Rohit Bhardwaj

AWS Certified Solution Architect workshop - Deep Dive

Monday, 9:00 AM CDT

AWS Certified Architect is one of the hottest and most valuable certifications in 2021. Amazon Web Services is one of the most popular cloud platforms around.

Abilities Validated by the Certification are:

– Effectively demonstrate knowledge of how to architect and deploy secure and robust applications on AWS technologies.

– Define a solution using architectural design principles based on customer requirements

– Provide implementation guidance based on best practices to the organization throughout the life cycle of the project

In this workshop, we will explore the following topics with hands-on labs:

– Design using compute, networking, storage, and database AWS services, EC2, S3 storage, RDS, DynamoDB
– AWS deployment and management services, Cloud Formation, Identity Access Management
– API Gateway, Route 53
– Serverless architecture, AWS Lambda, Step Functions
– Simple Notification Service (SNS), Simple Queue Service(SQS)
– AWS Cloud Watch, AWS CloudTrail
– Identify and define technical requirements for an AWS-based application
– Recommended best practices for building secure and reliable applications on the AWS platform
– Architectural principles of building on the AWS Cloud
– AWS global infrastructure
– Network technologies as they relate to AWS, Virtual Private Cloud
– Security features and tools that AWS provides and how they relate to traditional services

This talk is ideal for the following roles:
Architects
Technical Leads
Programers
Integration Architects
Solution Architects

Please get free tier AWS account from following link:
https://aws.amazon.com/

Architecting AI Enabled Microservices

Tuesday, 8:30 AM CDT

Seven steps methodology for designing superior AI-Enabled Microservices

In most of the Monolithic applications business objects and data, model designs are already present. As part of moving to cloud, companies miss out of the use-cases the REST APIs need to support. Implementing cloud solutions on top of existing models may lead to performance issues with APIs and cause scalability issues. Clients need to rewrite code due to a new version of APIs.

In most of the Monolithic applications business objects and data, model designs are already present. As part of moving to cloud, companies miss out of the use-cases the REST APIs need to support. Implementing cloud solutions on top of existing models may lead to performance issues with APIs and cause scalability issues. Clients need to rewrite code due to a new version of APIs.

In this talk, we will explore ten steps methodology for designing superior Cloud Native RESTFul Microservices APIs. Firstly, define the business domain objects and how they relate to use cases. If the use-case is to support <500 ms response time and availability of 99.99%, design the application for Consistency, Availability, and Partition tolerant. Next, Create an ideal design which solves the use-cases, refer to the industry standard JSONs and designs from schema.org, iana.org, and microformats.org. Later, find the fail points in the process and go back to the first step to resolving the pain points: Go back to Define the problem. Question to ask is what can go wrong? When can it go wrong? Next, create a Facade pattern to connect to either the existing Monolithic App or create a new App to support the new cloud use-cases. Create API Gateway, so other companies can build software and create more offerings. Next, design common Layers for error handling, logs, and security. For API security, perform Threat Modeling to find security vulnerabilities and plan for mitigation of risks. Use generic authentication using SAML, OAuth, and JWT to support Authentication and Authorization. Next, create an API Versioning strategy so that the REST API can evolve with minimal client changes. Apply Cloud Native design patterns for Resiliency. In the end, test APIs using contract driven testing and PACT files.

This talk is ideal for the following roles:
Architects
Technical Leads
Programers
Integration Architects
Solution Architects

Architecting AI Enabled Microservices

Tuesday, 10:30 AM CDT

Seven steps methodology for designing superior AI-Enabled Microservices

In most of the Monolithic applications business objects and data, model designs are already present. As part of moving to cloud, companies miss out of the use-cases the REST APIs need to support. Implementing cloud solutions on top of existing models may lead to performance issues with APIs and cause scalability issues. Clients need to rewrite code due to a new version of APIs.

In most of the Monolithic applications business objects and data, model designs are already present. As part of moving to cloud, companies miss out of the use-cases the REST APIs need to support. Implementing cloud solutions on top of existing models may lead to performance issues with APIs and cause scalability issues. Clients need to rewrite code due to a new version of APIs.

In this talk, we will explore ten steps methodology for designing superior Cloud Native RESTFul Microservices APIs. Firstly, define the business domain objects and how they relate to use cases. If the use-case is to support <500 ms response time and availability of 99.99%, design the application for Consistency, Availability, and Partition tolerant. Next, Create an ideal design which solves the use-cases, refer to the industry standard JSONs and designs from schema.org, iana.org, and microformats.org. Later, find the fail points in the process and go back to the first step to resolving the pain points: Go back to Define the problem. Question to ask is what can go wrong? When can it go wrong? Next, create a Facade pattern to connect to either the existing Monolithic App or create a new App to support the new cloud use-cases. Create API Gateway, so other companies can build software and create more offerings. Next, design common Layers for error handling, logs, and security. For API security, perform Threat Modeling to find security vulnerabilities and plan for mitigation of risks. Use generic authentication using SAML, OAuth, and JWT to support Authentication and Authorization. Next, create an API Versioning strategy so that the REST API can evolve with minimal client changes. Apply Cloud Native design patterns for Resiliency. In the end, test APIs using contract driven testing and PACT files.

This talk is ideal for the following roles:
Architects
Technical Leads
Programers
Integration Architects
Solution Architects

Designing Well Architected Framework Workshop - Deep Dive

Tuesday, 1:00 PM CDT

Secure, Efficient, Resilient, High-performing, Sustainable, and Cost-effective

Are your applications well-architected? This talk will explore the best practices for operational excellence, Security, Reliability, Performance Efficiency, and cost optimization. Think of systems and services which provide business values. Do you know if all of these services are well-architected? You will learn how to create mechanisms, a repeatable process that allows you to improve over time. We will explore the best practices using real-world examples to make them more concrete and actionable.

Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for various applications and workloads. They are built around six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.

Join expert Rohit Bhardwaj to gain the knowledge and skills you need to solve current cloud implementation problems.

What you'll learn — and how you can apply it
By the end of this live, hands-on, online course, you'll understand the following:

– How to create responsive, maintainable, extensible architecture

– How to manage identities for people and machines and understand the significance of role-based, service-based, and attribute-based access

– How to design network topology and protect your network resources

– How to design interactions in a distributed system to prevent failures and improve performance and resiliency

– How to select the best-performing architecture and choose performant storage and databases

– How to manage demand and supply resources

– How to take advantage of user behavior patterns to support your sustainability goals

Topics covered:

Design Principles

– Scaling patterns

– Architecture Design Principles

– Capacity calculations

– Impact of data on design decisions

– Shared Responsibility Model

Reliability

– Resilient Architecture principles

– Herds of complex real-time distributed systems

– Hands-on Exercises / Case Studies

– Blast radius- fault isolation to protect your workload

– Availability patterns

– Recovery Point Objective and Recovery Time Objectives

– Data backup data patterns

– Routing Strategies

– Service quotas and constraints

– Design your workload service architecture

– Failure management in a distributed system

– Monitoring workload resources

– Calculating the response times

– Fallacies of Distributed Systems

– Testing reliability

– Cost Optimization

– Design cost-optimized storage

– Cost-optimized compute

– Data transfer costs

– Manage demand and supply resources

– Hands-on Exercises / Case Studies

Sustainability
– User behavior patterns

– Data access and usage patterns

– Development and deployment processes

– Hands-on Exercises / Case Studies

Performance Efficiency
– Select the best-performing architecture

– Choosing performant storage and databases?

– No-SQL for performance

– Caching strategies

– DOS attacks

– Tradeoffs to improve performance

– Evolving your workload

– Handle skewed data

– CDN networks like Cloudfront to solve the caching requirements for static and Dynamic
contents

– Monitor and set alarms for performance and network issues

– Hands-on Exercises / Case Studies

Operational Excellence
– Principles for Perform Operation Infrastructure as code

– Annotate Documentation - PlayBooks - Part of code

– Create Runbooks - Server down

– Capture failures and analyze them using Events and Real-Time Actions

– KPIs for cloud dashboard

– Incidence response - Root Cause Analysis

– Hands-on Exercises / Case Studies

Security, Privacy, and Compliance
– Manage identities for people and machines

– Identify Access Management

 Role-Based, Service-Based, and Attribute-Based Access

– Securely operate your workload.

– Detect and investigate security events

– Web Application Firewall

– Virtual Private Cloud - design network topology

– Protecting your network resources

– Bastion Hosts

– Data classification

– Protecting data in Transit

– Protecting data at Rest

Hands-on Exercises / Case Studies

Designing Well Architected Framework Workshop - Deep Dive

Tuesday, 3:00 PM CDT

Secure, Efficient, Resilient, High-performing, Sustainable, and Cost-effective

Are your applications well-architected? This talk will explore the best practices for operational excellence, Security, Reliability, Performance Efficiency, and cost optimization. Think of systems and services which provide business values. Do you know if all of these services are well-architected? You will learn how to create mechanisms, a repeatable process that allows you to improve over time. We will explore the best practices using real-world examples to make them more concrete and actionable.

Well-Architected helps cloud architects build secure, high-performing, resilient, and efficient infrastructure for various applications and workloads. They are built around six pillars—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.

Join expert Rohit Bhardwaj to gain the knowledge and skills you need to solve current cloud implementation problems.

What you'll learn — and how you can apply it
By the end of this live, hands-on, online course, you'll understand the following:

– How to create responsive, maintainable, extensible architecture

– How to manage identities for people and machines and understand the significance of role-based, service-based, and attribute-based access

– How to design network topology and protect your network resources

– How to design interactions in a distributed system to prevent failures and improve performance and resiliency

– How to select the best-performing architecture and choose performant storage and databases

– How to manage demand and supply resources

– How to take advantage of user behavior patterns to support your sustainability goals

Topics covered:

Design Principles

– Scaling patterns

– Architecture Design Principles

– Capacity calculations

– Impact of data on design decisions

– Shared Responsibility Model

Reliability

– Resilient Architecture principles

– Herds of complex real-time distributed systems

– Hands-on Exercises / Case Studies

– Blast radius- fault isolation to protect your workload

– Availability patterns

– Recovery Point Objective and Recovery Time Objectives

– Data backup data patterns

– Routing Strategies

– Service quotas and constraints

– Design your workload service architecture

– Failure management in a distributed system

– Monitoring workload resources

– Calculating the response times

– Fallacies of Distributed Systems

– Testing reliability

– Cost Optimization

– Design cost-optimized storage

– Cost-optimized compute

– Data transfer costs

– Manage demand and supply resources

– Hands-on Exercises / Case Studies

Sustainability
– User behavior patterns

– Data access and usage patterns

– Development and deployment processes

– Hands-on Exercises / Case Studies

Performance Efficiency
– Select the best-performing architecture

– Choosing performant storage and databases?

– No-SQL for performance

– Caching strategies

– DOS attacks

– Tradeoffs to improve performance

– Evolving your workload

– Handle skewed data

– CDN networks like Cloudfront to solve the caching requirements for static and Dynamic
contents

– Monitor and set alarms for performance and network issues

– Hands-on Exercises / Case Studies

Operational Excellence
– Principles for Perform Operation Infrastructure as code

– Annotate Documentation - PlayBooks - Part of code

– Create Runbooks - Server down

– Capture failures and analyze them using Events and Real-Time Actions

– KPIs for cloud dashboard

– Incidence response - Root Cause Analysis

– Hands-on Exercises / Case Studies

Security, Privacy, and Compliance
– Manage identities for people and machines

– Identify Access Management

 Role-Based, Service-Based, and Attribute-Based Access

– Securely operate your workload.

– Detect and investigate security events

– Web Application Firewall

– Virtual Private Cloud - design network topology

– Protecting your network resources

– Bastion Hosts

– Data classification

– Protecting data in Transit

– Protecting data at Rest

Hands-on Exercises / Case Studies

DevSecOps Productivity: Driving Security with Ethical Hacking & OWASP Top 10 for Apps, APIs, LLMs, and Mobile

Tuesday, 5:00 PM CDT

As a software architect, you're at the forefront of building scalable, secure, and resilient systems that drive innovation while safeguarding critical digital assets. This workshop is designed to equip you with actionable strategies, cutting-edge tools, and deep technical insights into embedding security into every phase of the software development lifecycle.
In this immersive, hands-on session, we will explore how to elevate your DevSecOps practices to meet the challenges of today’s evolving threat landscape while ensuring productivity and operational excellence.

What You'll Learn:

• Integrating Security into CI/CD Pipelines:
Discover how to build efficient, secure workflows that empower teams to deliver faster without compromising security. Learn to implement security gates and automate vulnerability detection with tools like SAST, DAST, and dependency scanning.
• Tracking Metrics for Success:
Understand key DevSecOps metrics such as lead time, deployment frequency, mean-time-to-recover (MTTR), and change fail rate. Learn how observability tools provide actionable insights to optimize performance and reliability.
• Proactive Security with Ethical Hacking:
Dive into penetration testing and simulate real-world attacks to uncover vulnerabilities in your systems before attackers do. Get hands-on with industry-standard tools such as OWASP ZAP.
• OWASP Top 10 for Applications, APIs, LLMs, and Mobile:
  • Applications: Learn to identify and mitigate risks such as injection flaws, broken authentication, and misconfigurations.
  • APIs: Secure APIs with best practices for authorization, schema validation, and rate limiting to combat vulnerabilities like excessive data exposure.
  • LLMs: Explore unique challenges in securing Large Language Models (AI-driven applications), including prompt injection and data leakage.
  • Mobile: Address mobile app vulnerabilities such as insecure storage and transport layer protection, ensuring your applications are robust across platforms.
• Aligning Security with Business Outcomes:
Bridge the gap between technical practices and business goals by aligning DevSecOps with operational KPIs. Demonstrate how secure development drives measurable business value, customer satisfaction, and operational excellence.

Why You Should Attend:

• Hands-On Experience: Participate in live demonstrations of vulnerabilities, attacks, and their mitigation across applications, APIs, LLMs, and mobile systems.
• Cutting-Edge Tools and Techniques: Gain exposure to the latest tools and practices in CI/CD, ethical hacking, and observability.
• Business-Driven Approach: Learn how to connect DevSecOps efforts to organizational success, making security an enabler of productivity.
• Collaborate with Experts: Engage with peers and experts to discuss real-world challenges and share actionable solutions.

Who Should Attend:
This workshop is ideal for:

• Software Architects seeking to embed security into every layer of system design.
• Senior Developers striving to deliver secure, high-performing applications.
• Technical Leads responsible for ensuring compliance and operational excellence in development pipelines.

Join us for this transformative session to gain the skills and knowledge necessary to design secure, scalable, and resilient systems that protect your organization and enable innovation.

Salient Points Architects Will Learn in This Talk

• Shift-Left Security: Embed security early in the CI/CD process to catch and resolve vulnerabilities proactively.
• Key DevSecOps Metrics: Track and optimize lead time, deployment frequency, MTTR, and change fail rate for operational excellence.
• Ethical Hacking: Learn how to simulate real-world attacks to identify and fix vulnerabilities before they become threats.
• OWASP Top 10 Insights: Gain actionable strategies to mitigate risks across applications, APIs, LLMs, and mobile platforms.
• API Security Best Practices: Implement schema validation, token-based authentication, and rate limiting to safeguard APIs.
• AI Security for LLMs: Address unique vulnerabilities in Large Language Models, including prompt injection and data leakage.
• Mobile App Security: Protect mobile systems from insecure data storage and transport vulnerabilities using OWASP Mobile Top 10.
• Business Alignment: Connect DevSecOps practices to measurable business KPIs, demonstrating security’s value in driving success.

This session is a must-attend for architects aiming to design secure, scalable systems while staying ahead in the rapidly evolving security landscape.

Mastering Cloud Scalability and System Designs Workshop

Wednesday, 9:00 AM CDT

Real-world applications nowadays are designed using both art and science. What is the process of coming up with a solution which works, scales, and is resilient?
What is it challenging to design a system for disruptive technologies?
System design is unstructured, and there are many ways to solve problems.
Gaining experience in new applications and technologies
Best practices change with time. The best way ten years ago can quickly become an anti-pattern.

In this talk, we will explore step by step guide to approach System design using real-world applications.

Come prepared to design a system for following applications interactively.

We will gain more knowledge with collective experience and best practices.

• UBER System Design

• NETFLIX System Design

• INSTAGRAM System Design

• YELP System Design

• TWITTER System Design

• Search Engines

• Auto Suggestions / Recommendations System Design

• Fraud Detection System Design

This talk is ideal for the following roles:

• Architects

• Technical Leads

• Programers

• Integration Architects

• Solution Architects

Mastering Cloud Scalability and System Designs Workshop

Wednesday, 11:00 AM CDT

Real-world applications nowadays are designed using both art and science. What is the process of coming up with a solution which works, scales, and is resilient?
What is it challenging to design a system for disruptive technologies?
System design is unstructured, and there are many ways to solve problems.
Gaining experience in new applications and technologies
Best practices change with time. The best way ten years ago can quickly become an anti-pattern.

In this talk, we will explore step by step guide to approach System design using real-world applications.

Come prepared to design a system for following applications interactively.

We will gain more knowledge with collective experience and best practices.

• UBER System Design

• NETFLIX System Design

• INSTAGRAM System Design

• YELP System Design

• TWITTER System Design

• Search Engines

• Auto Suggestions / Recommendations System Design

• Fraud Detection System Design

This talk is ideal for the following roles:

• Architects

• Technical Leads

• Programers

• Integration Architects

• Solution Architects

Multi-Tenant NoSQL and NewSQL cloud-data design patterns Workshop

Wednesday, 3:15 PM CDT

We are all familiar with the 3rd Normal form. Does that scale? What are the best practices for designing resilient, multi-tenant, performant databases? In this talk, we will explore the database evaluation process, where we will make choices on technology stacks based on requirements and analyzing the CAP theorem. We will discover different Consistency, Availability, and Partition Tolerance techniques, investigate No-SQL databases, and help new cloud deployments using the 3rd Platform.

Big data has characteristics in the new Cloud domain, which requires storing various data for different use-cases. We will explore the Document data store, Key-value, Columnar NoSQL, Graph NoSQL and NewSQL databases.
Next, we will look at how to do data modeling for NoSQL columnar databases to support highly available partition tolerant use-cases. We will discover different strategies to help multi-tenant requirements. In the end, we will look at how to choose the right database? We will also see what the future of Databases are comparing based on Consistency Models, Schema Models, Database Languages, and Database storage.

We will look at data quality patterns and issues and how to use MDM strategy to fix these issues. We will explore survivor ship records and how to validate if the data is correct in system. In the end we will also look at GDPR and PII data strategies.

We will be exploring following databases types:

• Key-value stores

• Wide column stores

• Document stores

• Time Series DBMS

• Graph DBMS

• Object oriented DBMS

• Search engines

• RDF stores

• Spatial DBMS

• Event Stores

• Content stores

A few of the technologies we will explore are

• Cassandra

• Amazon DynamoDB

• MongoDB, HBase

• REDIS, MemcacheDB,

• RDF / SPARQL

• Graph Databases, Neo4J

• CockroachDB

This talk is ideal for the following roles:

• Architects

• Technical Leads

• Programers

• Integration Architects

• Solution Architects

Multi-Tenant NoSQL and NewSQL cloud-data design patterns Workshop

Wednesday, 5:00 PM CDT

We are all familiar with the 3rd Normal form. Does that scale? What are the best practices for designing resilient, multi-tenant, performant databases? In this talk, we will explore the database evaluation process, where we will make choices on technology stacks based on requirements and analyzing the CAP theorem. We will discover different Consistency, Availability, and Partition Tolerance techniques, investigate No-SQL databases, and help new cloud deployments using the 3rd Platform.

Big data has characteristics in the new Cloud domain, which requires storing various data for different use-cases. We will explore the Document data store, Key-value, Columnar NoSQL, Graph NoSQL and NewSQL databases.
Next, we will look at how to do data modeling for NoSQL columnar databases to support highly available partition tolerant use-cases. We will discover different strategies to help multi-tenant requirements. In the end, we will look at how to choose the right database? We will also see what the future of Databases are comparing based on Consistency Models, Schema Models, Database Languages, and Database storage.

We will look at data quality patterns and issues and how to use MDM strategy to fix these issues. We will explore survivor ship records and how to validate if the data is correct in system. In the end we will also look at GDPR and PII data strategies.

We will be exploring following databases types:

• Key-value stores

• Wide column stores

• Document stores

• Time Series DBMS

• Graph DBMS

• Object oriented DBMS

• Search engines

• RDF stores

• Spatial DBMS

• Event Stores

• Content stores

A few of the technologies we will explore are

• Cassandra

• Amazon DynamoDB

• MongoDB, HBase

• REDIS, MemcacheDB,

• RDF / SPARQL

• Graph Databases, Neo4J

• CockroachDB

This talk is ideal for the following roles:

• Architects

• Technical Leads

• Programers

• Integration Architects

• Solution Architects

Enterprise Ethical Hacking and DevSecOps for Cloud Applications Workshop

Thursday, 9:00 AM CDT

Securing a web application is an enormous task. In this talk, we will explore how to protect enterprise applications. Can we shift left and do continuous exploitation testing while the code is still in development?
We will explore different kinds of vulnerabilities and how to secure your applications properly. Security patterns need to be understood by first wearing a hacker's hat and then putting the hat as a defender. In this workshop, we will explore different security patterns and determine how to prevent attacks.
We will be using OWASP ZAP to exploit applications.

Metrics are essential to measuring success for DevOps. In this talk, we will explore different dimensions and measure the Metrics and apply quality gates for DevSecOps projects.
As part of our exploration, we will look at how businesses can connect DevOps with Business Metrics. Ultimately Business value is critical for survival for any business. Management needs to realize that keeping DevSecOps will help in the speed of development and track how well the company is doing.

Key takeaways for this workshop is:
Threat Modeling techniques using the Threat modeling tool
Reconnaissance to gather information, Google hacking database, Exploit Database
Scanning for vulnerabilities using OWASP ZAP
Exploitation with DOS attacks
Lead Time: The time from code written to entering production
Deployment Frequency: How often deploys happen
Mean-Time-To-Recover (MTTR): How quickly can teams restore service after production outages
Change Fail Rate: What percentage of deploys result in service impairment or an outage

What will benefit from this course?
Developers and Architects who want to shift left for Ethical Hacking
Some knowledge of Linux
This talk is ideal for the following roles:
Architects
Technical Leads
Programers
Integration Architects
Solution Architects

Enterprise Ethical Hacking and DevSecOps for Cloud Applications Workshop

Thursday, 11:00 AM CDT

Securing a web application is an enormous task. In this talk, we will explore how to protect enterprise applications. Can we shift left and do continuous exploitation testing while the code is still in development?
We will explore different kinds of vulnerabilities and how to secure your applications properly. Security patterns need to be understood by first wearing a hacker's hat and then putting the hat as a defender. In this workshop, we will explore different security patterns and determine how to prevent attacks.
We will be using OWASP ZAP to exploit applications.

Metrics are essential to measuring success for DevOps. In this talk, we will explore different dimensions and measure the Metrics and apply quality gates for DevSecOps projects.
As part of our exploration, we will look at how businesses can connect DevOps with Business Metrics. Ultimately Business value is critical for survival for any business. Management needs to realize that keeping DevSecOps will help in the speed of development and track how well the company is doing.

Key takeaways for this workshop is:
Threat Modeling techniques using the Threat modeling tool
Reconnaissance to gather information, Google hacking database, Exploit Database
Scanning for vulnerabilities using OWASP ZAP
Exploitation with DOS attacks
Lead Time: The time from code written to entering production
Deployment Frequency: How often deploys happen
Mean-Time-To-Recover (MTTR): How quickly can teams restore service after production outages
Change Fail Rate: What percentage of deploys result in service impairment or an outage

What will benefit from this course?
Developers and Architects who want to shift left for Ethical Hacking
Some knowledge of Linux
This talk is ideal for the following roles:
Architects
Technical Leads
Programers
Integration Architects
Solution Architects