Brian Sletten

We have seen how Retrieval Augmented Generation (RAG) systems can help prop up Large Language Models (LLMs) to avoid some of their worst tendencies. But that is just the beginning. The cutting edge stateoftheart systems are Multimodal and Agentic, involving additional models, tools, and reusable agents to break problems down in separate pieces, transform and aggregate the results, and validate the results before returning them to the user.

Come get introduced to some of the latest and greatest techniques for maximizing the value of your LLMbased systems while minimizing the risk.

We will cover:

• The LangChain and LlamaIndex Frameworks
• Naive and Intermediate RAG Systems
• Multimodal Models (Mixing audio, text, images, and videos)
• Chatbots
• Summarization Services
• Agent Protocols
• Agent Design Patterns

Application Programmer Interfaces (APIs) by definition are directed at software developers. They should, therefore, strive to be useful and easy to use for developers. However, when engaging design elements from the Web, they can be useful in much larger ways than simply serializing states in JSON.

There is no right or perfect API design. There are, however, elements and choices that induce certain properties. This workshop will walk you through various approaches to help you find the developer experience and long-term strategies that work for you, your customers and your organization.

We will cover:

The Web Architecture as the basis of our APIs
The REST Architectural Style and its motivations
The Richardson Maturity Model as a way of discussing design choices and induced properties
The implications of contentnegotiation and representation choices such as JSON or JSONLD
The emergence of metadata approaches to describing and using APIs such as OpenAPI and HydraCG
Security considerations
Client technologies
API Management approaches

The Internet works as it was designed. Occasionally new uses, new technologies, and new scenarios confound those designs and force us to evolve. Fortunately, the architecture allows this quite easily, but where and how to effect change is not always obvious.

For those who wish “Full Stack Engineering” to be a more accurate view of their background than simply developing front AND back end systems, this talk will be a comprehensive and illuminating discussion about how the designs of the 1960s have evolved as an architecture and updated collection of protocols and standards.

Security problems empirically fall into two categories: bugs and flaws. Roughly half of the problems we encounter in the wild are bugs and about half are design flaws. A significant number of the bugs can be found through automated testing tools which frees you up to focus on the more pernicious design issues. 

 In addition to detecting the presence of common bugs, however, we can also imagine automating the application of corrective refactoring. In this talk, I will discuss using OpenRewrite to fix common security issues and keep them from coming back.

In this talk we will focus on:

Using OpenRewrite to automatically identify and fix known security vulnerabilities.
Integrating security scans with OpenRewrite for continuous improvement.
*Free up your time to address larger concerns by addressing the pedestrian but time-consuming security bugs.

On the one hand, Machine Learning (ML) and AI Systems are just more software and can be treated as such from our development efforts. On the other hand, they behave very differently and our capacity to test, verify, validate, and scale them requires a different set of perspectives and skills.

This presentation will walk you through some of these unexpected differences and how to plan for them. No specific background in ML/AI is required, but you are encouraged to be generally aware of these fields. The AI Crash Course would be a good start.

We will cover:

Matching Capabilities to Needs
Performance Tuning
Vector Databases
Testing Strategies
MLOPs/AIOps Techniques
Evolving these Systems Over Time

It’s inescapable. The capabilities that ChatGPT and Large Language Models provide have become discussion topics on the news, in social gatherings, online, at work. Things that would have seemed impossible a few years ago are now nearly pedestrian in how ubiquitous they are becoming on a daily basis. While they show very well, very few people actually understand what is going on, and worse, what is or isn’t possible.

How then should we evaluate these achievements as we make decisions on how to adopt and adapt to powerful new technologies? What will they mean for us as a society and as individual knowledge workers? In addition to a discussion specifically about ChatGPT and its peer technologies and what they portend, we will also discuss critically evaluating new technology as make decisions in the future.

Learning Objectives:

After attending this talk, you will be able to:
Explain what Large Language Models (LLMs) are and how they are used
Understand intuitively how they are built and work
Understand where they fit into the overall history of natural language processing
Understand the use cases where they are effective and appropriate in modern Enterprises
Understand the limitations of these models and how they can go wrong
Understand the moral, ethical, and legal complications that surround the development and use of these models
Understand the externalities of developing and operating these models which are often not priced into the fancy demos

It’s inescapable. The capabilities that ChatGPT and Large Language Models provide have become discussion topics on the news, in social gatherings, online, at work. Things that would have seemed impossible a few years ago are now nearly pedestrian in how ubiquitous they are becoming on a daily basis. While they show very well, very few people actually understand what is going on, and worse, what is or isn’t possible.

Additionally, there are concerns about the costs involved, the security risks, and the inherent latencies of cloud-based systems. There are additional costs that are not factored into model deployments that we need to consider as well. How do the trends in IT of increased parallelization, heterogeneity, and distributed systems impact the use of these models?

How should we evaluate these achievements as we make decisions on how to adopt and adapt to powerful new technologies? What will they mean for us as a society and as individual knowledge workers? In addition to a discussion specifically about ChatGPT and its peer technologies and what they portend, we will
also discuss critically evaluating new technology as we make decisions in the future.

Machine Learning is clearly here to stay. While it is a far cry from actual Artificial Intelligence, it provides many invaluable and remarkable ways to learn from the data we are collecting about our customers, products and daily activities. The past afforded us machine learning libraries which became machine learning frameworks. Now, we are designing and building machine learning platforms that facilitate entire initiatives in reusable and extensible ways.

We will discuss many of the drivers of modern machine learning systems and the architectures that we are seeing emerge as well as the security implications of protecting them.

Machine Learning is all the rage, but many developers have no idea what it is, what they can expect from it or how to start to get into this huge and rapidly-changing field. The ideas draw from the fields of Artificial Intelligence, Numerical Analysis, Statistics and more. These days, you'll generally have to be a CUDA-wielding Python developer to boot. This workshop will gently introduce you to the ideas and tools, show you several working examples and help you build a plan to for diving deeper into this exciting new field.

We will cover:

• The differences between data science, AI and machine learning
• The Five Tribes of Machine Learning (as defined by Pedro Domingos)
• Walkthroughs of some of the main algorithms
• Examples in Java, R and Python
• Tools such as Tensorflow and Pytorch
• The impact of GPUs on machine learning
• Stories about how companies are being successful with machine learning
• A discussion about the likely impacts of machine learning on the job market and society

Networking technologies may seem like done deals, but that could not be further from the truth. We will introduce you to some of the most important advances happening in the world of networking including current and upcoming changes to HTTP.

We will discuss pluggable network architectures such as libp2p and the emergence of software-defined networks.

In the last 30 years, our industry has been upended by advancements that unlock previously unimaginable capabilities. It still seems like there is far too much failure and not enough success in IT systems though. To be successful in the 21st Century, you will need to understand where we are and where we are going. It is a complex amalgamation of developments in hardware, computer languages, architectures and how we manage information. Very few people understand all of the pieces and how they connect.

In this talk we will cover how technology changes are enabling longer term capture of business value, modernization of legacy systems, resilience in the face of increased mobile user bases, IT sovereignty and distributed, layered, heterogeneous architectures.

Large Language Models (LLMs) such as ChatGPT and Llama have impressed us with what they can do. They have also horrified us with what they actually do when they are employed with no protection: hallucinations, stale knowledge bases, no conceptual basis for reasoning, and a capacity for toxic and inappropriate content generation. Rather than avoid them altogether or risk legal liability or brand damage, we can put some guardrails around them to benefit from their best traits without fearing their worst.

Retrieval Augmented Generation (RAG) systems augment the process to make it behave more to our liking. Come hear what you can do to benefit from AI systems without fearing them.

We will cover examples using LangChain and LlamaIndex, two open source frameworks for working with LLMs and creating RAG infrastructure.

We will cover:

Introduction to LLMs
Risks and Limitations
Basic RAG Systems
Embeddings
Vector Databases
Prompt Engineering
Testing and Validating LLMs and RAG Systems
Advanced Techniques
AI as Judge

Spring has always been defined by its lightweight core. While there has been an overwhelming explosion in the external projects and protocols it integrates seamlessly with, it has also evolved internally to meet the needs of modern development requirements.

One of the biggest changes in the last several years has been the emergence of Reactive Spring, an attempt to embrace the idea of Reactive Systems in the Spring ecosystem. This is a vision of responsive, resilient, elastic systems. Unfortunately, code alone cannot solve the problems so this is a case where software and architecture meet.

You will learn about:

- The Reactive System vision
- How Spring absorbed these ideas without complicating or
  eliminating the more conventional styles
- How to build, test and consume Reactive Spring applications
- How to architect entire Reactive chains of interacting systems

There is plenty of discussion about how machine learning will be applied to cybersecurity initiatives, but there is precious little conversation about the actual vulnerabilities of these systems themselves. Fortunately, there are a handful of research groups doing the work to assess the threats we face in systematizing datadriven systems. In this session, I will introduce to the main concerns and how you can start to think about protecting against them.

We will mostly focus on the research findings of the Berryville Institute of Machine Learning. They have conducted a survey of the literature and have identified a taxonomy of the most common kinds of attacks including:

• Adversarial examples
• Data poisoning
• Manipulation of online systems
• Transfer learning attacks
• Breaching data confidentiality
• Undermining data trust

This will be a securityfocused discussion. Only basic understanding of machine learning will be required.

The Web is changing faster than you can imagine and it is going to continue to do so. Rather than starting over from scratch each time, it builds on what has succeeded already. Webs of Documents are giving way to machine-processable Webs of Information. We no longer care about data containers, we only care about data and how it connects to what we already know.

Roughly 25% of the Web is semantically marked up now and the search engines are indexing this information, enriching their knowledge graphs and rewarding you for providing them with this information.

In the past we had to try to convince developers to adopt new data models, storage engines, encoding schemes, etc. Now we no longer have to worry about that. Rich, reusable interface elements like Web Components can be built using Semantic Web technologies in ways that intermediate developers don’t have to understand but end users can still benefit from. Embedded JSON-LD now allows disparate organizations to communicate complex data sets of arbitrary information through documents without collaboration.

Perhaps the concepts of the Semantic Web initiative are new to you. Or perhaps you have been hearing for years how great technologies like RDF, SPARQL, SKOS and OWL are and have yet to see anything real come out of it.

Whether you are jazzed or jaded, this workshop will blow your mind and provide you with the understanding of a technological shift that is already upon us.

In this workshop, we will:

Explain the Web and Web architecture at a deeper level
Apply Web and Semantic Web technologies in the Enterprise and make them work together
Integrate structured and unstructured information
Create good, long-lived logical names (URIs) for information and services
Use the Resource Description Framework (RDF) to integrate documents, services and databases
Use popular RDF vocabularies such as Dublin Core, FOAF
Query RDF and non-RDF datastores with the SPARQL query language
Encode data in documents using RDFa and JSON-LD
Create self-describing, semantic Web Components
Model and use inferencing with the Web Ontology Language (OWL)

Architecture is a tool of structure and facilitation. It is a set of practices designed to elicit a capacity to absorb change. The Web is one of the most successful architectures ever built and most developers still have only a weak grasp on its implications. In the new world of mass technical layoffs, it will be more important than ever for developers, technologists, and architects to do more with less. It will be crucial to demonstrate a capacity to embrace change, not fear it.

In this workshop, we will connect the architecture of the Internet to the Web to API strategies to Linked Data and finally to Knowledge Graphs as a facilitating set of choices and practices to allow our information to embrace technical and business change. We can capture value for longer.

There is no question JavaScript has become one of the most popular and widely-used programming languages. Unfortunately popularity doesn't necessarily translate to easy-to-maintain or always appropriate. Large code bases become difficult to reason over due to JavaScript's dynamic nature and flexible development style.

As a result of their own internal struggles with large JavaScript projects, Microsoft tasked Anders Hejlsberg of Delphi and C# fame to design a solution to the problem. The result is an incredibly useful, fun and effective approach to improving JavaScript development without impacting how you deploy your projects.

TypeScript is a superset of JavaScript that brings static typing, modern JavaScript features that may not yet be supported in your environment and improved tooling and documentation. Surprisingly, the results are then transpiled down to whatever flavor of JavaScript you need for your runtime environment.

In this workshop, we will introduce to you:

• What TypeScript brings to the table and why you should care
• The new language features available
• Approaches to gradually adopt TypeScript in your project
• How runtime errors become compile time errors with types and static checking
• How your build processes do and don't change
• How to set up a more fun and productive (and hopefully less frustrating) development environment

Somewhere between the positions of “AI is going to change everything” and “AI is currently an overhyped means of propping up silicon valley unicorn valuations” lives a useful reality: AI research is producing tools that can be exploited safely, meaningfully, and responsibly. They can save you money, speed up delivery, and create
new opportunities that might not otherwise exist. The trick is understanding what they can do well and what is a big, red flag.

In this talk I will lay out a framework for considering a range of technologies that fall under the umbrella of AI and highlight the costs, benefits, and risks to help you make better choices about what to pursue and what to avoid.

If you are getting tired of the appearance of new types of databases… too bad. We are increasingly relying on a variety of data storage and retrieval systems for specific purposes. Data does not have a single shape and indexing strategies that work for one are not necessarily good fits for others. So after hierarchical, relational, object, graph, columnoriented, document, temporal, appendonly, and everything else, get ready for Vector Databases to assist in the systematization of machine learning systems.

This will be an overview of the benefits of vectors databases as well as an introduction to the major players.

We will focus on open source versus commercial players, hosted versus local deployments, and the attempts to add vector search capabilities to existing storage systems.

We will cover:

• A brief overview of vectors
• Why vectors are so important to machine learning and datadriven systems
• Overview of the offerings
• Adding vector search to other systems
• Sample use cases shown with one of the key open source engines

If you're not terrified, you're not paying attention.

Publishing information on the Web does not require us to just give it away. We have a series of tools and techniques for managing identity, authentication, authorization and encryption so we only share content with those we trust.

Before we tackle Web Security, however, we need to figure out what we mean by Security. We will pull from the worlds of Security Engineering and Software Security to lay the foundation for technical approaches to protecting our web resources. We will also discuss the assault on encryption, web security features and emerging technologies that will hopefully help strengthen our ability to protect what we hold dear.

Topics include:

• Security Engineering
• Software Security
• Encryption
• Authentication and Authorization Mechanisms
• Emerging Web Security Technologies

While still new to most people, WebAssembly provides a formidable vision of safe, fast, portable code. Through clever choices and well-considered design, the basic vision allows us to target browsers as a platform using a variety of languages other than (but compatible with) Javascript. This technology coupled with advancements in the Web platform are setting up the future of Web-delivered applications to look more like (and likely to replace) desktop applications.

The more interesting possibilities, however, will be realized when WebAssembly escapes the browser and ushers in a whole new era of ubiquitous, secure computing. We will discuss the various container environments and how they will solve some of the more persistent issues with more conventional software development technologies. Given the heterogeneity of modern architectures, you need a strategy for code use, reuse and positioning to best meet your customer’s needs.

We all basically understand what it means to build Internet-aware applications. But somewhere at the intersection of architecture, application development, protocols and networking, things get a little fuzzy. One of the most widely-used tools in the networking world doesn’t see as much use as it could in the software development world.

We will cover:

• The Internet’s Architecture and how it delegates functionality and evolves
• Networking Basics
• A packet-oriented walk through the Web stack
• How to capture, visualize and analyze application traffic
• How Wireshark can be used to identify performance and bandwidth issues
• How packet analysis can help identify security threats

Come see how you can improve your development skills by understanding more about networking.