February 28 - March 1, 2013
Montreal, Canada

Sessions

Top 20 My wish List
API Integration What do you do if you have a single letter Twitter handle and your reply stream is useless due to stuff like "I'm @a bar"? Machine learning to the rescue! I will explain how I used ML and a couple of other tricks to build a program that sanitizes my Twitter mentions and will hopefully inspire you to use ML in your own projects.
DevOps In today's world of Github, Bitbucket, AWS/EC2, and Virtualization in General, it is helpful to understand public key authentication and SSH in general. The good news is that this seemingly cryptic and magical technology is quite easy to get a handle on once you know a few snazzy recipes.
PHPDevOps Phing is build tool based on Apache Ant. Get introduced to Phing by former Ant fanboy that fully turned into Phing power user and comitter recently. This session will cover the Phing basics and give you some ideas where Phing can be used to help you automate your boring and error-prone daily work tasks.
PythonPerformance Learn how to make almost any Python application run faster, without sacrificing the clarity and flexibility of Python. PyPy is a new, fast Python interpreter with a JIT; it runs unmodified Python code. Cython compiles Python to C; a few hints from the programmer can make it run very fast. This talk will show how to use each one and their limits.
Accessibility People with disabilities have a right to web accessibility. But what of their responsibility? Both developers and disabled web users must work together. Users have a responsibility to talk to developers, who have a responsibility to listen and implement. I will discuss specific ideas for both groups going forward and increasing accessibility.
JavaScriptWeb Standards Modern web applications are using lots of JavaScript to create a fluent and responsive user experience. But if you want to load data from external places or include widgets into your site, you are quickly running into boundaries because of browser and security restrictions. This talk will show you techniques helping you with these problems.
JavaMobile In this talk, we'll discuss about the best practices to consider when developing an Android application. First, we'll make a quick overview of Android's constraints and limits. Then, we'll talk about architectural aspects and solutions that must be considered to make your application testable, scalable and maintainable.
PHP Annotations allow you to alter and inject behaviour into code in the context of the element you are manipulating. But how does PHP support Annotations? This talk will introduce Annotations and the libraries available to support them. I will also show how you can create your own annotations with these solutions.
Front-EndMobile Mozilla is not only working on a new operating system built on web technology, but also on improving the quality of web apps we can build with better APIs and app templates.

This talk encourages developers to build more exciting HTML5 apps than traditional "to-do apps" by showing off 2D+3D web tech and easy ways to get started building games.
.NETArchitecture In this session we’ll take a tour of all the various technologies that web developers & architects need to consider when putting together a Microsoft-based web application. From UI code libraries, to developer tooling, to server/cloud options & features, to considerations for performance & security, we’ll explore Microsoft web dev here in 2013.
.NET In this session we’ll take a tour of all the various technologies that web developers & architects need to consider when putting together a Microsoft-based web application. From UI code libraries, to developer tooling, to server/cloud options & features, to considerations for performance & security, we’ll explore Microsoft web dev here in 2013.
Data PersistancePerformance MySQL indexes are often used to make performance better. However, they can make performance suffer if you are not using them properly. Oracle ACE Director Sheeri Cabral explains the pitfalls to avoid with indexes and how to utilize compound indexes to maximize index availability with the least amount of write overhead.
JavaQuality Assurance Avec Mockito, PaxExam, TestNG, JUnit ... le monde du testing a longtemps souffert d’un manque d’uniformisation. Arquillian se place sur ce créneau et s’impose comme le leader grâce à sa forte extensibilité. Il a démontré ses qualités en étant adopté par tous les conteneurs permettant ainsi de tester l'intestable : la portabilité Java EE.
RubyDevOps Many developers overlook the importance of automating their deployment process until it is too late. In this talk, we'll discuss the importance of automation and how Chef can help with this task. You will learn how to setup Chef and how to write your own recipes. Vagrant will also be touched upon as it is a great tool for testing Chef recipes.
SecurityQuality Assurance Présentation d'une boite à outil permettant d'automatiser simplement les tests permettant de valider une application vis a vis des risques les plus courants (vis a vis du OWASP Top10)
Performance Do you need that message queue? Do you even need a database for this problem? Is a cluster always good? This is a story about how to scale better and have fun doing it, told through an example of how we wrote a distributed cache invalidation service able to invalidate 45 thousand cache entries per second with ease using only basic HTTP.
PHPSecurity You've seen some of the basics of securing your application - validating input, filtering output and the like. Let me take you a step further into more advanced security in PHP. Protecting your application from things like XML injection, insecure sessions & upload issues can be tricky. This session is a how-to on keeping your app safe.
PHPPerformance A how-to guide on identifying bottlenecks and scalability challenges within PHP applications. The session will do an in-depth coverage of the tools involved and how they can be used in real-life situations as well how to go about correctly interpreting the results and correlating them to flaws in the code and/or infrastructure.
PHPArchitecture There is legacy code. And there is this shiny new architecture, that would make your life easier. Unfortunately, starting from scratch is not an option, and refactoring old code bears unpredictable risks. This session shows concepts and strategies to implement bridge technologies that close the gap between old and new code and architectures.
SecurityUX Security and usability can co-exist in your application. This presentation will review usability best practices in authentication pages like registration, login and reset password against security best practices. You will also learn how to use visual design to secure your application and avoid visual and UX practices that weakens the overall security posture of an application.

This presentation will be co-presented with Christine Mekhail - UX Designer and Certified Identity Protection Advisor (CIPA) at Software Secured
PHP The same question always comes when dealing with legacy code: shall we maintain or rewrite the whole application? Another solution would be to migrate the code from step to step by introducing new valuable pieces of software. This talk will explain how you can take benefit from famous Symfony2 components to empower and modernize your legacy code.
Front-EndWeb Standards Browser versions are now just meaningless & arbitrary marketing labels. We've all been fed a lie that web sites/apps should look/act identical in all browsers. That lie is holding our industry back.

It's time we embrace standards and feature-testing and graceful degradation. Push back on bosses & clients and show them how the web really works.
Front-EndWeb Standards Code duplication, bloat and specificity battles are very common problems when sites grow, and they can spell disaster for site performance. In this session we will cover code organization and naming conventions to help your site grow. Attendees will learn how to build sites with the most reusable CSS possible.
Ruby In this talk I’ll show you how to build your application and get a working, well tested, and useable API in the process, with almost no extra overhead. I’ll also show you how to do it without making your controllers a mess of respond_to blocks. If anything, you’re controllers will become cleaner and leaner.
JavaScriptRuby We have entered a new wave of web applications. Amazing user experience. Real time updates. Rich interactions.

In this talk, I will discuss the necessary foundations and best practices involved in building rich, real time web applications - as we do it successfully at Kicksend - with examples in Rails, Backbone.js and XMPP.
PHPQuality Assurance Automated tests give you the secure basis to constantly evolve, improve and refactor your PHP app. But, what tests are suitable for which parts of your app? How to write code to be easily testable? And how to integrate such tests into your build process? This talk answers these questions in an overview of state of the art testing of PHP apps.
.NETCloud This demo-filled session will dive into Windows Azure’s relational and non-relational PaaS data services and how your applications can easily and efficiently leverage these services. We’ll look at SQL Database, the cloud-based relational database based on SQL Server technology, then look at the details of the NoSql data store service Table Storage.
Security A refresh from last year's code quizz game: 15 new code snippets involving various coding languages will be shown and you will try to identify their security flaws.

Difficulty will go increasing and newcomers are welcomed: each case will be explained and discussed.
PHP Managing external packages can be very error prone and cause multiple problems when deploying and working with a team. Learn how Composer can keep all your third party dependencies under control and help you find new libraries with a simple CLI interface and a json file.
PHP Continuous integration is a big picture idea for big projects, but what if your projects and pictures aren’t big? Is continuous integration worthwhile for every day projects? Learn more about what continuous integration actually is, what tools are available to help you implement it, and how you can make it work for you, even in the small stuff.
PHPPerformance How to verify that your application still performs well, even for complex user interactions? There is a world beside Apache Bench and Siege: JMeter can be used to simulate user interaction, test complex cluster setups and even integrates into Continuous Integration environments. We show JMeter as tool to continuously monitor your performance.
RubyArchitecture Alan Turing asked "Can machines think?". Thinking, that's easy! Even my dishwasher can do that (it's a really smart dishwasher). How about we try something harder and push into a new area of AI: "Can machines be creative?". We will explore the history of creative machines and examine examples of machine artists & the algorithms that make them tick
RubyQuality Assurance The worst kind of legacy code is convoluted, labyrinthine, and devilishly difficult to change. It's also packed with valuable lessons about simplicity and constraints. CSI:Ruby investigates a case of atrociously complex code, and focuses on a systematic approach to uncovering flaws in your design so you can spare it a deadly fate.
Front-End An overview of the popular pre-processors: Stylus, Less & Sass, with features subdivided up into easy to learn sections of beginner, intermediate and advanced.
Audience will learn: what is a preprocessor; how the top three preprocessors compare, their features, and where they start to fall short; get up and running in about 5 minutes.
Front-EndWeb Standards This session is an in-depth introduction to selectors in CSS3. CSS3 brings us the ability to precisely target elements in our pages without needing to add classes to our mark-up. A solid knowledge of how to use these selectors is vital for designers and developers alike.
Mobile The ever-shifting sands of Apple's iOS platform, makes iOS app development a challenge for new developers. The development approaches often change as xcode and iOS itself evolve. Let us cut our teeth together on building a (really) simple iOS application and learn some of the basics.
Data PersistancePerformance Database servers have hardware requirements different from other infrastructure software, specifically unique demands on I/O and memory. This presentation covers these differences and various I/O options and their benefits. Topics include solid-state drives (SSD), battery-backed RAID, controllers, and caching.
Data PersistanceArchitecture Dealing with lots of data can be daunting, if not done well it can affect the performance of your applications. Data has business value though and can't be ignored.

Storing it, dealing with it and mining it have huge rewards and can be fun. I'll cover some theory but the emphasis will be on the practical.
Front-EndUX Wireframes drag down the design process, become obsolete quickly, and lack important information on how a design will behave. Rapid prototyping, on the other hand, is an invaluable tool in the design toolbox that allows us to explore and validate a design idea and its interactions, and communicate the results to others while saving valuable time.
PHP Dependency Inversion is an important technique of object oriented software design and one of Uncle Bob's S.O.L.I.D. principles. In this talk I'll show you what this means and how PHP dependency injection containers can help you writing testable and maintainable code.
PHP Designing interfaces is an every days job for every programmer. But it's not only a job, it's an art. Be it a brand new application OO design, a shiny new module, in infrastructure library or just a single new class: All of them need a flexible, usable and extensible API. This talk gives a round up on essential rules that you need to obey to.
Data Persistance In this presentation, Sheeri Cabral will explain the differences and similarities among Oracle's MySQL, MariaDB, Drizzle, and the Percona patchset. You will learn the coding philosophies of the organizations behind the software, and how they interact with the community, so you can choose which fork is right for you.
PHP An introduction of eZ Publish 5 with concrete examples demonstrating the stability and performance of the platform.
Python In this session I'll show you how you can take Flask, a so-called "microframework", and write readable, usable, testable and intelligent code for all of your macro-scale applications. We'll go through basic project structure, API design, ORM integration (including some popular non-relational databases), modular design with blueprints, and testing.
PHPArchitecture So you have moved your business logic out of your MVC controllers, and into domain objects. Then, the business rules change. How can we adapt business objects, while deliberately breaking backwards compatibility? What is the best way to represent business logic in PHP after all? This talk introduces some lightweight approaches.
JavaArchitecture Ceci est une session de live coding. Nous verrons qu'il est possible de partir de code legacy, d'y ajouter des fonctionnalités et de le déployer sur le Cloud. Ce sera l'occasion de découvrir des techniques de refactoring et de TDD adaptées à du legacy.
Challenge supplémentaire, chaque étape doit être faite de la façon la plus simple possible.
Data PersistanceArchitecture ES provides an easy path to full-text search, synonyms, faceting, and geographic math, but there's a paucity of written wisdom beyond its API docs. This talk provides a survey of its capabilities and dives into the practical tradeoffs in a high-volume ES system, from indexing structures to the realities of deployment. Outline: http://bit.ly/OQxMje
Security What's two factor authentication, and why is everyone talking about it? We'll have a quick overview about why two factor authentication is so important nowadays and then we'll get down and dirty in code with two real world cheap/free implementations (Google Authenticator and Yubikey) that you can use for your webapps.
Front-End Trends are moving towards the emergence of site customization based on user state. We will cover practical development examples on using user interest and identity data mining techniques to be able to determine the emotional ease, frustration levels, and intention of users, and customize the user experience based on that.
Java Au travers de ma propre expérience, vous saurez si Scala peut vous apporter un plus dans votre métier de développeur. Après plus de 13 ans de Java, je développe en Scala depuis mai 2011. Loin des débats enflammés, je vous propose un point de vue objectif, des exemples de code, une présentation de Scala dans Play2, bref une "vraie" histoire
Data Persistance PostgresSQL contains a very rich set of datatypes, richer than most other databases. Some are built into the core PostgreSQL, some are available as easy to install extensions. This means that if you choose and use the correct datatype, you get lots of additional functionality in your system, completely for free.
Python Some programming languages don't even have a standard library. Many don't have one as awesome as Python. This is a talk on fifty awesome things I've found in it.
JavaMobile How do you design an Android app that adapts to the multitude of device sizes? In this talk, the presenter will show the design process she used while collaborating with a freelance designer to create Monkey Write. The design goal: To produce a single-device design while keeping an eye on elements that need to be fluid.
PythonArchitecture Programming is hard, but we can magnify our efforts with excellent API design. Let’s explore how, as we consider compactness, orthogonality, consistency, safety, coupling, state handling, layering, and more, illustrated with practical examples (and gruesome mistakes!) from several popular Python libraries.
Front-EndPerformance Web performance is no longer measured in seconds. Developers awareness needs to be raised on the importance of speed. My talk on frontend performance will cover tools, techniques, and tips developers can implement the moment they leave the room. Everything from code optimization to server side improvements will be covered.
.NETQuality Assurance You unit test, even integration test your application. You get to 100% code coverage, but when you finally deploy your application, the system is broken! How can we have full code coverage, but our application still breaks?

In this session, we'll look at functional testing with ASP.NET MVC and how we can design our system for testability.
Python Live demo of the latest breed of gevent-socketio, Python's cross-framework Socket.IO implementation, supporting protocol version 0.7+, all for your real-time web pleasures.

Action packed live coding, chocolate and laughs with the package's maintainer.
You're a git user, and you love what it does for you. Learn how to take it to the next level, straight from the experts at GitHub.

Among the topics that will be covered are rewriting history with rebase and filter-branch, finding bugs with bisect, and making your experience easier with terminal and GUI client tweaks.
You've heard of git, and the amazing powers it confers on the master practitioner. Learn what all the fuss is about, and earn your first few levels, straight from the experts at GitHub.
Ruby Software is always a mess, but the principles of object-oriented design allow you to manage your messes. OOD understands messes; it predicts their courses and foresees their outcomes. This talk shows you how to use OOD to create the best kinds of messes, those that let you get software out the door today without regretting your actions tomorrow.
Python Facebook suggests people that you might already know, Amazon recommends books you might like, and LinkedIn shows how you're connected to the CEO of Nokia. We’ll take a look at the basic theory behind how some of these classifiers and recommenders work (no comp. sci. degree required!), and show a few working examples using real-world data.
JavaScript Real applications are big and messy, but your deployments shouldn’t be. Take Node beyond “Hello, World” chat apps — explore how to integrate Node with existing applications and build new multi-component applications from the ground up.
Project Management Product engineering teams are always judged by one metric - how well you ship. Whether you are in a startup, or a large company, a performant and efficient team is always crucial. In this talk, I'll share how to create a great product team, what it takes to "always be shipping", and most importantly, how you can make your engineering teams tick.
JavaScriptWeb Standards In this talk you'll learn how to leverage your actual HTML5, CSS3, and JavaScript skills to build a Windows 8 application, and reach millions of people with your next project.
JavaScript HTML5 comes with a lot of new JavaScript APIs; communication is one of the most important aspects. It is now possible to send cross-domain requests, receive push messages from the server, use bi-directional full-duplex communication, and more. This session will discuss these and other techniques, show code samples, and list helper libraries.
MobileE-Commerce While building a payment system into an ecommerce store may be a simple integration, creating those same payment solutions in the context of a cross-platform, real-time HTML5 game is a completely different story. In this talk we will explore how to integrate a real-time store experience into the context of an HTML5 game.
Front-EndWeb Standards HTML forms have been the bane of web developers for years. Not anymore! Newer form features provide for native date pickers, place holder text, pattern matching, required fields, auto focus, error handling, and providing for the RIGHT keyboard on smartphones, all without JavaScript. Learn everything you could possibly want to know about web forms.
JavaWeb Standards WebSocket brings new opportunities for efficient peer-to-peer communication, providing the basis for a new generation of interactive and “live” Web applications. This session examines the efforts to support WebSocket in the Java programming model, from its base-level integration in the Java Servlet and Java EE containers to a new, easy-to-use API.
JavaScriptWeb Standards This session will introduce WebSockets by exploring a few practical applications. Afterward, we will dig into the JavaScript API before concluding with a look at the WebSocket communication protocol.
Web Standards What is an etag, exactly? What's all that stuff in the Accept header? And what the heck does a Vary header do anyways?! Web developers use HTTP everyday but most of us don't know how to get the most out of it. This talk goes past memorizing status codes (although we'll see those too) and teaches how to get the most out of every request and response
Accessibility This session will cover the web development roles that are involved for a selected choice of WCAG 2.0 success criteria in level A. Every accessibility criteria affects different roles of the web production chain in very specific ways. The participants will have an understanding of the main preoccupations each role must consider.
Project Management While discussing details on agile project methods only a few people recognized, that IT changed the way projects are executed. But the goal conflict between IT, Marketing & business still exists.

The talk shows a way to define shared business objectives and how to form a successful project culture in your company.
Requiring people to curate their own social profiles before seeing value from a service is a flawed & antiquated notion. As we explore this notion, we'll see through real examples how what a user views & interacts with online can be disseminated into a core understanding of the person, building a deep understanding of who they are & what they want
PHP PHP 5.4 is the next up and coming version of PHP. This talk will talk about what this new PHP release brings to the table interms of new functionalities that are available, general improvements and the changes that may impact your existing code.
Python Cette présentation s'adresse à un public qui voudrait démystifier Django.

On va prendre pour acquis qu'on ne connait pas du tout Django pour permettre de bien l'introduire.

L'objectif de cette présentation est de démontrer pourquoi Django est un framework de plus en plus populaire au sein de la communauté web.
.NETAPI Integration La session convrira les outils, méthodologies et meilleures pratiques pour développer une application d'affaire en SharePoint. La session incluera plusieurs démos et exemples de code .NET et permettra à l'audience de se familiariser avec les concepts de développement en SharePoint.
Python Python is a fantastic language, and an easy one to jump to for PHP developers.

This talk will help PHP developers make the quick and easy leap over to python and hit the ground running.
PHP Learn how to empower your objects in PHP with SPL! The SPL (Standard PHP Library) has existed for many years but is still one of the less understood parts of the language. We will cover some of the most useful core aspects of the SPL, features that are easy to add to your own objects, making them more powerful and flexible!
AccessibilityMobile Nous verrons au cours de cette session où en est l'accessibilité des terminaux mobiles et en particulier des terminaux utilisant ios ou android. De plus, au délà de l'accessibilité des terminaux, nous regarderons comment vous pouvez rendre le contenu de votre site ou application mobile accessible.
Project Management Qu'est-ce qu'une équipe performante agile? Plusieurs étapes sont nécessaires afin d’atteindre ce que nous jugeons "être une équipe performante". Des outils pour vous aider en tant que membre d’équipe, ScrumMaster, PO ou simplement comme manager, vous serons transmis à partir de faits et leçons vécus.
PythonSecurity L'utilisation du chiffrement demeure encore aujourd'hui une zone obscure et peut entraîner, même lors de l'utilisation d'algorithmes sécuritaires, de graves conséquences.

La séance présentera le concept d'oracle de chiffrement, de mauvaises implémentations de chiffrement ainsi qu'une démonstration d'attaque en situation réelle.
Project ManagementArchitecture Using Eric Ries' Lean Startup approach depends on validated learning. As a result, you need to measure everything the user does. Learn patterns, strategies, off-the-shelf and custom solutions based on actual experience from Food on the Table as it has grown from the first customer to over 1.5 million registered web and mobile users.
PHP Forms are everywhere and they are key elements for interacting with applications users. Unfortunately, designing forms is a very tedious task. Indeed, forms may contain complex behaviors and business logic to validate data. This talk will explain how to bring the Symfony forms and validation components into PHP applications to ease forms management
Data Persistance PostgreSQL 9.1 arrived with a new featured called KNN-GiST, or fast K-Nearest-Neighbour searching. Many people don't realize what that means, and what they're good for. This walk will look into both the more obvious geometrical and geographical cases, as well as the more surprising use-cases such as string matching and similarity
Java JMX is a good technology to expose a management API for your Java library; but what about consumption from other languages and through firewalls?
I will show you how at Terracotta we implemented a Jersey based Rest API for Ehcache (most popular java caching library) with security enabled(Authentication, Authorization, Accounting)using Apache Shiro
PerformanceDevOps You already measure app traffic, but do you know how much content your users created in the last hour? Sounds like a job for StatsD and Graphite.

Measure everything in any language. Display these measurements and pre-calculated metrics in ways that make it easy to see growth, failures, and other anomalies in application and system performance.
.NET Get a basic understanding of the MVC pattern and how it's been translated to the .NET world as an extension to ASP.NET. We'll have a look at the project templates, how Visual Studio has been tooled to help you do your job and some of the features that the latest build brings. Oh yeah, we're going to destroy a data-driven web site. In 8 minutes.
MobilePerformance Unlimited bandwidth? Always connected? Yeah right! Truth is, wireless coverage is spotty, and sometimes the internet is simply not available. In this talk, I am going to discuss a few design patterns that make your app snappy when connected, fully-functional when not. These strategies apply to both mobile web apps and native apps.
Front-EndMobile While perceived download speed is vital to web application performance, mobile brings additional concerns to the table. What happens to the user experience if a site is jumpy, choppy, or non-responsive to basic interaction. We’ll cover trouble spots that lead to poor user experiences as well as tips/techniques to prevent these trouble spots.
Data Persistance This talk introduces MongoDB. I will cover MongoDB's basic functionality, but also introduce replication and sharding. Focussing mostly on schema design and indexing gives you a solid base to get started with this scalable and high-performance document-oriented NoSQL database but also understand the design principles and use-cases.
Cloud Si les fournisseurs de Cloud (Amazon, Rackspace, etc) vous permettent de monter simpliment un nuage, vous devez transférer votre infrastucture chez eux. A contrario, si vous souhaitez rester le maitre de notre nuage, OpenStack est la réponse. Nous verrons dans cette session comment l'installer et avoir un Cloud opérationnel rapidement.
Performance Sooner or later everybody runs into an application performance challenge, whether it is during development, testing or in production. In this session I want to share my experiences from different engagements in the banking, telecommunication and ecommerce industries. I will show you some of my favorites from the past year, including ones that cost lots of money and impacted company brand and reputation. I will also share stories of how these performance problems appeared, how they were nailed down and how they were finally fixed. Finally I'll leave you with some recommendations on how to avoid running into similar issues with your applications.
.NETMobile In this presentation, we’ll take a look at Xamarin’s MonoTouch and Mono for Android. These tools allow you to create native apps using C# as the common language. You can target each platform natively and share non-UI code across iOS, Android and Windows Phone apps.
PHPArchitecture En tant que développeur, vous savez que votre tâche n'est pas toujours facile. Les modèles de conception (design patterns) sont une façon d'éviter de faire des erreurs ou de résoudre des problèmes que d'autres programmeurs ont déjà vécus précédemment. Cette présentation aura pour tâche de vous en présenter quelques uns à l'aide d'exemples concrets.
Data PersistancePHP Neo4j is a Java-based server to manage graphs of data. Nodes and edges - thinks people and friendship relations. This session will present the libraries available in PHP to communicate with this NoSQL server along with a few general strategies to use them efficiently to create well performing applications.
JavaScript There has been a strong connection between the terms "web" and "offline" for years. The rise of HTML5 and the support of offline mode in most modern browers changed the play of the game. This session will introduce the different ways of storing data on the client as well as pointing out the limitations of each of the different techniques.
API Integration This presentation introduces OpenStreetMap and explains what sort of rich data set it has. It also covers different APIs for using map tiles, as well as other APIs that form sister-projects to OSM, such as Nominatim (search), routing, and obtaining current-location information. Some hints on storage and searching will also be given.
Security Il existe une multitude d'outils analyse statique permettant d'identifier des bugs de sécurité. La présentation couvrira leurs forces et faiblesses. Quels critères de sélection sont importants dans le choix d'outils? Pour quels types de vulnérabilés ses outils sont-il le plus efficace?
JavaScriptSecurity Nous parcourerons le OWASP Top10 appliqué à Javascript et verrons comment développer les scripts serveurs ou les javascript navigateurs pour empêcher les vulnerabilités présentes dans le Top10 OWASP
Data PersistanceDevOps Emailing *.sql files to the in-house DBA before each release used to work for your single-node, single-environment website. You have recently been tasked with building a multi-environment application architecture when you realize that you need to come up with a more professional process which is less error-prone.
Data PersistancePHP PHP and MySQL are the foundation of many web applications. Still many developers scratch only the surface of the provided interoperability between PHP and MySQL. In this session you will learn hidden gems and new features in these area both on PHP's and MySQL's side. Things like automatic load balancing or caching features or memcache integration.
PHP PHP extensions provide the "glue" between the PHP language and C/C++ libraries. This session will provide an intense, and fast paced introduction to writing custom extensions. Attendees should ideally know C/C++ already. Time permitting, HipHop extensions may be covered as well.
PHP HipHop is the Open Source PHP language compiler and runtime designed and used by Facebook. HipHop offers a significant speed improvement over the official PHP runtime and supports most of its core features. This session will provide an introduction to how and why to use HipHop over PHP, and the benefits it offers.
PHPQuality Assurance PHPUnit is not difficult to set up and writing tests with it is easy. But with the the tips and tricks you will learn in this session you can leverage PHPUnit more effectively, giving you better results and increasing your productivity.
JavaArchitecture Découvrez Play2, un outil open-source qui permet de construire des applications webs orientées temps réelle et réactive. Cette présentation d'architecture web s'appuie sur la plateforme Zaptravel. Vous découvrirez un "vrai" projet sur lequel nous utilisons Scala/Java et Play2. Au programme : du code, des démonstrations et un retour d'experience.
UX We all have lots of interesting data floating around our apps. The problem, how do we make it human consumable? Especially when there's lots of it. At Songkick we have the largest database of live music in the world. I'll dig into some examples of visualisations, showing tools such as d3.js & using big data tools to discover meaning.
PythonPerformance Vous avez un code en production un peu lent? Des fuites de mémoire? Des problèmes de performances? C'est malheureusement ce nous est arrivé récemment. Cette session est un retour d'expérience des techniques et outils que l'on a trouvés pour résoudre nos soucis.
Project Management The communication between clients, project managers and developers is often difficulty. Asked for objectives & status, they will often give completely different answers.
The talk explains communication based on the 4-sides-model and explains the different project roles and their aims.
Establishing understanding will lead to successful projects.
API Integration pump.io is a small, efficient API daemon that does most of what you want from a social network -- getting activity data from one user to others in their social graph. In this talk, lead developer Evan Prodromou will discuss the purpose and design of pump.io and where it's going next.
Front-EndWeb Standards In this session Rachel will look at how we, as web developers, can take advantage of all the exciting new features in HTML5 and CSS without disadvantaging those using older technology or slow connections through no fault of their own. This is a practical session with lots of real examples from her own work.
PerformanceArchitecture In the modern world of scaling web applications, queues have become a go-to for increasing performance by parallelizing and backgrounding heavy duty tasks. Learn practical usages of queues through beanstalkd.
PHP NodeJS made event-driven programming mainstream. What many people do not know is that it is possible to do the same thing node does with PHP. React builds on top of the low level APIs in the PHP core to provide an easy to use interface that allows creating network daemons and more.
Quality AssuranceDevOps The code you write is the best source of feedback to help you write better code. When your code speaks to you through logs, tests, and documentation, finding and fixing bugs becomes much easier. This talk will show how to implement responsible development practices that allow code to effectively communicate with the developers that create the code.
Data Persistance More than some arcane NoSQL tool, Redis is a simple but powerful swiss army knife you can begin using today.

This talk introduces Redis and focuses on using it to cleanly solve everyday problems. Along the way, you'll learn how Redis can be used as an alternative to several common PHP tools.
Front-EndWeb Standards Les microdonnées HTML5 permettent d’associer des libellés à des contenus afin de décrire un type d'information spécifique (événement, personne, etc.) et aident les moteurs de recherche à mieux comprendre les pages Web, d'où de meilleurs résultats. Présentation, avantages, utilisations et exemple de codes seront les contenus de cet présentation.
Project Management Êtes-vous tannés de faire vos rétrospectives toujours de la même façon? Trouvez-vous qu'elles manquent de piquant? Sentez-vous que cela tourne en rond? Cette présentation vous permettra d'essayer de nouveaux formats et trucs pour arriver à des résultats.
RubyQuality Assurance In this presentation, we’ll see how RSpec makes writing unit and functional tests more simple and natural than regular tests in Rails applications. We’ll look into how we can improve our confidence level in our code by testing the behavior and expectations of our models, controllers, views, routes and helpers with RSpec and FactoryGirl.
Ruby The Rails Asset Pipeline is an amazing feature that optimizes workflow and performance, but is challenging to grasp. This session walks you through the Rails Asset Pipeline and how to leverage it for production use. We cover asset pipeline fundamentals, external library integration and re-use, deployment strategies and common gotchas in production.
Ruby Time to get off the Rails and learn the core foundation of the Rails Framework, Ruby. Ruby is a clean, flexible and easy to read language. During this session you will learn
basic syntax, OOP and the tools/libs the Ruby Way.
CloudPerformanceArchitecture Making your web application scale is always tough. This talk is a discussion & overview of the typical ways to scale LAMP apps in the past, and how you can now do this more easily on the cloud, specifically using Amazon Web Services such as EC2, RDS, S3 and more. AWS has a rich feature set that makes having a scalable app easier than ever before.
Security Le test d'intrusion est privilégié pour découvrir les failles de sécurité. Souvent, car l'entreprise ne connaît pas les alternatives, malgré son coût et ses limites.

Analyse, conception, codage, tests, déploiement et opérations: à chaque phase, de nouveaux risques, et de nouvelles opportunités pour les prévenir. Survol des opportunités...
CloudDevOps When it comes to maintaining more than only a few servers, setting up as well as configuring them manually is not an option. But before tools like Puppet can
take over the configuration, you need a working infrastructure. This session will show how easy it is fully automate a CentOS setup using Kickstart installs, custom repositories, and DHCP.
Data PersistancePerformance The MySQL database is fast but still system performance has limits. For read-load MySQL's replication system is a known and proven way for scaling out. But what about write-loads? This session will discuss the latest state about sharding in MySQL. From a basic setup to later shard management an further improvements.
PHPArchitecture Let's slice up the silex microframework and see how it looks like on the
inside. In this session I will dive into the source and show you how silex
ties together a bunch of Symfony2 components. The principles followed by these
components allow for great flexibility and generally apply to any software.
Security So you got hacked, how do you clean up as quickly as possible? This talk is DIY Incident Response: quickly identifying the vector of compromise, plugging it, and then finding and removing any backdoors that may be hidden on the system. This will be an expansion of last year's talk, delivered in the form of a narrative, with real-world examples.
Ruby This talk explains the object-oriented design principles that underly the SOLID acronym. It defines the principles in plain language and shows practical examples of their use by walking a simple bit of Ruby code through a series of refactorings that move it from specific and concrete to general and abstract.
UX UX is more than just UI. Creating a positive user experience is about understanding customer needs and designing a solution that addresses those needs. We'll dive beneath the user interface and explore the techniques and processes that will empower you to contribute a quality UX perspective to every project.
JavaMobile Spring for Android is a library that helps simplify the development of native Android applications providing the developer with a REST client (RestTemplate) and OAuth support (Spring Social).
During this talk, the attendees will learn how to integrate Spring for Android in their Android projects and how to code a Rest and OAuth client.
Performance Storm is a high-volume, continuous, reliable stream processing system developed at BackType and recently open-sourced by Twitter.

We'll start by touching on what problems Storm is (and isn't) trying to solve and why it's model is so powerful. We'll then move on to a deep dive into how to get Storm up and running.
DevOps As teams and projects grow to include varying technologies and team members with varying skill and experience levels, a standard yet configurable development environment is essential. Focusing on enabling team development with Vagrant, lets look at solving the “works on my machine”, “new team member” and “working from home” problems.
PHP Automated testing is an widely-adopted standard. Unfortunately there exist applications that are not testable by their design. In the first part of the session it is shown how the dynamic nature of PHP can be used to exchange dependencies. In the second part of the session an layer gets introduced which transforms code into testable fragments.
JavaScript Let's spend some time seeing how easy it can be to set up Mocha and Chai, a testing framework for JavaScript/CoffeeScript, in your application. We'll learn how to test that our jQuery or Backbone code is doing what it supposed to. It's really not as hard as you think it might be.
JavaScript JavaScript micro-frameworks are all the rage and rising stars like Backbone.js are gaining traction among developers. Come learn practical techniques to refactor your existing code to use Backbone.js and how it will actually help you now.
MobileUX In today's technological environment we consider Smart Phones to be... well smart. We think Siri is incredible, we think Google Now is quite outstanding. We believe that e-commerce websites are the thing. I am here to demonstrate they are not, they are cheap shots driven by habit; that in essence the dialogue between humans and machines is broken.
Accessibility Assistive Technologies 1st developed for people with disabilities often end up in everyday products. These products are then readopted people with disabilities. Looking at universal vs disability design. The presentation reviews this process and discusses several items and their history, such as Segway, speech-to-text, keyboards, eye-gaze, etc.
Front-End With the advent of modern desktop and mobile browsers supporting some or all of HTML5 the time to learn about this spec is now. Learn the basics of the additional functionality available to you with HTML5 from Canvas and Video to Geolocation and the Storage API’s. Walk through some examples and gain a deeper understanding of HTML5.
Java This talk introduces the Java EE 7 platform, the latest revision of the Java platform for the enterprise. It adds new APIs such as the REST client API in JAX-RS 2.0 and the long awaited Batch Processing API. Expression Language 3.0 and Java Message Service 2.0 will under go extreme makeover. HTML 5 and Web Sockets will be embraced as well.
Data Persistance This talk explores the much-anticipated Postgres 9.0 features of hot standby and streaming replication. It explains how these features work, how to configure them, and their current limitations. It includes a hands-on demonstration that can be done either by the instructor or by students.
Accessibility Through examples taken from existing websites, participants will be able to have an understanding of the most common issues in web accessibility and their respective solutions. This session is aimed at anyone who designs, develops, or manages a website. Topics include keyboard navigation, headings (h1-h6), colour contrast and alternative texts.
Java With the release of Java 8 slated for summer 2013, the stage has been set for the language to undergo its most important change in a decade. What are these changes and how relevant is Java at 17? We’ll answer these questions by not only exploring the new Java 8 features but where Java fits within emerging industry trends.
RubyQuality Assurance This talk begins with a patch of inpenetrable, undocumented, and untested code, and explores in detail the process of locking down behavior using characterization tests. A dramatic transformation of the code is achieved through the sequential application of numerous tiny refactorings. No stress. No hacking. No rewrite necessary.
Directors use storyboards before filming, landscapers use blueprints before shovels, and painters sketch their masterpieces long before their brush hits the canvas. Yet, as software developers, we often make the mistake of jump straight to the code. And next thing you know, a “proof of concept” becomes production, and a team is stuck maintaining
Ruby Sometimes, you need better diagnostic tools to debug what's going on - this talk will explain what DTrace is, how you will be able to use it in ruby 2.0, and the wealth of information you can extract.
UX Where do UI designers get their ideas from, and how to they take those ideas and turn it into a polished user interface. Enter UI patterns: common UI conventions, interactions and layouts that are reused by UI designers across the field. We'll take look at examples of bad interfaces and transform them with intuitive UI patterns.
PHPQuality Assurance During the last years the topic of software quality assurance got more attention in the PHP scene. One important part of this are software metrics, which provide you with the necessary tools to overview and measure a project to detect possible failures early. This session will explain you metrics, so that you can use them in your daily work.
PythonQuality Assurance Tests help you write better code and make changes faster with confidence they're right. With the right tools and techniques, they don't have to be a burden. We'll show how to get started quickly with Python's 'unittest' and 'nosetests' libraries, and cover techniques for making your tests test the right thing, be robust to change, and run quickly.
UX Not everyone has access to a user interface designer, but that doesn’t mean that usability is out of your reach. This talk will cover user experience basics along with simple, easy-to-implement tricks to improve usability. This talk will also cover ways to test if your site or application is making the grade.
JavaScriptMobile With iOS and Android use on the rise, learn to create applications for these popular mobile operating systems using technology you already know from the web. Appcelerator TItanium is a popular framework allowing you to build native applications with functions such as camera, geolocation, and compass, all from a few lines of Javascript.
SecurityQuality Assurance An overview of the methods for testing your web applications for some of the common classes of vulnerabilities: the OWASP Top 10 and beyond. We will use Vega, demonstrating new features. Vega is a free, open source, multi-OS platform for security testing web applications. Vega is for anyone developing, deploying, or maintaining a web application.
Security According to a study, nine out of ten web applications have security vulnerabilities. Developers seem to have a hard time writing secure apps, so browsers come to their aid: new techniques and protocols like built-in XSS filters, special HTTP headers, and more can help prevent many attacks. This session presents and discusses these new safeguards.
JavaScript Functional programming is the current hype in software - but maybe there is something to this whole malarkey. If you don’t know it, you should. This talk discusses what functional programming is, and more importantly why you want to be using it in your day-to-day javascript programming.
Cloud In this session, we’ll take a grand tour of Windows Azure from a developer’s point of view so that you get a good basic understanding of the different parts offered by the platform. No previous experience with Cloud computing or Azure is required. Also note that Azure is not just for .NET, you can also use Java, PHP, Python and Node.js
PHPProject Management I launched WonderProxy in 2009 to tremendously little fanfare, I didn't even tell my mom. We've grown from 6 servers to 78 in 46 different countries. This talk will combine the story of how it's grown, honest reflections on what's gone right or wrong, explanations of the technologies involved, and database schema showing how we handle things.
PHPSecurity Being secure on the web is getting harder and harder - the attacks are happening more and more and we, as web app developers, have to respond. The session will share tips you can follow in your code to ensure that your app stays safe and some tips to help improve investigation and preventing your app from becoming the next statistic.
Performance A talk largely focused around reverse proxies. It will answer why you can probably cache more than you already do. How you can do it. Where to start. If it's worth it and what you can do to prepare for massive scaling without re-engineering everything. The examples will be Varnish-specific but the underlying techniques are not.

Sponsored by

Media