Professional Development

Defend Against Cross Site Scripts and Vulnerable Components with The Media Trust

July 25, 2018 -- Finishing out our 2018 OWASP Top 10 Internet Security Vulnerabilities series, we went through defending against A7 and A9: Third Party Code Vulnerabilities and Cross Site Scripting Attacks alongside The Media Trust.

The Media Trust are experts in this field and we had a great night at Media Trust HQ. Networking and food happened.



OWASP 2018 at The Media Trust


Defend Against External Entities and Insecure Deserialization with Capital One

July 18, 2018 -- We covered Insecure Deserialization (A8) and XML External Entities (A4). In addition Liam Randall lead a discussion on endpoint security and presented his product Critical Stack, which serves to solve multiple container and endpoint security issues. Pizza and Refreshments were provided thanks to Capital One! There was much talk about Kubernetes as well. Great night!

OWASP 2018 at Capital One


GitGud: Introduction to Git

July 11, 2018 -- Git is a source code control tool that is widely used in numerous software projects to track a project and peoples' contribution. A code contribution (commit) is pushed to the main container of code (repository). But what if you need to change branches, undo a commit (revert), or merge two contributors' commits that conflict?

Mahdia, who uses (and troubleshoots) Git every day broke everything down into something we could commit to.

GitGud: Intro to Git


Defend Against Broken Authentication, Access Control, & Insufficient Monitoring

June 27, 2018 -- We were at Sevatec HQ in Crystal City this time to learn how to defend against OWASP - Broken Access Control (A2), Broken Authentication (A5), and Insufficient Monitoring and Logging (A10). Our team went through a small presentation on what A2, A5, and A10 vulnerabilities are.

The presentation included running code from an ASP.NET website that exhibits some of the vulnerabilities, and then possible ways to resolve them. The data we worked with was hosted on Azure Cloud.

OWASP 2018 at Sevatec

Shijit at Sevatec HQ

OWASP 2018 at Sevatec


Defend Against SQL Injection, Data Leaks, and Security Misconfigs with Symplicity

June 14, 2018 -- Security considerations must be an integral part of how software is designed and written. Proactively preventing security vulnerabilities requires understanding common vulnerabilities, knowing how they may be exploited, and knowing how to write code that does not introduce such vulnerabilities to your applications.

The OWASP Top 10 (https://www.owasp.org) describes the most commonly exploited security risks in web applications. In this session, we covered the following risks and how to code our applications to eliminate these risks:

  • SQL Injection
  • Sensitive Data Exposure
  • Security Misconfiguration

Food, Soda, venue, and Cyber Knowledge provided by Symplicity!

OWASP Cyber Night at Symplicity

Defend against the Top Ten: KickOff at The Media Trust

June 6, 2018 -- The main purpose of this series is to be an educational, hands-on series where companies involved in cybersecurity demo the current top 10 OWASP cyber vulnerabilities and how to defend against them through code and policy!

Current, 2018 OWASP Top Cybersecurity Vulnerabilities:

https://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf

This was the kickoff, with a panel discussion featuring Liam Randall from Capital One, Ameet Nayak and David D'Agostino from Symplicity, Sridhar Vishnubhotla and Mike McKinney from Sevatec, and Mark Salter from The Media Trust

Many thanks to Katie Gould for assistance in planning this kickoff! Food, refreshments, and beer were served courtesy of The Media Trust throughout the night :)


OWASP 2018 KickOff

Agile With Me @ Sevatec HQ

April 25, 2018 -- Agile methodology is a very popular project (and life) management tool. Sevatec, our sponsor for this event, practices Agile from start to finish on almost all of their contracts, with many top trained Agilists and Agile Coaches, who have worked on massive projects for Department of Homeland Security (DHS) and other federal agencies.

We were treated to pizza, soda, cookies, and the expertise of many friendly members of the Sevatec team at their beautiful headquarters in Fairfax. The entire event was treated as an interactive Agile exercise where the audience chose the discussion and focus points, in what may have been one of our most democratic nights to date!




Agile With Me @ Sevatec




Agile With Me @ Sevatec

Agile With Me @ Sevatec

Agile With Me @ Sevatec


Tailoring Talent With Talener

March 22, 2018 -- To Do: Resume Writing, Career Coaching, and Mentoring with the Mentor Method. Ever wondered how you are actually presenting yourself to the software world? Curious about finding a tech mentor? How to list a break in employment? Or show personal projects or work in tech?

We got the industry answers from an experienced Software Engineering Manager, a Marketing Manager, and a IT Consultant Business Owner. In partnership with Talener, a tech staffing firm in the Arlington area with a mission to connect tech talent with their best opportunity, we held this workshop on resume editing and career coaching.




Tailoring Talent With Talener


Tailoring Talent With Talener


Tailoring Talent With Talener


Developer Week 2018 Hackathon!

Code With Me crew Shijit Dasgupta, Diego Ruis, Sahid Bangura, and Wendy Lam headed out to San Francisco to represent and participate in the Developer Week 2018 Hackathon.

There were 160 teams participating total, and we got Honorable Mention #1 out of all the teams that participated for the Prime Sponsoring Company: NetApp. They gave out 12 prizes total.

We built a web application that utilized a Deep Learning Facial Recognition Engine, stored videos and scripts on the cloud, and alerted users through a messaging API.

http://www.developerweek.com/hackathon/

NetApp 2018 Hackathon Winners

Above: Developer Week 2018 NetApp Hackathon Winners

Sensible Face Judge Round CWM Crew


NetApp Winner

AWS is AWSOME! - Let Amazon Do It

Thursday Night, December 7th 2017

Cloud Services and specifically AWS are changing the software architecture!

We will go over EC2, S3, Lambda, ElasticSearch, DynamoDB and much more.

Prep: https://www.edureka.co/blog/what-is-aws/

Afternote: Brooks laid it down and got us all way more up to speed on what is going on with, and what the future of AWS land is looking like. This Code With Me event rounded out 2017. We probably had the largest and most diverse turnout to date! Really, thank you very much to everyone who made it out, and especially everyone who then went on to the holiday afterparty, and.. Hung Out With Us!

2017 Holiday Party

Above: Our 2017 Code With Me holiday afterparty. Have a great New Year and we look forward to seeing everyone again when we fire it back up, bigger and better for 2018!



JavaScript Language Series

A JavaScript Journey: Tumbling into TypeScript

April 12, 2018 -- Rounding out our JavaScript Language series this time around, we dove right into TypeScript, a superset of JavaScript that greatly enhances the quality and composability of our JavaScript code. TypeScript extends the class-based Object Oriented chops of JavaScript further than the latest stable ECMAScript versions, is statically typed, and even adds datatypes such as enums and tuples into the mix, not previously available to us in JS land! TypeScript is the official language of the very popular Angular framework (from version 2 on up), and has been rapidly growing in popularity ever since. We welcomed back Amy Hsieh, a Senior Front End Developer at The Washington Post, who works in Angular daily, to find out how we can achieve these superpowers too!

Setup documentation and presentation materials:

Coming Soon...




TypeScript

A JavaScript Journey: CodeWithMeFLIX

April 5, 2018 -- On this night, Jeremy Feder went through an alternative approach to building more or less the same App that we built in our previous, FakeFLIX Open Movie Database API interfacing Web App. Our prior version built this project out with straight-up, vanilla ES6 JavaScript, which, while being extremely deep and feature-rich for learning purposes, is fairly time consuming and complex. More often then not, you may want to pull in a library or two to take care of some of the work for you, and that’s exactly what we did. Jeremy went through a simplified version of this App, line-by-line for review purposes, pulling in Axios to handle our HTTP requests/responses, and some simple jQuery for templating purposes, plus a few extra error-handling tips to boot.

Github Repo here:

https://github.com/JeremyFeder/CodeWithMeFLIX





CodeWithMeFLIX

A JavaScript Journey: FakeFLIX

March 29, 2018 -- Joel Reniker gave a comprehensive run-through of a Web App made to tie all of the JavaScript we’ve learned together, and then some. Coded in HTML, CSS, and then straight vanilla ES6 JavaScript, we went through a simple, fully working application using the promise architecture of the Fetch API to make live API requests to an Internet Movie Database style API server (Open Movie Database, or OMDb), and then display our responses (movies and movie information) dynamically in a Netflix-stylized webpage.

Github Repo and Powerpoint presentation for this relatively intense night here:

https://github.com/joeldevlearning/javascript-3




JavaScript

A JavaScript Journey: Promise Me No Promises

March 29, 2018 -- Joel Reniker and Matt Kiger explained how "promises" work in a couple of different formats, with several examples, in order to make our asynchronus JavaScript code much more managable.

Github Repo for this night here:

https://github.com/CWMe/JavaScript_2018




JavaScript

A JavaScript Journey: ES5 "Let" It Go

March 8, 2018 -- Learn JS! We went over some of the newer ES6+ features, with examples and challenges.

The full slide presentation as given by Mahdia Hashimy and Wendy Lam can be found here:

JavaScript Journey Learn Night - Let It Go




JavaScript Learn Night



Python Language Series

The Python Perspective: Protecting People, Places, & Passwords

May 24, 2018 -- Python shows up in most "favorite" lists for most programmers! It is an easy to learn and intuitive language!

In this "Make" type of Meetup we explored the Cyber Security capabilities of Python! For this Python project we created a simple rainbow table from a list of common plaintext passwords and then tried to find the plaintext passwords from a list of hashed passwords that an attacker might have recovered. This technique: "rainbow attack" can be devastating, so talked about solutions as well.




Python

The Python Perspective: Parsing Pages

May 3, 2018 -- Python shows up in most "favorite" lists for most programmers, and it is an easy to learn and intuitive language. In this "Practice" style Meetup covered the basics of webscraping. Our goal by the end of the Night was to find the 5 most common words of the Jane Austen Novel "Sense and Sensibility", excluding the common helper verbs and prepositions.




Python

Java Language Series

Jamming with Java: Accelerating Algorithms

February 27, 2018 -- We discussed the basics of what are algorithms, when and why to use them, and how to improve the efficiency of our code with them. Several Java code samples and a quick coding challenge.

We covered: Time Complexity, Linear and Binary Search, Merge and Quick Sorting, Iteration, Recursion, and an overview and solution to Dijkstra's Algorithm/Shortest Path/Traveling Salesman Problem.




Java

Jamming with Java: Make Mobile Android Apps!

February 22, 2018 -- We learned from a Mobile Engineer on how to construct Java apps for the Android environment on Android Studio! Had a brief talk on how to get setup, then went over tools and what it takes to be an Android Developer. In addition, we implemented a scheduler for our Movie Theater System from Build Night!




Java

Jamming with Java: Build a Movie Theater

February 15, 2018 -- Our objective? Create a Movie Theater Reservation System.

With Brooks Isoldi at the helm, we designed and wrote a Ticket Service that provided the following functions:

Find the number of seats available within the venue (Note: available seats are seats that are neither held nor reserved).

Find and hold the best available seats on behalf of a customer (Note: each ticket hold should expire within a set number of seconds).

Reserve and commit a specific group of held seats for a customer.




Java

Jamming with Java: Data Structures Practice

February 1, 2018 -- We reviewed Data Structures in Java and did an overview of Collections. Then went into three sample problems and solutions. Lastly we posed the Movie Theater Problem and saw how we might solve it! We lastly presented our solution. Incorporated what we learned from the Animal Kingdom Java Example (From our previous Learn Night): Objects, Classes, Methods, OOP Basics, Inheritance, Polymorphism, Encapsulation, Overriding, and Interfaces.

Two helpful links:

http://toolsqa.com/java/data-structure/
http://www.informit.com/articles/article.aspx?p=368648&seqNum=2



Java

Jamming with Java: Learn about the Animal Kingdom

January 24, 2018 -- Java is the language everyone loves to hate, but hates to love. It is incredibly powerful and relevant from 1995 to today, with no indication of slowing down. Let's find out why! And since it is object-oriented, as is life - lets learn about the Animal Kingdom through Java!

Two excellent links to Java Fundamentals:

https://docs.oracle.com/javase/tutorial/java/concepts/
https://stackify.com/oops-concepts-in-java/



Java


2017 Events →