Submit Search
Upload
Tune your App Perf (and get fit for summer)
•
0 likes
•
1,617 views
Sqreen
Follow
Tune your App Perf (and get fit for summer) @SqreenIO https://www.sqreen.io
Read less
Read more
Software
Report
Share
Report
Share
1 of 26
Download now
Download to read offline
Recommended
Ruby on Rails security in your Continuous Integration
Ruby on Rails security in your Continuous Integration
Sqreen
Instrument Rack to visualize Rails requests processing
Instrument Rack to visualize Rails requests processing
Sqreen
Application Security from the Inside - OWASP
Application Security from the Inside - OWASP
Sqreen
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
Sqreen
Serverless Security: What's Left To Protect
Serverless Security: What's Left To Protect
Guy Podjarny
Policy as code what helm developers need to know about security
Policy as code what helm developers need to know about security
LibbySchulze
Securing Serverless - By Breaking In
Securing Serverless - By Breaking In
Guy Podjarny
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
Lacework
Recommended
Ruby on Rails security in your Continuous Integration
Ruby on Rails security in your Continuous Integration
Sqreen
Instrument Rack to visualize Rails requests processing
Instrument Rack to visualize Rails requests processing
Sqreen
Application Security from the Inside - OWASP
Application Security from the Inside - OWASP
Sqreen
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
Sqreen
Serverless Security: What's Left To Protect
Serverless Security: What's Left To Protect
Guy Podjarny
Policy as code what helm developers need to know about security
Policy as code what helm developers need to know about security
LibbySchulze
Securing Serverless - By Breaking In
Securing Serverless - By Breaking In
Guy Podjarny
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...
Lacework
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
Sonatype
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Matt Raible
Signal r core workshop - netconf
Signal r core workshop - netconf
Miguel Angel Teheran Garcia
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
Felipe Prado
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Teri Radichel
Application Security in a Container World - Akash Mahajan - BCC 2017
Application Security in a Container World - Akash Mahajan - BCC 2017
CodeOps Technologies LLP
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Mohammed A. Imran
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security Threats
Lacework
Cloudefigo - From zero to secure in 1 minute
Cloudefigo - From zero to secure in 1 minute
Israel AWS User Group
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
Guy Podjarny
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Tirza DiOro
Mitigate Security Threats with SIEM
Mitigate Security Threats with SIEM
Akamai Developers & Admins
.NET Security (Radu Vunvulea)
.NET Security (Radu Vunvulea)
Radu Vunvulea
Better Bug Stomping with Zend Studio and Zend Server
Better Bug Stomping with Zend Studio and Zend Server
Zend by Rogue Wave Software
Lessons from running AppSync in prod
Lessons from running AppSync in prod
Yan Cui
10 things you can do at the edge
10 things you can do at the edge
Akamai Developers & Admins
Customer Story: Property Partner
Customer Story: Property Partner
Amazon Web Services
Syntribos API Security Test Automation
Syntribos API Security Test Automation
Matthew Valdes
Ignite Denver - Robots!
Ignite Denver - Robots!
360|Conferences
Empower every Azure Function to achieve more!!
Empower every Azure Function to achieve more!!
Massimo Bonanni
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDB
Sqreen
Bletchley
Bletchley
Diogo Mónica
More Related Content
What's hot
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
Sonatype
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Matt Raible
Signal r core workshop - netconf
Signal r core workshop - netconf
Miguel Angel Teheran Garcia
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
Felipe Prado
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Teri Radichel
Application Security in a Container World - Akash Mahajan - BCC 2017
Application Security in a Container World - Akash Mahajan - BCC 2017
CodeOps Technologies LLP
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Mohammed A. Imran
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security Threats
Lacework
Cloudefigo - From zero to secure in 1 minute
Cloudefigo - From zero to secure in 1 minute
Israel AWS User Group
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
Guy Podjarny
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Tirza DiOro
Mitigate Security Threats with SIEM
Mitigate Security Threats with SIEM
Akamai Developers & Admins
.NET Security (Radu Vunvulea)
.NET Security (Radu Vunvulea)
Radu Vunvulea
Better Bug Stomping with Zend Studio and Zend Server
Better Bug Stomping with Zend Studio and Zend Server
Zend by Rogue Wave Software
Lessons from running AppSync in prod
Lessons from running AppSync in prod
Yan Cui
10 things you can do at the edge
10 things you can do at the edge
Akamai Developers & Admins
Customer Story: Property Partner
Customer Story: Property Partner
Amazon Web Services
Syntribos API Security Test Automation
Syntribos API Security Test Automation
Matthew Valdes
Ignite Denver - Robots!
Ignite Denver - Robots!
360|Conferences
Empower every Azure Function to achieve more!!
Empower every Azure Function to achieve more!!
Massimo Bonanni
What's hot
(20)
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Signal r core workshop - netconf
Signal r core workshop - netconf
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
DEFCON 23 - Nir Valtman and Moshe Ferber - from zero to secure in 1
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Application Security in a Container World - Akash Mahajan - BCC 2017
Application Security in a Container World - Akash Mahajan - BCC 2017
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Automating security test using Selenium and OWASP ZAP - Practical DevSecOps
Lacework | Top 10 Cloud Security Threats
Lacework | Top 10 Cloud Security Threats
Cloudefigo - From zero to secure in 1 minute
Cloudefigo - From zero to secure in 1 minute
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Incapsula D3 - A Single Source of Truth for Security Issues - Pushing Siem L...
Mitigate Security Threats with SIEM
Mitigate Security Threats with SIEM
.NET Security (Radu Vunvulea)
.NET Security (Radu Vunvulea)
Better Bug Stomping with Zend Studio and Zend Server
Better Bug Stomping with Zend Studio and Zend Server
Lessons from running AppSync in prod
Lessons from running AppSync in prod
10 things you can do at the edge
10 things you can do at the edge
Customer Story: Property Partner
Customer Story: Property Partner
Syntribos API Security Test Automation
Syntribos API Security Test Automation
Ignite Denver - Robots!
Ignite Denver - Robots!
Empower every Azure Function to achieve more!!
Empower every Azure Function to achieve more!!
Viewers also liked
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDB
Sqreen
Bletchley
Bletchley
Diogo Mónica
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
Diogo Mónica
Leveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of Botnets
Diogo Mónica
PhD Thesis Diogo Mónica
PhD Thesis Diogo Mónica
Diogo Mónica
An IDS for browser hijacking
An IDS for browser hijacking
Diogo Mónica
WiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detection
Diogo Mónica
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Diogo Mónica
MultiPath TCP - The path to multipath
MultiPath TCP - The path to multipath
Diogo Mónica
Secure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial World
Diogo Mónica
ESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing Maps
Diogo Mónica
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Diogo Mónica
MTLS in a Microservices World
MTLS in a Microservices World
Diogo Mónica
How to-use-buffer-by-ella
How to-use-buffer-by-ella
Eleaza Rose Devilleres
From Second Screen to Multi-Screen: We Are Social's Guide to Social Screens
From Second Screen to Multi-Screen: We Are Social's Guide to Social Screens
We Are Social Singapore
Security best practices for kubernetes deployment
Security best practices for kubernetes deployment
Michael Cherny
SteadyBudget's Seed Funding Pitch Deck
SteadyBudget's Seed Funding Pitch Deck
Shape Integrated Software
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
Amazon Web Services
7 Tips to Beautiful PowerPoint by @itseugenec
7 Tips to Beautiful PowerPoint by @itseugenec
Eugene Cheng
The Minimum Loveable Product
The Minimum Loveable Product
The Happy Startup School
Viewers also liked
(20)
NoSQL Injections in Node.js - The case of MongoDB
NoSQL Injections in Node.js - The case of MongoDB
Bletchley
Bletchley
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
From 0 to 0xdeadbeef - security mistakes that will haunt your startup
Leveraging Honest Users: Stealth Command-and-Control of Botnets
Leveraging Honest Users: Stealth Command-and-Control of Botnets
PhD Thesis Diogo Mónica
PhD Thesis Diogo Mónica
An IDS for browser hijacking
An IDS for browser hijacking
WiFiHop - mitigating the Evil twin attack through multi-hop detection
WiFiHop - mitigating the Evil twin attack through multi-hop detection
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
Observable Non-Sybil Quorums Construction in One-Hop Wireless Ad Hoc Networks
MultiPath TCP - The path to multipath
MultiPath TCP - The path to multipath
Secure Software Distribution in an Adversarial World
Secure Software Distribution in an Adversarial World
ESORICS 2014: Local Password validation using Self-Organizing Maps
ESORICS 2014: Local Password validation using Self-Organizing Maps
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
Web Summit 2015 - Enterprise stage - Cloud, Open-Source, Security
MTLS in a Microservices World
MTLS in a Microservices World
How to-use-buffer-by-ella
How to-use-buffer-by-ella
From Second Screen to Multi-Screen: We Are Social's Guide to Social Screens
From Second Screen to Multi-Screen: We Are Social's Guide to Social Screens
Security best practices for kubernetes deployment
Security best practices for kubernetes deployment
SteadyBudget's Seed Funding Pitch Deck
SteadyBudget's Seed Funding Pitch Deck
Protecting Your Data With AWS KMS and AWS CloudHSM
Protecting Your Data With AWS KMS and AWS CloudHSM
7 Tips to Beautiful PowerPoint by @itseugenec
7 Tips to Beautiful PowerPoint by @itseugenec
The Minimum Loveable Product
The Minimum Loveable Product
Similar to Tune your App Perf (and get fit for summer)
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
Eric Smalling
How the Cloud Shifts the Burden of Security to Development
How the Cloud Shifts the Burden of Security to Development
Erika Barron
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
Cisco DevNet
360° Kubernetes Security: From Source Code to K8s Configuration Security
360° Kubernetes Security: From Source Code to K8s Configuration Security
DevOps.com
Delivering Java Applications? Ensure Top Performance Every Time, with Intell...
Delivering Java Applications? Ensure Top Performance Every Time, with Intell...
John Williams
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Amazon Web Services
Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps Pipelines
Amazon Web Services
Cncf checkov and bridgecrew
Cncf checkov and bridgecrew
LibbySchulze
Automating your AWS Security Operations
Automating your AWS Security Operations
Evident.io
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
Amazon Web Services
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
QAware GmbH
Automating your AWS Security Operations
Automating your AWS Security Operations
Amazon Web Services
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
Amazon Web Services
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
Amazon Web Services
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
Amazon Web Services
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
Amazon Web Services Korea
Monitoring for Operational Outcomes and Application Insights: Best Practices ...
Monitoring for Operational Outcomes and Application Insights: Best Practices ...
Amazon Web Services
Secure Configuration and Automation Overview
Secure Configuration and Automation Overview
Amazon Web Services
Continuous Delivery Pipeline in the Cloud – How to Achieve Continous Everything
Continuous Delivery Pipeline in the Cloud – How to Achieve Continous Everything
CA Technologies
Machine Learning to Turbo-Charge the Ops Portion of DevOps
Machine Learning to Turbo-Charge the Ops Portion of DevOps
Deborah Schalm
Similar to Tune your App Perf (and get fit for summer)
(20)
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
How the Cloud Shifts the Burden of Security to Development
How the Cloud Shifts the Burden of Security to Development
Implementing Fast IT Deploying Applications at the Pace of Innovation
Implementing Fast IT Deploying Applications at the Pace of Innovation
360° Kubernetes Security: From Source Code to K8s Configuration Security
360° Kubernetes Security: From Source Code to K8s Configuration Security
Delivering Java Applications? Ensure Top Performance Every Time, with Intell...
Delivering Java Applications? Ensure Top Performance Every Time, with Intell...
Using Security to Build with Confidence in AWS - Trend Micro
Using Security to Build with Confidence in AWS - Trend Micro
Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps Pipelines
Cncf checkov and bridgecrew
Cncf checkov and bridgecrew
Automating your AWS Security Operations
Automating your AWS Security Operations
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Kontinuierliche Sicherheitstests für APIs mit Testkube und OWASP ZAP
Automating your AWS Security Operations
Automating your AWS Security Operations
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
CI/CD Pipeline Security: Advanced Continuous Delivery Best Practices: Securit...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
클라우드 환경에서의 SIEMLESS 통합 보안 서비스, Alert Logic - 채현주 보안기술본부장, Openbase :: AWS Sum...
Monitoring for Operational Outcomes and Application Insights: Best Practices ...
Monitoring for Operational Outcomes and Application Insights: Best Practices ...
Secure Configuration and Automation Overview
Secure Configuration and Automation Overview
Continuous Delivery Pipeline in the Cloud – How to Achieve Continous Everything
Continuous Delivery Pipeline in the Cloud – How to Achieve Continous Everything
Machine Learning to Turbo-Charge the Ops Portion of DevOps
Machine Learning to Turbo-Charge the Ops Portion of DevOps
Recently uploaded
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
vaddepallysandeep122
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
preethippts
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
Ortus Solutions, Corp
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Stefano Stabellini
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
BrainSell Technologies
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
OnePlan Solutions
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
Sujith Sukumaran
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
Philip Schwarz
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
Technogeeks
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
Dinusha Kumarasiri
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Ahmed Mohamed
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
Diego Iván Oliveros Acosta
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
Hanief Utama
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
Livetecs LLC
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
Alina Yurenko
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
FerryKemperman
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
stazi3110
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
Velvetech LLC
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
smiwainfosol
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Mater
Recently uploaded
(20)
PREDICTING RIVER WATER QUALITY ppt presentation
PREDICTING RIVER WATER QUALITY ppt presentation
Odoo 14 - eLearning Module In Odoo 14 Enterprise
Odoo 14 - eLearning Module In Odoo 14 Enterprise
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
Xen Safety Embedded OSS Summit April 2024 v4.pdf
Xen Safety Embedded OSS Summit April 2024 v4.pdf
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Maximizing Efficiency and Profitability with OnePlan’s Professional Service A...
Intelligent Home Wi-Fi Solutions | ThinkPalm
Intelligent Home Wi-Fi Solutions | ThinkPalm
Folding Cheat Sheet #4 - fourth in a series
Folding Cheat Sheet #4 - fourth in a series
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
How to Track Employee Performance A Comprehensive Guide.pdf
How to Track Employee Performance A Comprehensive Guide.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Balasore Best It Company|| Top 10 IT Company || Balasore Software company Odisha
Ahmed Motair CV April 2024 (Senior SW Developer)
Ahmed Motair CV April 2024 (Senior SW Developer)
Tune your App Perf (and get fit for summer)
1.
Confidential & proprietary
© Sqreen, 2015 Tune your app perf (and get fit for summer) We make products antifragile
2.
© Sqreensqreen.io Jean-Baptiste Aviat CTO
@SqreenIO (https://sqreen.io) Former hacker at Apple (Red Team) @JbAviat jb@sqreen.io
3.
Confidential & proprietary
© Sqreen, 2015 – Donald Knuth “Premature optimization is the root of all evil.”
4.
Confidential & proprietary
© Sqreen, 2015sqreen.io « We don’t have bugs. » « Or maybe one… » « Okay, beta are done for that! »
5.
Confidential & proprietary
© Sqreen, 2015sqreen.io Sqreen behind the scenes Examine the environment Run code specific to the class of vulnerability Log security events Automatically check for Sqreen security rules updates While keeping the app fast.
6.
Confidential & proprietary
© Sqreen, 2015sqreen.io HTTP request anatomy DB Cache QueryQuery JSON request response Services Rails server Client Rails app code
7.
Confidential & proprietary
© Sqreen, 2015sqreen.io HTTP request with Sqreen QueryQuery DB Cache JSON Services Rails server Client Sqreen code request response Rails app code
8.
Confidential & proprietary
© Sqreen, 2015sqreen.io Attack blocked by Sqreen Attack Error Query Sqreen backend Log event DB CacheServices Rails server Client Sqreen code Rails app code
9.
Confidential & proprietary
© Sqreen, 2015sqreen.io Thanks early adopters, we owe you one! Our beta customers raised different concerns: 1. Average response time 2. CPU consumption (mostly machine facing APIs) 3. Memory usage 4. Bandwidth
10.
Confidential & proprietary
© Sqreen, 2015sqreen.io Endless path to perf optimization Know what you are looking for Measure: understand precisely what need change Pareto law: 80% of execution time is spent in 20% of your code Change: just code it Evaluate: compare to previous measures Start over. Change Evaluate Measure
11.
Confidential & proprietary
© Sqreen, 2015 What about our Gem?
12.
Confidential & proprietary
© Sqreen, 2015sqreen.io Sqreen code executed during a client request: doesn’t use network doesn’t interact with filesystem The decision to block is made in the application Back-end communication is performed in a dedicated thread Request processing Query
13.
Confidential & proprietary
© Sqreen, 2015sqreen.io Asynchronous by design Sqreen worker Rails threads Sqreen thread request response Rails server Sqreen backend Sqreen code Rails / app code
14.
Confidential & proprietary
© Sqreen, 2015sqreen.io 156ms Asynchronism benefits + X ms + XX % time 150ms 225ms + 0 % Default Dumb 0ms + 4 % Sqreen
15.
Confidential & proprietary
© Sqreen, 2015sqreen.io Reduce I/O Bandwith Memory Requests AggregateStrip Required? I/O
16.
Confidential & proprietary
© Sqreen, 2015sqreen.io ExecJS call time ExecJS allows many runtimes: V8 (close to Pure Ruby) JSCore (OSX only) Node (ExecJS runs the Node binary) miliseconds 0 17,5 35 52,5 70 Pure Ruby V8 JSCore (OSX) Node
17.
Confidential & proprietary
© Sqreen, 2015sqreen.io ExecJS memory usage Low memory usage But it leaks! @samsaffron helped a lot Can be solved using context recycling ExecJS should be reset regularly memory(MB) 0 175 350 525 700 seconds 0 150 300 450 600
18.
Confidential & proprietary
© Sqreen, 2015sqreen.io Optimize ExecJS use Reduce ExecJS spawn time Precompile everything Spawn ExecJS as less as possible We introduced pure Ruby pre-conditions Now the decision to call ExecJS is taken in Ruby
19.
Confidential & proprietary
© Sqreen, 2015sqreen.io Minimize ExecJS overhead Perform analysis only on requests using a risky API Pick relevant methods The JS engine is spawned and performs further analysis Analyze Check if the API uses arguments that can be vulnerable Validate exposure If there is a security risk, we block the request and alert our back-end Alert & block if method.include?(watch_methods) if method_arg.include?(parameters) if ExecJS.is_an_attack? tell_thread_to_record_alert block_this_request end end end
20.
Confidential & proprietary
© Sqreen, 2015sqreen.io Mem I/O CPU Band- width Reducing memory usage leads to smaller objects to be treated, faster garbage collection Memory Reducing CPU usage leads to overall faster process CPU Less bandwidth means less server occupation and leads to faster responses Bandwidth Reducing I/O reduces time needed for tasks I/O Virtuous circle of optimization
21.
Confidential & proprietary
© Sqreen, 2015sqreen.io Benefits of multithreading 144% (over dumb implementation)
22.
Confidential & proprietary
© Sqreen, 2015sqreen.io -1000% Benefits of V8 (over Node runtime)
23.
Confidential & proprietary
© Sqreen, 2015sqreen.io reduce leaks Benefits of recycling ExecJS context (garbage collection, overall memory usage…)
24.
Confidential & proprietary
© Sqreen, 2015sqreen.io just faster :) Benefits of pre-condition (less context recycling, less context switch…)
25.
Confidential & proprietary
© Sqreen, 2015sqreen.io Client perf is not all about client How to reduce I/O time without changing the client? The exposed APIs need to respond faster We are applying the same method to our back-end
26.
Confidential & proprietary
© Sqreen, 2015sqreen.io Set up your feedback loop Now, you should to monitor your performances (automatically)! And do the same with Security ;) Keep on coding…
Download now