
Shirish Padalkar
Lead Consultant
ThoughtWorks
location_on India
Member since 7 years
Shirish Padalkar
Specialises In (based on submitted proposals)
Shirish Padalkar is a Lead Consultant at ThoughtWorks. He works as a developer and security specialist. He has been working on secure development and security testing for the last 9 years. Shirish is passionate about finding security vulnerabilities in software. He has reported vulnerabilities in multiple well known websites and received acclamation for it. Shirish has published the book “97 things every programmer should know - Extended”. He frequently speaks on security at conferences in ThoughtWorks.
-
keyboard_arrow_down
Journey from Callback to Promises to Async/Await
Smriti TutejaSr. ConsultantThoughtWorksShirish PadalkarLead ConsultantThoughtWorksschedule 4 years ago
Sold Out!45 Mins
Talk
Intermediate
In this world of asynchronicity, where it is easy to build applications using single page application frameworks, people struggle at the writing functional tests for such applications.
Understanding this asynchronous nature of newer tools and frameworks needs efforts. In this talk we will talk about our journey from writing test with callback (hell) to using Promises and finally achieving nirvana with the power of async/await in JavaScript.
This is a time travel of asynchronous programming and where does the future lie. The discussion will include:- Callbacks and their nested nature
- Removing callbacks with Promises
- And migrating to async/await
-
keyboard_arrow_down
Application Security - The Agile Way
45 Mins
Talk
Intermediate
Traditionally application security has involved upfront design and a big bang penetration test after development. This leads to the phenomenon of “bolt-on” security that translates into increased cost and complexity.
Drawing on our experience on real-world projects we show how security can be baked-in on an agile project. Using case studies we demonstrate how security concerns are captured during project inceptions, how developers write secure code, security testing is automated and how configuration management can help achieve secure deployments. This talk introduces several new concepts like secure by design, secure design patterns and lightweight code reviews. -
keyboard_arrow_down
Who will test your tests?
20 Mins
Talk
Intermediate
Did you work on a project where maintaining test suite was more painful than delivering new functionality? Let’s talk about the reasons of such non-deterministic test suites and some ways to fix it, so that you can trust your test suite again.
-
keyboard_arrow_down
Who will test your tests?
Yahya PoonawalaFull Stack DeveloperShopSociallyShirish PadalkarLead ConsultantThoughtWorksschedule 6 years ago
Sold Out!45 Mins
Talk
Intermediate
Some of us must have been on that one project, where your test suite was causing more problem than solving it. You change one thing, and hundred tests will fail. Your continuous integration build will fail randomly, but will pass if you just re-trigger it. This eventually leads to people losing all the trust on the test suite. They stop adding tests, because it’s more painful than writing production code. They start ignoring failing tests, because they fail randomly and nobody knows why. Everybody knows tests are now more trouble than help. In this talk, we will talk about some behaviours and reasons which lead to this "flaky test suite" situation. What are some development practices, which can avoid such situation. And finally we will also talk about how to fix this situation if you are already in it.
-
keyboard_arrow_down
Application Security - The Agile Way
45 Mins
Talk
Beginner
Traditionally application security has involved upfront design and a big bang penetration test after development. This leads to the phenomenon of “bolt-on” security that translates into increased cost and complexity.
Drawing on our experience on real-world projects, we show how security can be baked-in on an agile project. Using case studies we demonstrate how security concerns are captured during project inceptions, how developers write secure code, security testing is automated and how configuration management can help achieve secure deployments. This talk introduces several new concepts like secure by design, secure design patterns and lightweight code reviews.
-
No more submissions exist.
-
No more submissions exist.