Directly managed a teams of data scientists, data engineers, and cross-functional software engineers focused on improving yield management, real estate growth, advertising, and field operations for a 25k unit portfolio. Helped design, launch, and scale machine learning systems accounting for over $1.3Bn in gross revenue.
Developed secure authentication, identification, and privacy management tools and hosted SaaS platform for enterprise partners. Helped design and build a scalable, end-to-end encrypted database for managing consumers’ personally identifying information (PII).
Developed engineering plans for various clients in partnership with the engineering management team. Created prototypes and final implementations of advanced systems integration tools and API libraries.
Recipient of the Centurion Award
Recipient of the Computer Science, Engineering, and Mathematics Scholar Award
Security is an ongoing process not something to add right before your app launches. In this book, you’ll learn how to write secure PHP applications from first principles. Why wait until your site is attacked or your data is breached? Prevent your exposure by being aware of the ways a malicious user might hijack your web site or API. Discover how to secure your applications against many of the vulnerabilities exploited by attackers.
Sometimes, our use of PHP grows beyond the typical request/response cycle of dynamic page generation. Unfortunately, the threaded nature of PHP - and the stateless nature of the server - betrays any efforts to expand our utilization of the server. Image processing, video rendering, APNS (Apple Push Notification Service) integration - any of these can easily take longer than is reasonable for a simple page request. Enter tools like message and job queues that empower daemonized PHP workers to handle data processing in the background. Yet further tools enable long-running event loops and asynchronous Promise-driven operations. PHP isn’t multi-threaded, but that doesn’t mean you’re limited to a single-thread paradigm.
I demonstrate various use cases necessitating asynchronous operations, then delve into the code and the tools that make these systems work. Every attendee will leave armed with new ways to think about the management of large data jobs in PHP and an understanding of the tools they can use to make it happen.
The Open Web Application Security Project (OWASP) curates a list of the top ten security risks for web applications and how to mitigate them. The ever-changing world of web development created a challenge for the 2017 list, which needs to combine both existing approaches and modern trends in web development. This session takes a look at each item in the list from a PHP perspective, demonstrates what can go wrong, and makes sure that this won’t happen in our web sites.
This session will cover use cases, user groups, and a few proposed techniques for making both content and publishing tools available to those without high-speed Internet, 3G/4G connectivity, or traditional desktop publishing tools. It will also delve into some of the emerging technologies that make content more accessible to those with limited access (and the controversy surrounding them).
Properly securing your applications and data require an understanding of the threats facing them. Threat modeling is the methodology for identifying and quantifying the threats your application can and will face. There are a number of resources available for performing a threat model but this session will get you started building a strategy from nothing.