STACK Developer Conference 2022

Mrs Josephine Teo
Minister for Communications and Information, and Minister-in-charge of Smart Nation and Cybersecurity
Dr Janil Puthucheary
Senior Minister of State, Ministry of Communications and InformationMany large organisations have been quickly overtaken by the rapid progress of technology around them, and this is no exception for governments around the world. Venturing into the brave new world of technology is like a young person leaving home for the first time. It is full of freedom, excitement and anxiety, It is also full of risks, fear and uncertainties. Ignoring technology like Cloud, SaaS, full stack, etc., is no longer an option. The days of building bespoke monolithic systems from scratch is risky, costly and wasteful. The new world is about reusability, iterations and automation. It’s about talent, culture and design. The Singapore Government, like everyone else, needs to embrace this brave new world or risk becoming irrelevant.

Mr Chan Cheow Hoe
Government Chief Digital Officer and Deputy Chief Executive, GovTechCan SaaS and PaaS platforms handle the security, complexity, and scale of government IT? Join us as we explore how today’s Cloud 3.0-based platforms deliver on the 5 essential building blocks of digital transformation for Government. Learn how to leverage SaaS to increase agility, speed, security, reuse, and success in today’s most demanding government IT environments.

Mr Paul Tatum
Executive Vice President, Solution Engineering for Global Public Sector, SalesforceThe AWS Nitro System is the underlying platform for our next generation of EC2 instances that enables AWS to innovate faster, further reduce cost for our customers, and deliver added benefits like increased security and new instance types. AWS has completely re-imagined our virtualisation infrastructure. Traditionally, hypervisors protect the physical hardware and bios, virtualise the CPU, storage, networking, and provide a rich set of management capabilities. With the Nitro System, we are able to break apart those functions, offload them to dedicated hardware and software, and reduce costs by delivering practically all of the resources of a server to your instances. In this talk, we will explore the improved hardware-based security in the Nitro System, including how we can leverage this technology outside of traditional public cloud regions using AWS Outposts and Local Zones.

Mr Anthony Liguori
Vice President & Distinguished Engineer, Amazon Web ServicesTrust has become critical in the data-driven world. As digital activity continues to grow, more information on our lives becomes available online, and more decisions rely on online data; trust is crucial. Yet, it is easy to lose trust but difficult to rebuild it. This talk will address the technology and policy approaches to maintaining trust, deriving unbiased data-driven insights, and securing systems. It will illustrate how to build trustworthy systems for your users to interact confidently in the digital world.

Ms Rebecca Parsons
Chief Technology Officer, ThoughtworksWith impact from global trends such as the great resignation and quiet quitting, what is the current state and outlook for tech hiring and what does it mean for the tech sector? Join our panel as they share their insights and examine how a strong organisational tech culture and sense of purpose can have a great impact on both attracting and retaining talent, and the practical steps in engineering such a culture.

Mr Kok Ping Soon
Chief Executive, GovTech
Mr Noah Pepper
Former APAC Head, Stripe
Mr Frank Koo
Head of Asia, Talent and Learning Solutions, LinkedInCustomers and countries have an increasing dual challenge of modernising end-user experiences while defending against ever-increasing security threats. Zero trust is a paradigm that allows digital transformation to deliver innovative applications and architectures as well as evolving cybersecurity. This session will discuss zero trust through products and practices that protect applications, data, devices, identity, infrastructure, and networks on a national scale.

Mr Paul Lorimer
Corporate Vice President, Microsoft Enterprise and CloudGoogle Cloud has long enabled transformation in the public sector by providing a spectrum of security and compliance features and offerings to meet diverse needs of public sector customers. It is built on planet-scale, distributed infrastructure that thousands of customers across the globe rely on, and it continues to grow rapidly. Hear from Sachin Gupta, VP and GM of Google Cloud Infrastructure, about the latest enhancements in the infrastructure offerings focused on optimising cost, security, compliance, and ease of use as well as transformational benefits.

Mr Sachin Gupta
Vice President & General Manager, IaaS, Google CloudTraditionally, building data and AI applications in most enterprises has been complex because data is stored and processed across many disparate systems: data lakes such as Amazon S3, SQL data warehouses, message bus systems, and others. Enterprises have to staff large data engineering projects to move data across these systems, and end-users experience long delays and reliability problems. In the past few years, the cloud and open source have enabled a new class of data platform that unifies data lakes and warehouses, the lakehouse, and makes it significantly easier to share data across an organisation for all use cases. Because these platforms use open source formats, they are also directly usable in AI and streaming applications. I will describe how lakehouse systems such as the open source Delta Lake project, and how Databricks customers are using the lakehouse to achieve unprecedented scale and operational simplicity across analytics and AI use cases.

Mr Matei Zaharia
Co-founder & Chief Technologist, DatabricksImagine driving your car and looking for a place to park. You speak to your phone, asking for the nearest available parking slot. After a short while, you get a verbal response giving you direction to the nearest and available slot. A few technologies are at play here. First, we need to train a Deep Learning model to make accurate inferences. After that, the model can be deployed close to the data source to process the video frames. This is where Edge Computing comes into play, running the algorithm with the trained model. Through chatbots, analytics, database, AI and other solutions, you can be guided to the nearest slot. This presentation touches on several smart city use cases and the associated data pipeline as well as some of the key technologies and considerations to make our city smarter.

Mr Francis Han
Senior Director, OracleIt’s a common story: someone from the business wants to develop a new feature and delivery teams are excited to work on something new. But… a huge system lurking in the background is hard to change and slows everybody down. Most application modernisation initiatives seeking to improve such situations tend to be long and risky affairs driven by IT departments, while business stakeholders are unconvinced and reluctant to lend their support. In this talk, we will share how the Economic Development Board (EDB) and VMware Tanzu Labs tamed the ‘elephants’ in the room by using the Swift method to: - Understand how a monolithic legacy system supports existing business flows. - Future-proof an existing system by re-architecting it to be flexible to change. - Start small and make incremental gains with buy-in from the business.

Mr Leong Jern-Kuan
Project Director, EDB
Ms Liza Ng
Senior Member Of Technical Staff, VMware Tanzu LabsContinuous integration and delivery (CICD for short) has evolved quite a bit in the last few years, and in 2022 there are an abundance of different tools and methodologies for software developers to recruit in order to deliver their products to the market faster. In this talk, Aries will highlight some of these best practices, as well as dive into the future of what CICD looks like. Topics such as managing complex application state, application dependency management, and continuous security as a part of CI will be covered.

Mr Aries Youssefian
Product Architect, CloudCoverWhy do some data and AI projects thrive and make significant impact? And why do some data and AI projects struggle to deliver impact? Besides focusing on the technology that is used to power Data and AI projects, this talk invites participants to think deeply about the purpose of data and AI projects, putting people at the centre of it, and be an enabler for Tech for Good. Using lessons learned from working with some of the top companies in the world, the talk provides a practitioner's perspective on leading successful outcomes with practical guidance.

Dr Tok Wee Hyong
Senior Director, Cloud and AI, MicrosoftLearn how organisations can leverage on Singpass Transact APIs for the purpose of exchanging information and making decisions. The session is meant for business users and developers exploring to streamline their digital journey.

Mr Roland Tan
Assistant Director, GovTechIn this digital era, everything has moved online, even for frauds and scams. Be it spoofed websites, phishing emails, fake SMSes and calls, and various other creative ways of scamming the people are only on the rise. Government websites and other communication channels are especially vulnerable to scams as citizens may easily fall prey. It is thus vital to know what can be trusted on the Internet. At OGP, we believe in bringing public officers and the citizens together to fight scams, by providing means of building digital trust and secure collaboration. We will talk about GoGovSG and ForSG, a link shortener that authenticates communication between public officers and citizens. We will highlight the impact of this product and how it will continue to develop to play a role in our nation's defense-in-depth strategy against scams.

Ms Hena Shah
Product Manager, Open Government Products, GovTechCrowd counting outdoors is a challenging problem as there are no defined entrances and exits. Furthermore, using existing CCTVs may not always be ideal to detect and count people accurately due to factors such as camera mounting height, field-of-view and lighting conditions. In this talk, we present our work developing cloud-connected edge AI solutions that count the number of people present in outdoor spaces. This will provide facility operators with the real-time information they need to manage these spaces. We will provide an overview of the system architecture, hardware, algorithms, software and backend monitoring elements of our solution, as well as results from deployments.

Mr Kelvin Tan
Associate System Engineer, GovTechWith the widespread adoption of Kubernetes in organisations, engineering teams have found themselves managing a variety of clusters that differ in scale and usage. As the number of clusters grow, the complexity in managing them introduces new challenges for engineers to tackle. Maintaining clusters involves frequent changes related to upgrades, security and adding new components; a multi-cluster setup further complicates these operations. For engineering teams to be efficient and productive, an ideal multi-cluster management strategy and release workflow is paramount. This session aims to showcase how a multi-cluster release workflow can reduce operational overheads and streamline the cluster management with the aid of automation and GitOps best practices.

Mr Ernest Boey
DevOps Engineer, GovTech
Mr Azman Salleh
At Google, we build technology that helps people do more for the planet. For the STACK 2022 session, we will showcase a want to propose a deep dive and demo on a revolutionary technology from Google called Kubernetes config connector, which helps to simplify compliance and DevSecOps, FinOps.

Mr Ramneek Khurana
Customer Engineer, GoogleWe will be introducing the development journey of docComposer, previously known as ChopChopDoc. docComposer is definitely one of the more agile and bold cross-agency projects we've had so far! The presentation will be sharing about our onboarding to CStack, and our close collaboration with OGP and GovTech. We would also like to share how CPFB management has given the team the freedom and trust to build these products, giving us the opportunity to innovate not just for CPFB but for WOG too.

Mr Eugene Foo
IT Consultant, CPF Board
Mr Muhammad Nur Akmal Zubir
IT Consultant, CPF BoardGovernment Commercial Cloud (GCC) 1.0 was launched in 2018 as a “wrapper” platform that provides government agencies with a consistent means to adopt commercial cloud solutions. However, feedback received include concerns over the tedious process of onboarding the GCC, increased need for automation, cloud native solutions and for less service requests. The redesigning of GCC gave rise to GCC 2.0 which various refinement from the first version of the platform. This presentation will share the vision and key benefits of GCC 2.0, and how the design leads to acceleration of service delivery and service improvements for citizens and businesses.

Mr Tang Bing Wan
Director, GovTechEarlier this year, GovTech embarked on a journey to improve engineering collaboration and code sharing across the Government through the use of internal open source practices. In this talk, we will cover the background practices, challenges, as well as looking towards to the future.

Mr Hunter Nield
Distinguished Engineer, GovTechMy talk will share how we can deploy effective methodologies to generate the next generation of data intelligence and governance.

Mr Sachin Tonk
Deputy Director, GovTechThe future is increasingly hyper-connected, politically and technologically fractured, and filled with carbon markets. These disruptive trends give rise to new use cases, for example, in healthcare, maritime, and forestry domains. We discuss the new use cases with a combination of digital technologies, such as Data and AI / ML, Cloud, 5G, Satellite Communications, Un-manned Tech, AR/VR/MR/XR, and Cybersecurity.

Mr Clifton Phua
CTO, Digital Systems, ST EngineeringWhen we move towards the future of healthcare, the use of digital medicine will be prevalent. Yet, around the globe, most institutions have yet to develop a framework that ensure the digital medicines we prescribe one day will follow the stringent protocol of the pharmaceutical drug approval. In this talk, we will share how we adopt the software as a medical device framework and how we rationalise the cloud infrastructure that enables us to realise a robust and future proof cloud based digital medicine framework.

Dr Ng Kian Bee
Co-Director, gAmes for HeaLth InnoVations CentrESince 2013, Dataiku has been the leader in democratising data and empowering organisation-wide collaboration. In this talk, we will cover how some organisations have grasped and implemented robust analytics and AI programs and realised the full potential from these technologies. We will also share how to integrate data and AI organically throughout the organisation, as well as the importance of governance capabilities at an organisational and individual level. We believe that by allowing everyone to imagine, execute, control, and have governance over their work, data and AI become business assets that propel the company forward.

Ms Chua Hui Xiang
Senior Data Scientist, DataikuSingaporeans’ love for the internet is undeniable. According to a 2020 study, almost 90% of the population uses the internet, with an average time spent of 8 hours a day. With such a high internet penetration rate, providing a good web browsing experience to consumers is paramount. What are some of the factors contributing to a good digital experience? In terms of usability, the website must be readily available, load quickly and is easily searchable, so as to deliver its intended outcome to users of all demographics and abilities in a simple and efficient manner. At the same time, as we strive towards becoming a more inclusive society, web accessibility is also becoming a major priority, to make sure that a person with disabilities or physical limitations has equal access to the content like the rest of the online community. Over the years, the Whole-of-Government Application Analytics (WOGAA) has developed services to help agencies have a better grasp of how their digital services are performing, as the Singapore government strives towards the Digital Government Blueprint’s goal of becoming a digital-to-the-core Government that serves with heart. In this presentation, we hope to shed more light on how WOGAA helps to drive agencies to achieve excellence in areas such as usability, digital service availability and web content accessibility. This includes initiatives such as the Digital Service Awards, which provides positive reinforcement to motivate public officers to improve their digital services, as well as the Digital Service Dashboard, incorporating a set of KPIs to nudge agencies to achieve service excellence in areas such as Web Accessibility and Search Engine Optimisation. As Steve Jobs once said, If a user is having a problem, it's our problem. We hope that service owners recognise that usability is a shared responsibility among all stakeholders of a product, and through this presentation, audiences can learn about best practices and gain useful tips on how to better leverage WOGAA to improve their digital services to benefit their end users.

Mr Seah Ming Shu
Data Scientist, GovTechGCC consists of hundreds of accounts and network compartments (VPCs and VNETs) to segment different tenants and applications. This level of scale creates challenges around scalability, security, agility and segregation of traffic between applications in Cloud, and on-premises. Let's talk about how to design your highly available and secure multi-cloud networking in a large scale deployment!

Mr Sathiyamoorthi Chinnasamy
Lead Infrastructure Engineer, GovTechJoin us for an interactive session where we share our journey of setting up the community of Women In (Gov)Tech and learnings along the way. This is not only about women, it is for anyone who is looking to build high performing teams!

Ms Ramakrishnan Sowmya
Lead Product Manager, GovTech
Ms Liyana Muhammad Fauzi
Lead Product Manager, GovTechWith business increasing the pressure and demand for flexibility of development teams, the agile movement was pushed to the limit. CI/CD was born to reduce manual steps and the errors that arise from them, as well as increase the speed of going live. With DevOps, the teams also took on application responsibilities, from cradle to grave. Nevertheless, software security is still missing in many full-stack developers' resumes and application security responsibilities are still pushed off to the security department. This is a real pity, because agile, CI/CD and DevOps are security-enabling practices. This session explains Shift-left and early security enablement in the development lifecycle. As the application development becomes more developer-centric, the developer’s toolset must include new capabilities to match the new challenges. Learn about rugged software and supply chain cleanliness, and how to avoid the common pitfalls of modern application development strategies. Hear why security champions programmes tend to fail, compliance-driven security training is a waste of time and money, and why security teams struggle and fail to integrate security tooling in release pipelines. Take back the best practices, proven solutions and Shift Left beyond the development.

Mr Martin Knobloch
Global AppSec Strategist, Micro FocusMeet CloudSCAPE, GovTech's Cloud Security and Compliance Platform Ecosystem. Join us to find out how CloudSCAPE can help Agencies secure their Cloud deployments on GCC 2.0, and simplify compliance processes through automation!

Mr Eugene Ng
Deputy Director, GovTechIn the supply chain eco-system there are many vulnerable platforms that are trusted by the majority of developers. These platforms can be exploited in a number of ways by attackers. In this session we will show just a few of these attack vectors and techniques. We will examine supply chain vulnerabilities and flaws in three sections: source code management (SCM), package managers, and CI/CD.

Mr Ilay Goldman
Security Researcher, Aqua Security
Mr Yakir Kadkoda
Security Researcher, Aqua SecurityThe Singapore Government Developer Portal serves as a one-stop resource hub for Government Digital Products and Services. With a wealth of product and technical documentation, policy guidelines and community resources, the portal aims to support developers in their digital transformation journey. These include the Singapore Government Technology Stack (SGTS), a set of platform tools that streamline and simplifies the development process. The SGTS enables code reuse across the Government to build secure, high-quality applications. Over 40 agencies and 200 systems have benefited from the platform.

Mr Kevin Ng
Director, CODEX, GovTech
Ms Karen Kee
Deputy Director, Technology Management Office, GovTechWith increased digitalisation, more transactions are moving online, be it for commerce, leisure, learning, work or government services. Persons with disabilities will not be able to access important information or perform digital transactions if the content and platforms are not accessible to them. As such, there is an imperative to ensure that digital content and platforms are made accessible to them, especially for critical information and essential services. This session will share about the importance of e-accessibility, and offer tips on how to make your content e-accessible for persons with disabilities as we embark on this Smart City journey.

Mr Alvin Tan
Head, Technology Catalyst, SG Enable
Mr Josh Tseng
Head of Digital Accessibility Services, Etch EmpathyTo fuel pervasive use of service robotics in human spaces, safety and social compliance are necessary considerations. In this talk, we shall share our development journey to endow robots with capability to co-share space with people. We first describe our general safety provisions in conformance to the standards body. Then we shall share snippets in our technical development effort in simulations and prototyping.

Mr Wan Kong Wah
Senior Scientist, Institute for Infocomm ResearchUncover the technology advancements that secure sensitive and regulated data while it is processed in the cloud, preventing access by cloud providers, administrator and users, and increasing data privacy and security surrounding business and consumer data. Understand how this would help deliver new insights and collaboration by enabling multiparty data analytics and machine learning that combine datasets, while keeping data private among participants. Take advantage of the broad range of confidential compute offerings Azure provides, including hardware, services, SDKs, and deployment tools, as well as confidential computing solutions architectures can be rapidly applied to various use cases across government, financial services and healthcare.

Mr Cai Zonghe
Account Technology Strategist, Singapore Public Sector, Microsoft SingaporeAs most of the applications are moving to cloud it is important to find ways to develop cloud applications with agility, reduced cost, and quick time to market with flexibility to change. In this presentation, We will share: - how we used this method of local cloud development toolkit for building applications in an agile way. - how we use localstack to overcome development environment requirements in cloud for serverless apps and native services. - practical experience using such technique for some important apps which changed the course of things during pandemic, allowing faster time to market where speed is everything. - planning the development blueprint, reference design, cost optimisation areas, opportunities and next steps for future enhancements.

Mr Menon Abhijeet Mohankumar
Lead Solution Architect, GovTechSo you’re running microservices in containers? Congratulations! This is an important step towards meeting those business needs around delivering applications to the hands of your customers as soon as possible. When DevOps first made its way into many organisations, It was believed to be a Dev & Ops initiative. Sergiu will explain how the traditional expressions of CALMS (Culture, Automation, Lean, Measurement, and Sharing) are still relevant. How to stay up to date and where you can start on your DevOps Journey here in Singapore.

Mr Sergiu Bodiu
APAC Enterprise Strategic Deal Making & BVA Leader, Red HatAll projects should be primed for success in analytics right from the start. The data collected from policy implementations, or programme execution should address questions that will help finetune refinements down the road. The data generated from products and platforms should help inform how well it is working, and what new features to build, or what to tweak. But this is often not the reality. We need to do more to reduce analytics debt. Many projects face challenges with analytics downstream, potentially leading to disappointments from both from the business side, as well as the data science practitioners. In this sharing, the speaker will share more about Analytics By Design, which is a methodology that GovTech had mooted, and is piloting internally. Detailed Write-up here: https://go.gov.sg/analytics-by-design.

Mr Joseph Tan
Deputy Director, GovTechAmidst the COVID-19 pandemic, the healthcare sector has rapidly expanded and has been quick on the uptake of telehealth and other innovative services. Digital identities and the need to verify the authenticity of healthcare records have never been more important in a world that requires trust and identity. Verifiable Credentials (VCs) present a robust mechanism for digital verification, in a way that's seamless, secure and transparent. We discuss a particular implementation, known as OpenAttestation VCs, and how it allows for new innovations in healthcare delivery.

Mr Yeo Yong Kiat
Assistant Director, GovTech
Mr Barry Lim
Deputy Director, GovTechSharing on lessons learnt/experiences from scaling Agile using Large-Scale Scrum (LeSS) at MOM WINS division (in-house Agile development setup).

Mr Kelvin Soh
Senior Delivery Manager, GovTech
Mr Will Lin Zhixun
Senior Delivery Manager, GovTechAs cloud adoption within an organisation increases, it is only natural for engineering teams to start adopting more managed services. Over time, as the complexity of the cloud tech stack grows, it becomes increasingly hard, if not impossible, to replicate the production environment on a developer’s device or even in a shared location. At best, organisations maintain a couple of dev and staging environments that they try to keep as similar to production as possible. The challenge imposed by these handfuls of shared environments is that they become bottlenecks to delivery with multiple engineering teams jostling for their use. At Endowus, we went through a similar journey. Thus, in this session, we will share how we overcame this challenge by building an internal service to rapidly provide isolated production-like environments that enable parallel testing and deliveries by multiple engineering teams. By combining the power of Infrastructure as Code (IaC) with on-demand cloud infrastructure and managed services, we will demonstrate how we manage the lifecycle of these environments exposed through self-service APIs to provide a great platform experience to our development teams. We will also cover how we are now integrating this capability with our automated testing infrastructure to further accelerate our deliveries.

Mr Deepak Sarda
VP of Engineering, EndowusIn an increasingly manpower-lean operating environment, it is essential to design and develop applications that are resilient and minimise manpower efforts to monitor and mediate service interruptions. Application requirements have changed and escalated drastically over the past decade and more so with the advent of cloud. A fail-safe app development will need to employ techniques and methodology from multiple disciplines. For example, there is a plethora of different frameworks and approaches to building resilient applications: 1. System Reliability Engineering (SRE). This seeks to take a data-driven approach, with feedback for continuous improvement decisions. 2. DevSecOps with SHIP-HATS. This seeks to have a holistic approach to chain the activities from development, security to operations so that there are no gaps left behind to achieve a quality system that is ‘fail-safe’ to security vulnerability. 3. Architecture approaches such as Reactive architecture seek to be responsive, elastic, resilient, and message-driven. 4. Build compliant and cost-effective solutions by moving up skill levels in cloud adoption maturity with Containerisation, serverless solutions to minimise maintenance overheads, and IaC for automation maximisation. 5. Importantly, how do we align to WOG-level SGTS services, and direction including authentication – WOG AD/AAD/CAM, GTBA. 6. And, there is of course what I would call ‘common sense’ – foundations of computer science that are irrespective of the technologies that will be employed to build resilience of systems; such as the handling distributed transactions, respecting what constitute global state. In this talk, we seek to un-tangle the different approaches, which are all correct because they come from different stakeholder’s perspective. But how do we tie them together? What are the practical practice-able things that can be done to achieve ‘Fail-safe application development’? This is what this talk will share and will be interesting to seek feedback from practitioners from the audience in the session.

Mr Tan Pow Hwee
Director, Systems and Programmes, GovTechLegged robots are ubiquitous in today's pop culture and are often depicted as having extraordinary capabilities in viral videos. However, adopting them for use in the real world is not as simple. We will share the considerations behind fielding legged robots, and why they are particularly useful in rugged environments.

Mr Quek Yong Jian
Senior Engineer (Unmanned Ground Vehicles), DSTACome and hear from us on our ups and downs in attempting to shape designs of digital services and products while battling red tape, naysayers and pushing the designs to be future-ready.

Mr Leon Voon
Lead Designer, GovTechMore developers are using Infrastructure-as-Code (IaC) tools than ever to manage and deploy their resources onto the cloud. While IaC provides a huge array of benefits, there are other longer term considerations that developers should take note of when making use of it to deploy their applications. This session covers some of the mistakes that are commonly made by developers that are just starting out with Terraform, as well as some opinions on what might be better practices for developers who have used Terraform for awhile.

Mr Darryl Sw
DevOps Engineer, GovTechThe past few years have shown that all companies must become software companies if they want to quickly adapt and compete – and DevOps plays a critical role in helping businesses achieve this. But what’s the difference between DevOps tools and a DevOps platform? And how do company values impact the value of the company’s products? Join Sid Sijbrandij, CEO and Co-founder of GitLab (the One DevOps platform), as he answers why a platform has a greater impact on productivity, security, and operational excellence. You’ll also hear how values had a major impact on GitLab’s journey to create the One DevOps platform and how other companies can benefit from the culture-focused lessons learned by GitLab.

Mr Sytse 'Sid' Sijbrandij
Chief Executive Officer & Co-founder, GitLabIn this talk we discover how the role of Data in agile organisations has changed and how it is of equal if not more importance for organisations to change operationally in order adapt successfully on their data journey. We discuss the fundamental principles of adaptability and talk through some real-life examples of success and failures for transformation that we have observed in the field.

Mr Damian Leach
Chief Technology Officer, Asia Pacific and Japan, WorkdayAlmost every organisation is going through a rapid digital transformation to serve its customers and stakeholders, while creating efficiencies and cost savings in response to the macro economic environment. A successful digital transformation needs an effective data transformation and data culture to make sense of all the new data being generated. In this session, we will cover what the building blocks of an effective data transformation are that the most successful Fortune 500 companies use across various layers of data infrastructure, tools, people and process.

Mr Seth Cheong
Principal Success Manager, Tableau at SalesforceMITRE ATT&CK framework offers a taxonomy that can be used to describe any attack. This is very useful as we discuss the structure of an advanced attack that has multiple stages and is executed over time as a succession of achievement of tactical goals. In our research we notice that adoption of Zero Trust principles (assume breach, explicitly verify, use least privilege, continually assess), orchestrated by DevSecOps, the chances of detecting execution of procedures that employ techniques for carrying out a tactical goal, increase significantly. A study of tactics, techniques, and procedures (TTPs) carried out by use of Sunburst, a malware that was employed in the Solarigate attacks, shows that the most relevant zero trust principles whose adoption would help in detecting the TTPs are ‘assume breach’ and ‘continually assess’. Signals generated by activities of threat modeling, SAST, DAST, Pen Testing and additional techniques to observe process level characteristics and communication profiles of workloads during the development phase of the software development lifecycle, allow development of a baseline against which anomalies can be detected via continuous monitoring in runtime during the operational phase of the cycle. Machine Learning assisted contextual analysis of anomalies help identify TTPs and generate a risk score which is used to take an appropriate mitigation action. In our talk we discuss practical ways for leveraging DevSecOps to follow zero trust principles of ‘assume breach’ and ‘continually assess’, in order to detect TTPs thwarting hackers' attempts to reach their tactical goals.

Mr Mudit Tyagi
Senior Director for Innovations in Office of the CTO, F5SHIP-HATS is a continuous integration/continuous delivery component within the Singapore Government Tech Stack, we ensure security and governance guardrails to enable developers to run end to end pipelines, and deliver secure and quality code. With SHIP-HATS 2.0 latest multi-tenanted Gitlab SaaS platform, we provide development tools and environment setup in compliance with AIAS and IM8 policy standards for the whole of government. Join us as we share what DevSecOps is and how it can be applied on SHIP-HATS 2.0 to help developers automate the entire DevOps lifecycle. Understand how we can achieve pipeline governance and security with the compliance framework, observability and build-in security features. We will also be showcasing a bonus demonstration on how we can leverage Gitlab features to gamify the DevSecOps experience.

Mr Russell Chua
Associate Software Engineer, GovTechThis lightning talk covers what is the SEED suite and how it secures access to GCC 2.0 and SGTS applications. We will also cover the underlying principle of User Focused Security and the enhancements and developments to the SEED suite components over the past year.

Mr Samuel Loh
Senior DevOps Engineer, GovTech
Mr Mr Govind Venugopalan
Associate Cybersecurity Specialist, GovTechApplications have moved from being traditional monoliths to microservice services driven architecture. Similarly, data platforms are facing that transitional moment and the advent of a distributed data mesh is the data platform or microservices. Originated from Zhamak Dehghani, a ThoughtWorks consultant, a distributed data mesh is a platform architecture that supports distributed, data-specific domains and serves data-as-a-product owned and managed by different domain owners. This in turn enables data sharing between different domains across an organization with more feasibility and flexibility. To build a distributed data mesh, similar to how we build microservices, good DevOps practices must be in place in order to help iterate through changes and deploy updates quickly. For example, how do we efficiently deploy our data code? How do we manage different data environments across domains? Is it possible to create reproducible pipelines and infrastructure through an automated fashion? We will look at how a) using a data platform such as Snowflake extends a Data Mesh approach by enabling domains to not only share data as product but also processing logic as product. b) we embed DevOps tools (such as Jenkin, Terraform) and open source transformation tools (such as DBT and Apache Airflow) to build elastic data pipelines, repeatable infrastructure and scalable data products. c) governance is enforced within each domain and propagated downstream.

Mr Adrian Lee
Senior Solutions Engineer, SnowflakeAs the millions of dollars lost to scams continue to increase in Singapore, it has become clear that fighting scams is a national issue. To tackle this, a team at Open Government Products (OGP) has built an ecosystem of products to help members of public and government authorities in Singapore to check, report, and block scam messages and calls. During this talk, learn more about how the ScamShield team at OGP is leveraging the power of the community to identify and block scammers while simplifying the workload for police officers in their fight against scams, and how they are continuing to evolve their strategy towards a more holistic approach.

Ms Jennifer Liu
Product Manager, Open Government Products, GovTechAs the world comes out of the pandemic, governments and businesses have been put under great pressure to digitally transform their operations. With this high on the agenda, how can we best leverage the cloud and get ourselves from zero to running in the shortest time? This lightning talk will speak about the challenges and solutions to deliver running applications fast in public sector. Get ready, get set, get stacked up!

Mr Alex Chng
Senior Product Manager, GovTechAs agencies adopt more digital services as part of their digital transformation efforts, it has become increasingly challenging to discover, onboard and manage the different services separately. In this session, find out how different teams managing product discoverability, IAM, business and design, have come together to unify the user experience for the different digital services and what its future entails not just for agencies, but participating services as well.

Mr Teo Cheng Yong
Senior Software Engineer, GovTech
Mr Damien Ngor
Senior Delivery Manager, GovTechAs the Singapore government embarks on a massive digitalisation journey, there is also an increasing awareness about the importance of cybersecurity - the foundation of digital trust for our government's services. With awareness of it growing, cybersecurity has been said to be one of the biggest reasons why digitalisation is getting more expensive. This prompted me to investigate further to understand why. When we dove deeper, I came to realise that the biggest problem is that everyone wants to provide a solution even when we are not sure what the problem really is. It is akin to navigating cybersecurity in the digital darkness. By the end of this presentation, I hope to empower attendees on how to identify and avoid artificial constraints, think more critically about cybersecurity threats, and implement simpler systems and operations for better security performance.

Mr Chong Rong Hwa
Director, Cyber Security Group, GovTechThe contribution of this talk is two-fold: 1) Create a real time dashboard to monitor train platform crowd status. 2) Create a classification model to predict the crowd level of each MRT station. The multi-classification model is trained using random forest and SMOTE (Synthetic Minority Oversampling Technique). We use various types of data including train station information, weather information and train platform crowd levels collected from different data providers such as LTA, NEA and OneMap to monitor MRT platform crowd level in real-time. The monitor system is built on top of a big data framework. Big data ecosystem is established as follows: 1) Apache Flume and Kafka are used to ingest real time data. 2) Spark Streaming reads and processes the streaming data from Kafka and write the processed data into HBase. 3) Spark SQL and Hive are used to transfer data from HBase to MySQL. 4) Tableau is used to create real time dashboard to monitor and visualise MRT platform crowd status.

Ms Liu Fan
Institute of Systems Science, National University of SingaporeManagement insights through real-time dashboards for better visibility into events and metrics. Measure operations performance for better problem resolution and operations improvement.

Mr Karunakaran Prasanth Kumar
Director & Specialist Leader, MASWhy be satisfied with plain vanilla robots when you can soup them up? We discuss the various ways to enhance a robot's abilities through the integration of novel payloads, and the integration considerations that we need to look out for.

Mr Quek Yong Jian
Senior Engineer (Unmanned Ground Vehicles), DSTAObservability aka o11y (a term derived from Control Theory) encourages developers to create software that pushes out traces and logs, that captures the performance and app behaviour right from development to production. This session shares the benefits and how public sector developers can leverage the Singapore Government Tech Stack to improve observability.

Mr Paul George Karippaparambil
Senior Product Manager, GovTechWhat is the secret sauce behind high performing engineering teams? Countless books and podcasts have tackled the topic, but the answer is highly subjective and hence remains elusive. Inspiration usually strikes in the unlikeliest of places. David Chang's memoir - Eat a Peach, is a chronicle of his life as an entrepreneur, restaurateur, chef and media personality. This book was a very inspiring and entertaining read. But, more importantly, it made clear the core principles for building high performing teams, irrespective of whether it's a team of chefs and cooks plating up delicious food meal after meal or a team of engineers deploying code to production every day. Culture is a hard thing to get right since it's never as simple as following a prescribed set of steps to get the desired result. However, there are some core tenets that are non-negotiable to building high performing engineering teams. In this talk, I will cover the fundamental principles essential to setting up and nurturing efficient teams, inspired by the book as well as based on my experiences in working with high performing teams in the last few years. There'll be plenty of examples from the world of restaurants and software engineering alike!

Ms Archanaa Ravikumar
Head of Engineering, Autumn LifeDevOps is the combination of cultural philosophies, practices, and tools to increase development velocity to deliver apps. In general, practicing DevOps enables organisations to better serve customers and compete effectively in the market. Infrastructure as Code and release pipelines with CI/CD are two of best practices in DevOps, and considered the best entry for developers who just getting started with DevOps. Join us in this session to understand how we can implement IaC and CI/CD using AWS Cloud Development Kit. We will show you a step-by-step demo to help you get started. After this session, you will understand the overall concept of IaC and CI/CD, AWS services you need to use and developer tools for seamless integration with your development workflow.

Mr Donnie Prakoso
Principal Developer Advocate, AWSA short talk on what Apache Iceberg is, how Cloudera integrated it into our platform and a showcase of main Iceberg features like query time travel, partition evolution and automated table maintenance.

Mr Daniel Schöberle
Senior Solutions Engineer, ClouderaSmartGym is a holistic health and fitness data platform that provides users with fitness insights measured through a series of connected sensors built into gym equipment and health metric measurements. These sensors are currently installed on three types of gym equipment: 1) weight stack machines; 2) treadmills; and 3) weighing machines. SmartGym equipment is currently deployed in three community gyms across Singapore – Our Tampines Hub, Jurong East and Heartbeat @ Bedok. Personalised Fitness Goal Setting builds on health and fitness data to personalise the recommended workout intensity to the needs of each individual. The users are guided through their workout sessions to achieve their health and fitness goals.

Mr Caleb Lee
System Engineer, GovTechDigital twin is a real time virtual representation of a real world physical system. A digital twin at the national level is increasingly important as it allows simulation, testing and monitoring before implementing changes in the real world. It supports the planning process before deployment, operation management and historical studies that will facilitate use case discovery.

Mr James Tan
Director, Sensors and IoT, GovTechIRAS has embarked on our cloud native journey, building our core system with predominantly PaaS and SaaS components. This has helped us move towards: - shortening the turnaround time to setup systems in the cloud. - improving availability, maintainability and scalability. - achieving zero downtime. However, there were also lessons learnt regarding: - how infallible are PaaS and SaaS services. - scaling limits of cloud components. - etc. IRAS will share on what we have learnt from our cloud native journey thus far - i.e. things we wish we knew before we embarked on our journey.

Mr Peter Teo
Lead Architect, IRASDevOps has reaped great benefits on project delivery and delivered much business value to users, and this session demystifies and showcases how we can run ShipHat 2.0 on SaaS.

Mr Alex Lew
Senior Program Architect, SalesforceSharing the experiences of setting up projects like GCC 2.0 and SEED, with the need for many different roles for a project to succeed. This talk covers some of the critical common engineering and non-engineering roles that were instrumental during our journey implementing GCC 2.0 and SEED. This session intends to share possible specialties for those who are new to government projects, and hopefully inspires interest for more talents to join us in our journey in designing our imagined futures.

Ms Koh Lay Hian
Senior Infrastructure Architect, GovTech
Mr Samuel Loh
Senior DevOps Engineer, GovTechIn this talk, Samantha will share how her team employs a mix of Environment Branching, Canary and Blue-Green Deployment strategies to achieve a lower cortisol deployment experience.

Ms Samantha Wong
Software Engineer, GovTechCloud FinOps involves cloud financial management discipline and cultural practices that enable organisations to get maximum business value by helping engineering, finance, technology and business teams to collaborate on data-driven spending decisions. Forward-thinking organisations are adopting new cost optimisation techniques that move beyond the traditional to a more automated, intelligent approach that delivers better business outcomes. In this talk, we will share how we automated the Cloud FinOps across organisations and share real life experiences from large scale cloud operations: - How to make costs visible and relate them to business needs. - How to reduce cloud costs while optimising application performance. - How to leverage automation to save money and reduce time spent managing your cloud spend. - How to establish a proactive culture around cloud cost monitoring, management, and optimisation. - How to leverage cloud cost intelligence to make more informed business decisions. - How to develop benchmarks for cloud forecasting and Shift-Left practices on Cloud FinOps. - How to implement Cloud FinOps maturity assessment.

Dr T S Sakthivel
Director, Solution Architect Office (SAO), GovTechLet’s automate everything! Sounds familiar? Automation is indeed the fundamental of DevOps to improve software delivery performance across the build, test and deployment stages. However, automation is a double-edged sword, without a proper planning and a well-defined process, the results can be disastrous or there can be no result at all. Developing automation in DevOps is not as straightforward as saying let’s automate everything because it may involve different tools and processes for different stages. Although we very much hope that these tools are plug-and-play, there is no one-size-fits-all process so we need a team, typically DevOps/SRE engineers, to develop tool-specific scripts. Why is it so challenging to automate everything despite a strong push for automation in DevOps? Automation development is similar to product development in some ways. Although the goal is to improve software delivery performance, the main beneficiaries are the developers and operations team because it offloads them from repetitive and mundane tasks. So whether the automation eventually gets implemented in production, it really depends on them. If the automation is not going to help them in any ways, you’ll see all your efforts in the bin. Or, if they’re asking for something not realistic, it’s not going to benefit anyone as well so sometimes it’s not because of the technology but the human element that’s hindering the automation development. This is where Design Thinking comes into play. You’ll learn the practical adoption of Design Thinking and how we use it to approach automation development. By the end of the session, we can all call ourselves Automation Designers (if you pay attention and grasp the concept well).

Mr Owi Wei How
DevOps Senior Solution Specialist, OracleAs we start increasing adoption of the cloud to unlock infrastructure elasticity and modernize application architectures for scale, this is transforming how your security boundaries are defined and controlled. Changing boundaries require changing approaches in how we secure critical systems and data sources from attackers. In this session, we will talk about how HashiCorp Vault allows you to achieve a dynamic security posture that is intended to help thwart both external and internal hostile actors. We will also review Vault’s architecture and how it is able to scale to handle trillions of transactions a year.

Mr Johnny Fang
Senior Solutions Engineer, HashiCorpAPIs, or Application Programming Interfaces, are like doors that provide access to information and functionality to other systems but they are more than just backend technical implementation. APIs are products for developers that build today’s customer experience and mechanism through which value is increasingly exchanged in digital economies. Within the government, APIs are key in facilitating data exchange, opening up collaboration and innovation across different teams and agencies. Externally, they are enabling our digital economy and driving efficiency for businesses. To realise the value of APIs as accelerators, it is important to adopt an API as a Product mindset – to design and deliver APIs with full lifecycles and long term roadmaps that continue to provide strategic value.

Mr Zen Chua
Lead Product Manager, GovTechDigital transformation requires Human Transformation which in turn requires a personal and cultural commitment to continuous learning. This session will explore current trends in continuous learning based on data from DevOps Institute's 2022 Upskilling IT community research report. The session will focus on five skill domains: Process, Human, Technical, Automation and Leadership. Within each domain, attendees will learn which specific skills or topics are considered must have, nice to have and not as important in both the APAC region and on a global level.

Ms Jayne Groll
CEO and Co-founder, DevOps Institute{{I2C}} which, represents Infrastructure-to-Code, is a toolkit developed by the Government Infrastructure Group to enable Agencies to quickly provision cloud resources in a consistent and repeatable manner with minimum effort. It embodies automation best practices to codify existing environments thus supporting use cases such as configuration backup, rapid duplication and recovery of systems, effortless setup of one environment from another – for example setting up a new production environment from an existing UAT environment. Join us to learn more about how {{I2C}} can help you save time and effort while eliminating human error when managing systems and multiple environments in the cloud.

Mr Nicholas Ni
Senior Infrastructure Engineer, GovTechWith the prevalence of high-resolution cameras to enable operations work, organisations are able to derive more insights from video content – from simple detection and alerts, to complex intelligence about behaviours and events. Over time, agencies may implement video systems from different sources that inevitably hamper video access, video sharing and insights generation. In GovTech, we intend to address this problem via Cloud Video Exchange (CVX). We will share our approach for using CVX to empower Government agencies to unify their video systems on a single cloud platform, increasing collaboration and productivity. Together with industry partners, we seek to democratise video content and sharing of insights within and across organisations.

Mr Suresh Kumar Sarad
Product Manager, GovTechSGDex (Singapore Data Exchange), an initiative by GovTech, is a public digital infrastructure hosted on the Government on Commercial Cloud (GCC). SGDex provides a flexible data exchange layer for trusted and seamless multilateral consent-based data sharing between government agencies and private sector organisations. SGDex enables faster development of scalable, secure and resilient sector-level data applications which can leverage standardised data exchange components. As the economy’s pace of digitalisation accelerates, businesses will need to exchange data in a secure manner with each other and the Government to unlock new opportunities. A proper combination of technologies and public-private collaboration is needed to build scalable and secure platforms that perform standards-based data exchanges, and support the automation of the data flow and interoperability between platforms. SGDex currently supports data platforms in the financial services and supply chain sectors, Singapore Financial Data Exchange (SGFinDex) and Singapore Trade Data Exchange (SGTraDex) respectively.

Mr Daryl Low
Assistant Director, GovTechSenior executives in companies need to move away from the belief that cybersecurity issues are relevant only to the IT team. In a world where cybersecurity issues are getting increasingly complex and challenging, this calls for strong leadership right from the top in fostering the security culture of the entire organisation. This presentation looks at the role that Chief Information Security Officers (CISO) play in shaping the security culture in organisations and ensuring security issues are addressed at the right organisational level. Presenter will share on the setup of the community of CISOs across the whole of government and how this network of CISOs forms a core fabric in the Government's cyber defence.

Mr Derek Gooh
Director of Government CISO Office, GovTechIn 2021, cyber criminals impersonating OCBC Bank through text messages successfully scammed hundreds of Singaporeans of their life savings. In May ‘22, the FBI reported up to $43 billion dollars of business losses to cyber criminals due to similar social engineered attacks between 2016 and 2021. Instead of a spray and pray method where the same attack is sent to multiple users, cyber criminals are now pivoting to highly targeted social engineered attacks. They attempt to gain your trust by impersonating someone you already know or trust - your manager, your colleagues etc. They then aim to trick you into executing the cyber attack, be it running malware, providing your credentials or sending money to a fake bank account. However, legacy security solutions that have defended us against cyber threats are built on brittle rules and threat intelligence feeds - this lends them to perform poorly against these zero day, hyper targeted attacks. In order to solve these emerging threats, one would need a completely new approach - we propose that a behavioral detection engine with modern ML techniques would deliver a solution with both higher recall and precision. In place of building lists of known bad entities, we propose first building profiles of what is considered normal within user environments. Machine Learning models trained to detect deviations against this baseline understanding of normality are then capable of differentiating attacker vs safe user behavior with a higher level of accuracy. I am a founding engineer at Abnormal Security, a next-gen Email Security startup. I’ve spent the last four years building this behavioral detection engine that aims to detect all types of malicious emails, especially socially engineered email attacks (e.g. sending a Fake Invoice while impersonating a Vendor). In my proposed talk, I will discuss the unique parameters of modern cybersecurity attacks in relation to machine learning, particularly the adversarial nature of the problem and how it shows up in data and model performance. Using the email security problem as an example, I will then discuss the requirements of a robust threat detection system, describing how both ML and software systems are required to solve cyberthreats in different time horizons. I will then focus on our machine learning stack, discussing how we incorporate the behavioral detection approach with our feature aggregation engine, the various components of ML solution and their various results.

Mr Lee Yu Zhou
Founding Engineer, Abnormal SecurityA Smart Nation is built together with her citizens. However, despite the rapid adoption of technology amongst the people, agencies still find it challenging to engage the nation not only at scale but also in an operationally efficient manner, and harness the power of the collective intelligence of the crowd. From citizens with specialised skill sets to the ideas and feedback of the general public, the citizens of a nation in collaboration with the government presents as an untapped mine of possibilities. Following in the footsteps of successful brands and companies, gamification is a concept that has been used to engage customers and fans on a global scale with much success. Regardless of age, culture or language, play is a term that is widely understood by the crowd and is an effective tool to drive meaningful engagement with an audience. At Crowdtask.sg, we believe that gamification can be the spark that drives the ethos of a more engaged nation. We are excited to share the different ways gamification can help shape the behavior of the nation, where the ultimate goal is to have citizens intrinsically motivated to engage with agencies to build better products and policies. We are also proud to introduce our newly launched platform, which will help push Singapore towards a smarter tomorrow.

Mr Kenneth Lo
Software Engineer, GovTechAs volume of video data grows, it comes to a point where identifying and categorising videos based on relevant concepts becomes very laborious. With the advancement of AI technology, it is possible for a less labour-intensive method to derive context from videos that can help the retrieval of relevant video content more easily. Govtech’s Video Analytics System (VAS) intends to address this with the implementation of Video Indexer. Powered by Azure Cognitive services, we will share our views and approach of how agencies can adopt AI-enabled computer vision solutions for their use cases, utilising both commercial-off-the-shelf (COTS) and those built by Govtech’s DSAID-VA team. With VAS as a platform for VA, we intend to bring ease of access to video analytics capabilities across WOG agencies.

Mr Henry Lim
Lead Product Manager, GovTechWhat does it truly mean to modernise? In your journey to cloud, you will have some applications you rewrite or refactor into new cloud native workloads. As a developer, you have choices for deployment, including container based platforms based on Kubernetes, Event Driven Architectures with Kafka and Lambda, and many others. With all the architecture options for compute, this session will focus on key pillars for modernisation, including strategies for workloads, automation, DevOps, performance, resiliency, observability, security, and culture.

Mr Roland Barcia
Director, Serverless Solution Architecture, AWS
Mr Ned Shawa
Senior Director, Solutions Engineering APJ, HashiCorpDo you want to better understand what it takes to migrate a critical e-commerce client from a legacy on-premise system to Cloud? Want to learn more about the steps to migrate, its risks/pitfalls and the end to end methodology of one of Singapore's leading e-commerce organisation? I will also touch on the modernisation elements to move from a legacy monolith architecture to a micro services architecture, and the business and end customer benefits.
Mr Callum Davies
Managing Director, Just After MidnightEven the safest roads have guardrails to keep drivers from falling off the edge. It’s the same with machine learning. A well-designed model, coupled with proper governance, can help prevent unintended outcomes. You need a good mix of people, processes, and technologies to minimise risks when managing your AI projects. In this session, Ted Kwartler will provide some strategies for building good governance processes and tips for monitoring your AI system. He’ll show you how to get started by creating a plan for governance, identifying your existing resources, and where to ask for help. The audience will learn: - The importance of context, operations, and development in ML governance. - How to evaluate diverse types of risk. - Which industries are experiencing regulatory pressure. - Tips to deliver value and reduce risk using DataRobot’s technology.

Mr Ted Kwartler
VP, AI Trust, DataRobotArtificial intelligence (AI) is now a ubiquitous feature in many products we use or processes we interact with, from our mobile phones to our loan applications. With its meteoric rise comes a new set of challenges: AI models have been found to be systematically biased against historically disadvantaged groups, and this is especially problematic for important applications of AI in the space of credit risk ratings, university admissions, and even parole decisions. In this lightning talk, we dive into the emerging field of algorithmic fairness, which focuses on how to incorporate fairness into AI algorithms itself, and highlight the important technical and legal implications it has on AI governance.
Mr Shaun Khoo
Data Scientist, GovTech
Ms Chow Zi En
State Counsel, Attorney General's ChambersenCRYPT is a new one-stop, self-service, central privacy toolkit that helps public sector users apply anonymisation techniques to sensitive datasets, while preserving the data’s value for sharing and analysis. Find out how enCRYPT can help your agency transform your datasets to meet the new IM8 Anonymisation Guidelines, address re-identification risks, and manage privacy-utility tradeoffs.

Mr Alan Tang
Senior Product Manager, GovTechMr Zul Yang
Associate Software Engineer, GovTechData is the new oil. The more you mine it, the better the results. Information extracted holds the power to unlock new horizons. However, the high value associated with the data comes at a cost, i.e making it vulnerable to external threats. It becomes imperative that the organisations have to spend quality efforts and resources to safeguard this data, be it at rest or in transit. Various SaaS offerings run into numerous threats that come in different shapes and sizes. More so, if you are into Database and Datawarehouse offerings, that are integrated and managed as part of the Cluster Management. It requires a good amount of expertise wrt tools and utilities of cluster management resources, exposure to a varied degree of integrations and interactions, and familiarity with the nature of threats coming in the form of hacking, intrusion, etc, to be able to safeguard the data. In this lightning talk, they share their thoughts on the process and steps that will help build/prepare the Kubernetes and OpenShift clusters to be safe and secure, insulating them from external threats. Some methodologies and measures that strengthen the security aspects are: - Securing the container images, - Access control to the source code, - End point detection and response, - Vulnerability scanning of endpoints, - Inventory management, - Log analysis and SIEM, and - Pod Security Policies (SCC).

Mr Prasanna Alur Mathada
Advisory Software Engineer, IBMTo experience GCC 2.0 from creating a tenant, a CSP account, and deploying a simple web application.

Mr Tang Bing Wan
Director, GovTechWhen you truly use data to drive your organisation, you will find yourself needing much more out of your data infrastructure. For starters you will need a more intuitive way to model and query your data that is in line with modern applications. Beyond storing and retrieving data, you will want to leverage your data more with capabilities like search, real-time analytics and even edge to Cloud synchronization. However this does not mean you should be destined to manage a complex data infrastructure riddled with operational and security inconsistencies. In this two hour workshop we will show you how MongoDB solves that problem with a Developer Data Platform that helps you to do more with your data with a single consistent multi-cloud infrastructure to drive developer productivity while reducing both operational and security complexity. Specifically we will show how you can: - - Easily deploy a multi-cloud distributed database - Intuitively model data with the document model and a flexible schema paradigm - Add search functionality to your application without additional infrastructure and without learning additional frameworks - Achieve real-time analytics without having to setup a different database cluster and with native visualisation tools included.

Mr Derrick Chua
Senior Solutions Architect, MongoDBIn this workshop, we will be learning about how software engineers in GovTech build software. We will have some fun solving a Programming Puzzle at the same time - and hopefully to introduce you to software engineering practices such as Test Driven Development (TDD) and Behavior Driven Development (BDD). This workshop will be done in a group setting where we will also be practicing Pair-Programming and Mob-Programming.

Mr Michael Cheng
Lead Software Engineer, GovTechLearn how to set your data in motion with Confluent Cloud, a fully managed data streaming platform that delivers Apache Kafka® and the surrounding toolchain needed for all of your streaming use cases. Explore using Confluent Cloud through the simple use case of transactions and payments to modernise your applications and data infrastructure. You will gain an understanding how hybrid and multicloud architectures are able to power real-time interoperability between all of the systems, applications, and datastores that run across any number of on-premises and cloud environments so you can innovate faster, increase revenue, reduce risk and maximize the value of cloud. You will learn in this workshop how to provision clusters, create API keys, assign roles and access, connect to external systems to fetch data, define message formats, build stream processing applications, expose real-time data via APIs, and learn, build, break, fix.

Mr Jason Esli
Staff Solutions Engineer, Confluent Singapore Pte LtdDo you or your organisation face difficulties in sharing data due to privacy restrictions, or fears of a data breach? In a digital landscape fraught with emerging threats and regulatory concerns, there is a growing need for organisations to collect and share data safely, without compromising the privacy of stakeholders. In this workshop, you will be introduced to the emerging field of data privacy and privacy-preserving technologies (PP-Tech). Participants will learn more about Singapore's data privacy landscape and how various forms PP-Tech can help manage privacy-utility tradeoffs. Participants will have the opportunity to test drive enCRYPT, GovTech's Central Privacy Toolkit, which helps non-expert users to anonymise data and address re-identification risk. Participants will also learn practical implementations of differential privacy through a mini tech clinic.

Mr Zul Yang
Associate Software Engineer, GovTech
Ms Anshu Singh
Privacy Researcher, GovTech
Mr Alan Tang
Senior Product Manager, GovTechData-fication means accessing and using data with many different format and layout. Data-fication means finding business values hidden in gigantic pile of data. Data-fication means convincing stakeholders to invest in data without being sure of the outcome. Neo4j Graph Database will fit into any infrastructure, consuming data from anywhere, and bringing instant impact to business users. Today, we want to show a practical example of how multiples datasets can be linked for new insights.

Mr Xavier Pilas
Pre-Sales Consultant, Neo4jMost organisations are adopting an Event-Driven Architecture (EDA) to compete in a world where customer satisfaction requires real-time outcomes. In this workshop, we'll build and expand your toolbox by sharing how an Event Portal, paired with industry standard specifications and frameworks, enables a smooth journey to bring your EDA from initial architecture and design to code running in production, while also setting your team up for success as the business needs, architecture and applications themselves are enhanced over time. Throughout this workshop we will get hands-on and talk about: 1. PubSub+ Event Portal - Architect, design and extend an EDA which includes multiple applications, events, and schemas. - Document applications, events, and schemas along with best practices for documentation. - Use the Event Catalog and Designer to learn, understand and ideate. 2. AsyncAPI - AsyncAPI is an open initiative for defining asynchronous APIs, providing a specification, and tooling such as code generation. - Use the AsyncAPI Generator to generate skeleton code and object models for event-driven microservices.

Mr Aaron Lee
Developer, Solace Corporation IncYou've heard of Docker and Kubernetes, and you can tell that they are the next big thing to learn. You want to master Kubernetes, but where should you start? Enter Zero to Kubernetes: a step-by-step course on how to architect, develop and deploy applications in Kubernetes. This course walks you through the full path from coding an application to deploying it to a production-grade Kubernetes cluster.

Mr Daniele Polencic
Instructor, Learnk8sGovTech has developed the Singapore Government Tech Stack (SGTS), a suite of products and services that enables government agencies to build secure digital services quickly and effectively. This workshop is for developers to get basic understanding of SHIP-HATS 2.0 – the CI/CD tool, Container Stack – the Container tool and StackOps – the monitoring and observability tool. SHIP-HATS 2.0 This segment offers a hands-on guidance to construct a CI/CD pipeline on SHIP-HATS 2.0 that follows industry best practices. The workflow builds a Docker image that gets deployed to a registry. In this simple setup, security as well as compliance aspects will be covered in depth. Container Stack (CStack) CStack segment showcases managing applications and cloud services using CStack over the SHIP-HATS pipeline. From the artifact built from SHIP-HATS pipeline integrated with CStack, we'll go through how to deploy applications easily using GitOps as well as introduce tools & integration provided from the platform. StackOps In this segment, participants will get a hands-on experience with StackOps on the ingesting of the logs to monitor toolchain and retrieve logs, creating dashboards, using Application Performance Monitoring (APM) tool to derive insights into an application. In addition, there will be a demonstration of the StackOps Portal in which a project can be onboarded to monitor infrastructure or applications.

Ms Chua Peiling
Full Stack Engineer, GovTech
Mr Yap Yi Sheng
DevOps Engineer, GovTech
Mr Shan Mahanama
DevOps Engineer, GovTechThe introductory workshop will demonstrate how you can leverage automated and manual accessibility testing to improve the accessibility of your web and mobile applications. Featuring Purple HATS an accessibility testing tool that fits right into your CI/CD pipeline. You will get to experience hands-on methodology on how to test for accessibility issues with screen readers too. Note: While the workshop might be a little technical, we welcome officers of different technical backgrounds to experience the tool for themselves. Assistance will be provided.

Mr Royce Cheng
UX Designer, GovTech
Mr Tan Han Yang
Quality Engineer, GovTechMr Lim Zui Young
Senior DevOps Engineer, GovTechDigital transformation has a downside: It causes a gap between the attack surface your organisation knows about and protects, and your actual attack surface with assets that are beyond your security team's scope and therefore left unprotected. In this workshop, we’ll explore the ways to measure that gap and how HackerOne’s platform can help close it. Participants will learn a new approach to gaining full visibility across their attack surface, driving down risk, and increasing attack resistance across applications and cloud assets.
