
Stephen Beszant, Head of Data Analytics, Global
Global Media & Entertainment have created their own in-house Digital listening Analytics platform over the past few years. This allows the business to understand how people are listening to their stations such as Heart, Capital FM or Radio X, on what platforms and when. The Data Engineering and Analytics team have continuously innovated what they can provide to the business which became even more valuable during Covid when consumer habits were constantly changing. Hear how we built the platform, how it's been innovated and how it ultimately drives decision making.
11:50 - 12:30
Harry McLaren, Cyber, Senior Product Manager and Security Engineering Squad Lead, SenseOn
What's security operations (SecOps/SOC)? What do they do? What can they help with? How do I work best with them? All these answers and more will be explained, including outlining typical responsibilities, antipatterns to working together, and common career paths and resources. Dive into the "blue team" and learn what we care most about, how we support secure software/product development, and what our bad days look like when adversaries attack!
11:50 - 12:30
Daniel Llewellyn, Head of Engineering (tech enablement)
In this presentation I'm going to talk through two separate security vulnerabilities, in two android applications - both disclosed on hackerone, and both leading to stolen auth tokens. Knowledge of android development not required.
11:50 - 12:30
Start from the moment a product or experience is in the customer’s hands, and work backwards! Join us for an insight into this peculiar Amazon process which is as core to our product development as it is to our internal ways of working.
12:30 - 13:40
13:50 - 14:30
Ash Kulkarni Tech Principal, AND Digital
Serverless offers an efficient way to execute code that doesn’t need to run continuously thereby, removing the need for resource wastage and cost optimisation. We aim to explore the use of various AWS Serverless Components to meet most common business cases. In particular, we aim to look at web applications built using Serverless Components.
13:50 - 14:30
Stu Hirst, Chief Information Security Officer, Trustpilot
Stu is the CISO at leading reviews site Trustpilot. It took him 10 years to reach leadership levels in Tech. During this talk, hear about that journey, the successes and failures, overcoming Imposter Syndrome, dealing with hard times and burnout and how to avoid some of the pitfalls.
13:50 - 14:30
Davie Gow, Solution Architect Capability Lead, Leidos UK
Good people can do bad things, unintentionally. Bad people pretend to be good to exploit human vulnerabilities. So when it comes to cloud security, how do we ensure unintended consequences are minimised? In this session, Davie Gow, Leidos UK Solution Architect Capability Lead, will discuss why when it comes to cloud security organisations need to think beyond technology.
14:40 - 15:20
Daniel Amini, Head of Microsoft Technologies, BJSS
Rare is a legendary British developer responsible for some of the most beloved video games of the last 40 years. Rare’s games span multiple generations of hardware platforms, and maybe more significantly the evolution of software delivery practices, the DevOps movement and Public Cloud. In this talk Daniel highlights the challenges traditional game delivery faces and how Cloud adoption and modern CI/CD can align with consumer demands, benefiting from the learnings of other industries, and how concepts like Landing Zones and Observability can benefit all organisations, not just gaming.
14:40 - 15:20
Alexander Pirker, Senior Security Consultant, RootSys
Have you ever wondered about how it comes to security incidents? I mean the really big ones like someone accessing a remote host, or executing some nice scripts inside your browser?
In this session I want to show some of the most common pitfalls into which companies usually fall. Specifically, I want to cover the following frequent mistakes, and more: * Missing Input Data Validation: Certainly a big one, since depending on the environment, this could lead to for example remote-code-execution (RCE) on your backend, or the execution of scripts in your browser, known under the term Cross-Site-Scripting (XSS) * Improper Usage of Data Types: One of my favorites, since it highlights how careless we sometimes use data types without reasoning about the consequences of our choices. * Information Disclosures: Why sometimes attackers manage to read out secrets, and how do such attacks work? * Denial-of-Service through service crashes
14:40 - 15:20
Calum Dickson, Infinity Works (Part of Accenture)
We have drained the Data Lake, and the Data Warehouse is all boarded up - Data Mesh is the new buzz in town. But as with many great ideas in the world of technology, applying them in the real world is rarely straightforward. Thankfully, Data Mesh is more than a new technology or vendor offering; it is a set of principles that provide a new lens for viewing data platform tooling and data ownership. Join us as we explore what these principles are, and how you can start to apply them wherever your organisation is on its data journey.
16:00 - 16:40
Kieron Smith, Chief Technology Officer at SnapDragon Monitoring
A breakdown of the people, pressure, and politics involved in small company product management, and how we’re dealing with them at SnapDragon
16:00 - 16:40
David Stubley, 7 Elements
The aim of this talk is to demystify the actions of malicious actors and provide real world examples of how vulnerabilities within applications are used by attackers. This talk will take a look at a recent high-profile vulnerability within the Atlassian Confluence platform (CVE-2022-26134). Using a real-life incident, David will explain how the vulnerability was leveraged by malicious actors to gain a foothold and the actions undertaken to maintain access and exploit access for malicious purposes.
16:00 - 16:40
Iris Winter, Head of Engineering (Frontend), XDesign
16:45 - 17:25
Wiktor Jurek,Development Lead and Director, Cobry - a Google Cloud partner
A talk on how you can get started with devops, with an actionable learning path * How I became a cloud engineer * How you can get started * How you can forge your own path
16:45 - 17:25
Raquel Bautista-Garrido, Principal Quality Engineer, Fanduel
In this session, we will talk about how Agile teams are changing their approach to testing. We will explore the whole team approach, shift-left testing, and some test techniques that will result in shorter feedback cycles, helping the teams to deliver working software without forgetting our main objective: deliver quality to the customer.
leadership forum
Thursday, September 29th, 2022
12:30 - 13:00
Registration and Lunch
13:05 - 13:15
Welcome
Karen Meechan, CEO, ScotlandIS
13:15 - 13:45
Tom Kegode, Work:Lab Lead, People & Places, Lloyds Banking Group
How the evolution of ways of working is creating ‘New Work’ that works for everyone; Work Reimagined; Stories we tell ourselves about collaboration; The role of leaders; and What we need to do next.
13:45 - 14:25
Location, location, location: Pro's and con's of home, hybrid and office
Jennifer Ralston, Account Executive, Gigged AI || Andrew Williams, CEO, Fyne Labs || David Farquhar, Intelligent Growth Solutions
During this session our three panellists will discuss the different ways we now work, the challenges they've faced, the opportunities that have been created and how they think they and their teams will continue in the future.
14:25 - 14:55
Develop, Retain, Attract
Nikola Kelly, Managing Director, Be-IT || Richard Archdeacon, Advisory CISO EMEA, Cisco
14:55 - 15:15
Campfire discussion: The impact of the new world of work on Inclusion and Diversity
Silka Patel, Social Value Manager at Leidos || Nikki Slowey, Co-Founder of Flexibility Works
15:15 - 15:45
Coffee Break
Tea, coffee and biscuits
15:50 - 16:25
Overcoming the noise
John Waddell, Chairman, Forrit || Phil Worms, CEO, Frog Systems
16:25 - 17:00
Ali Law, Managing Partner, IT & Digital Transformation, Hanya Partners
17:00 - 17:25
Steven Drost, Chief Strategy Officer, CodeBase
Steven will explain what the newly created Tech Scaler will do by talking about tech ecosystems, globally and locally. What are their constituent parts? How do they play together? How can we make them do more?
Watch The Video
Last Year Was Amazing.
take a look.
Play Video
Don't Wait ‘Till The Last Moment
CONFERENCE STARTS IN . .. ...
Days
Hours
Minutes
Seconds