PRE-CONFERENCE WORKSHOPS

1 December 2020

Thank you for your interest. All workshop slots have been taken up.

10am - 1pm

BECOME A GOOD SCRUM MASTER, HOW?

Time:
10am - 1pm

Marc Gong
Senior Director IES,
Agile Practice Lead,
SAP

Wan Siew Onn
Scrum Masters’ Partner,
AskOne

Joshua Lai
Agile Coach and Scrum Master,
Thales Digital Factory

FULL
Wonder how you can become a good scrum master?

In this workshop, you will learn about the knowledge repository and approaches beyond the framework. This workshop will also cover following topics:
  • How can you become a successful Scrum Master?
  • How can you be a good facilitator for your Scrum team?
  • How do you coach a Scrum team and 1-to-1?
  • How do you influence executives and senior management?

Who Should Attend

  • Scrum Masters
  • Team Leads
  • Managers
  • Agile Champions / Practitioners
  • Development Teams

Instructions for Attendees

  • Attendees should have Scrum Master experience of at least 3 - 6 months.

CODING DOJO: LEARN THE BASICS OF TDD & PAIR-PROGRAMMING

Time:
10am - 1pm

Michael Cheng
Lead Software Engineer,
GovTech

FULL
A Coding Dojo is where a bunch of coders get together to work on a programming challenge. They are there to have fun and to engage in Deliberate Practice in order to improve their skills.

The goal is to:
  • Improve your knowledge in a language / framework
  • Pick up a new programming language / framework
  • Inculcate developer practices (Test-Driven Development, Business-Driven Development, Pair-Programming)

At Coding Dojo, pairs of coders will be given a small coding puzzle they have to attempt together. This is called a Code Kata.

It is through practice - writing small changes, writing tests before writing code and collaborating - that we hope to share the knowledge of how modern software is now being built in the industry and at GovTech.

Who Should Attend

  • Tech and non-tech people who might be interested in finding out how developers use TDD & Pair-Programming to deliver working code.

Instructions for Attendees

  • Have an internet-enabled laptop
  • Install your favourite text editor (Visual Studio Code - it's free)
  • Install your preferred programming environments and runtimes

    Optional:
    • Download this repo here
    • Click here to read up about Pair-Programming
    • Watch this video here on how we should write tests

EXPLOITING VULNERABILITIES IN THE TECH STACK OF AN IOT ECOSYSTEM

Time:
10am - 1pm

Keith Tay
Cybersecurity Specialist,
GovTech

Goh Jing Loon
Associate Cybersecurity Specialist,
GovTech

Alvin JJ Lim
Associate Cybersecurity Specialist,
GovTech

FULL
The Internet of Things (IoT) offers many benefits to customers and organisations. Some uses of IoT include the monitoring of sensor data, monitoring of CCTV feeds and the remote control of smart devices. To make it easy for users to interact with IoT devices, Application Programming Interfaces (or APIs) are used in web applications to present sensor data and control the IoT devices over the internet.

As an attendee, you will gain valuable insights into identifying vulnerabilities in APIs, web applications and IoT devices. You will also receive hands-on experience in exploiting these weaknesses in a vulnerable IoT ecosystem set up to gain unauthorised access to systems/devices, leading to the compromise of the entire ecosystem.

In addition, the workshop will discuss some of the best practices and tools that you can use to help identify such vulnerabilities.

*Note: As the course is conducted remotely, attendees will be performing hands-on exercises in identifying and exploiting vulnerabilities in web applications/APIs. The presenters will showcase potential issues arising from IoT devices and cover the fundamentals in testing IoT devices for vulnerabilities.

Who Should Attend

  • Software Engineers
  • IoT Engineers
  • Security Managers

Instructions for Attendees

  • Understand and run simple commands on a Linux terminal
  • Possess basic programming skills (Python is preferred, but familiarity with any programming language is sufficient to execute the tasks)
  • Have an internet-enabled laptop with VMWare or Virtualbox (VM will be provided during the class)

UX AND WHY IT MATTERS TO YOU

Time:
10am - 1pm

Eunice Chan
UX Designer,
GovTech

Cheryl Wong
UX Designer,
GovTech

FULL
Ever wondered how a service is designed? Step into the mind of a UX designer and create user-centric services with us!

This is a fun, hands-on workshop for anyone who’s keen to learn how a user-centric service is created. You’ll get to discover pain points and ideate. Don’t worry, no UX experience is needed. (We hope you’re open to some role playing. It’s a great way to build empathy.)

Through this workshop, we want to give you a better understanding of UX and how it can help YOU in your daily work - regardless of the role you play in your project!

Key Takeaways:
  • Learn UX fundamentals and how it can help you in your field
  • Gain hands-on experience in UX methods practised by design leaders
  • Discover UX tips and resources for continuous learning
*Note: Workshop activities will not include wireframing and using design software tools eg. Sketch/Figma.

Who Should Attend

  • Developers / Business Analysts / Delivery/Product Managers / Product Owners
  • Anyone interested to have a basic understanding of UX

Instructions for Attendees

  • Have an internet-enabled desktop/laptop
  • Prepare two sheets of blank A4 paper
  • Prepare a marker (e.g. Sharpie - not pens!)

ZERO TO KUBERNETES

Time:
10am - 1pm

Daniele Polencic
Instructor,
Learnk8s

FULL
You've heard of Docker and Kubernetes, and you can tell that they are the next big thing to learn.

You want to master Kubernetes, but where should you start?

Enter Zero to Kubernetes: a step-by-step course on how to architect, develop and deploy applications in Kubernetes.

This course walks you through the full path from coding an application to deploying it to a production-grade Kubernetes cluster.

You will learn how to
  • Write a note-taking application in Node.js or Java
  • Package the app as a Docker image
  • Deploy the containerised application to a local Minikube cluster
  • Refactor your application to make it stateless and scalable
  • Deploy the improved application to a production-grade Kubernetes cluster on AWS

Who Should Attend

  • Docker and Kubernetes beginners
  • Developers who build and architect cloud-native applications
  • DevOps and system administrators

Instructions for Attendees

  • Have prior knowledge of Java or Javascript in order to follow along
  • Have an internet-enabled laptop, preferably with NodeJS or Java and administrator permissions to install new software
  • Have your favourite code editor ready (or download Visual Studio Code here).

2pm - 5pm

DEMYSTIFYING BROWSER EXPLOITATION

Time:
2pm - 5pm

Chang Yin Hong
Lead Cybersecurity Specialist,
GovTech

Eugene Ng
Lead Cybersecurity Specialist,
GovTech

FULL
"Zero-days" and "exploits" are terms that are frequently thrown about. Their inner workings however, may not be widely understood.

This workshop will demystify the art of exploitation and uncover techniques used by attackers to bypass exploit mitigations and weaponise vulnerabilities. At the end of the workshop, attendees will be able to develop a working exploit that achieves arbitrary code execution.

Who Should Attend

  • Application Developers
  • IT Security Personnel who wish to gain insights into how attackers exploit software

Instructions for Attendees

  • Have an internet-enabled laptop (installed with VMWare 14 and above, or VirtualBox 6 and above)
  • Ensure laptop is able to launch 64-bit Windows 10 virtual machine
  • Be comfortable with Windows environment
  • Be familiar with C++
  • Be familiar with JavaScript
  • Be able to read x86-64 assembly
  • Be familiar with Windbg as it will be the tool of choice for debugging
  • Ability to understand the concepts of stack and heap in terms of memory management would be an advantage

DEVELOPING WITH SG TECH STACK - MANUCA & EDGE TO SDX IN A BREEZE

Time:
2pm - 5pm

Gary Wong
Senior Delivery Manager,
GovTech

Loh Kian Chai
Senior Software Engineer,
GovTech

Derek Nam
Associate Software Engineer,
GovTech

Toh Kian Hui
Systems Engineer,
GovTech

Yap Zi Qi
Associate Embedded Software Engineer,
GovTech

Lau Lee Hong
Associate Embedded Software Engineer,
GovTech

Experience GovTech's new one-stop device and data management platform. This platform is an integration between the Device Control and Data Acquisition (DECADA) and Sensor Data Exchange Platform (SDX) via the eMbedded Advanced Network of Micro-Computing Applications (MANUCA) platform and DECADA Edge. We will demonstrate how sensor data flows from sensor devices to SDX via DECADA Cloud.

This workshop will also cover the architecture and features of both MANUCA, DECADA Edge and SDX, as well as its integration with DECADA Cloud. Attendees will get to experience the user journey of SDX, be introduced to the SDX self-help portal, and how it can facilitate SDX onboarding easily.

Who Should Attend

  • Agency Project Managers who are interested in using DECADA as their device management platform
  • Engineering Managers
  • Software Architects
  • Software Engineers
  • Embedded Systems Engineers who are interested in developing and / or evaluating sensor nodes

Instructions for Attendees

  • Have an internet-enabled laptop
  • Have prior knowledge of embedded software development (C/C++)

INTEGRATING WITH NATIONAL DIGITAL IDENTITY

Time:
2pm - 5pm

Jason Zheng
Senior Solution Architect,
GovTech

Eric Soh
Software Engineer,
GovTech

FULL
In this workshop, attendees will learn how to call the National Digital Identity (NDI) Application Programming Interface (API) to enable their applications with the NDI QR login and other NDI-trusted services like Digital Signing and SG Notify.

Who Should Attend

  • Application Developers
  • Solution Architects

PROTECT YOUR APP: REVERSE ENGINEERING TAMPERING MOBILE APPLICATIONS

Time:
2pm - 5pm

Thomas Lim
Associate Cybersecurity Specialist,
GovTech

Max Chee
Associate Cybersecurity Specialist,
GovTech

William Tan
Associate Cybersecurity Specialist,
GovTech

FULL
Today, the Android and iOS operating systems comprise more than 99% of the mobile OS market share. This makes mobile apps the most widespread kind of internet-capable applications. This technical workshop highlights the importance of securing your mobile applications.

Join us to learn basic reverse-engineering techniques to test the security of mobile applications. While we share how an attacker could tamper a mobile application, this workshop would also cover some mitigation measures to reduce such risks.

Who Should Attend

  • Mobile Application Developers
  • General Audience

Instructions for Attendees

  • Have an internet-enabled laptop with VMware / Virtualbox
  • Have a high level of understanding of what potential attackers of their mobile applications can do, and what common mistakes to look out for which can easily aid attackers to compromise their applications

Signing Documents for a Smarter Nation

Time:
2pm - 5pm

Pavel Chermyanin
Senior Developer,
iText Software

André Lemos
Global Lead of Product and Services,
iText Software

FULL
In this workshop, we will collectively build and integrate with the National Digital Identity (NDI) platform by GovTech. We will create a sample application that requires an authenticated and authorised user to digitally sign a contract.

We will go through the workflow by interacting with the NDI Sandbox server and build a web application which end users can access.

Who Should Attend

  • Developers who want to learn how to create a service that leverages the brand new GovTech service to build an even Smarter Nation.
  • Developers who are keen to leverage the GovTech service through service creation.

Instructions for Attendees

  • Be familiar with Java
  • Have an internet-enabled laptop with the following installed:
    • Java 8, and any Java IDE
    • Tunneller for localhost publishing on web (e.g.ngrok.com)
    • Maven 3.3, Git, PDF viewer (Acrobat or Foxit)
  • Preferably to have an Android smartphone with the National Digital Identity (NDI) Sandbox mobile app installed. Available from here.

TESTING FROM 0 TO 100 (FULL STACK TESTING)

Time:
2pm - 5pm

Tai Shi Ling
CEO,
UI-licious

FULL
Unit tests... API tests... UI tests... mocha... chai... jasmine... cucumber... enzyme...?

Want to introduce test automation into your project, but not sure where to start and what tools to use? Join this workshop!

Learn strategies for planning your tests, have your laptop ready for some hands-on practice on different testing techniques and libraries for testing the back-end to the front-end on a Real World project, and finally let's hook your tests up to your favourite CI/CD!

Who Should Attend

  • Any developer looking to get started on automated testing for their web stack

Instructions for Attendees

  • Have a basic understanding of Javascript
  • Have an internet-enabled laptop with the latest version of NodeJS installed

*Workshop schedule is subject to change.