ISTA 2024

Agenda

The schedule is in EET time zone!

To be announced soon!

  • Day 1
  • Day 2
Track 1
Track 2
09:00 - 09:50
Track 1:
Coffee and Registration
Track 2:
Coffee and Registration
10:00 - 10:50
Track 1:
OPENING KEYNOTE
Patrick Chanezon, VP Cloud Developer Advocacy at Microsoft
Track 2:
10:55 - 11:35
Track 1:
Beyond Selenium: Finding a Tool for Web Testing

Are you still using Selenium for your web testing needs? It may be time to explore better
options! This talk will dive into test automation tools, comparing Selenium with alternatives
like Playwright and Cypress to see which suits you best.
First, we’ll break down Selenium’s features, like its ability to work with multiple browsers,
cross-platform support, a robust ecosystem, and various programming language options. We
will recognize its downsides: learning it can be challenging, you’ll need to wait around for
things to load, and handling tricky webpage elements can be a headache. We’ll also discuss
when there are better options than Selenium.
We’ll also compare Selenium with Playwright and Cypress. These tools have strengths and
downsides that could suit your needs better than Selenium. Throughout the talk, we will
provide practical examples to showcase alternative tools and approaches that complement or
replace Selenium, depending on specific testing requirements. This will empower you to
evaluate Selenium for their projects and consider alternative solutions to make your testing
life more effortless.
By the end of the session, you will have a solid foundation for choosing the proper
framework that will enable you to optimize web testing efforts and deliver more value to
your team through test automation. Join us to explore the diverse world of web testing
frameworks and unlock the full potential of web testing.
Takeaways:
1. Discover what makes Selenium great and where it falls short, like its ability to handle
different browsers but needing help with tricky webpage elements.
2. Explore alternative tools like Playwright and Cypress to determine if they better fit your
testing tasks.
3. Gain insights to make informed decisions about your testing toolkit, helping you streamline
your testing process and achieve better outcomes.

Diego Molina, Software Engineer at Sauce Labs
Track 2:
Supply Chain Shenanigans

In today’s interconnected digital world, the security of software supply chains has never been more critical. This session delves into the dark corners of software package ecosystems, using npm and NuGet as examples. We’ll explore real-world incidents of supply chain attacks, illustrating how attackers have successfully infiltrated various platforms to distribute malicious packages.

Key topics include:
1. Types of Supply Chain Attacks: Understanding the various attack vectors such as dependency confusion, typosquatting, and malicious package insertion.

2. Case Studies: Mention of recent attacks on npm and NuGet, providing a broad idea of how some of these attacks were carried out.

3. Attack Mechanisms: Step-by-step breakdown of how attackers create and distribute seemingly harmless packages with malicious payloads, open pull requests to popular repositories, and ultimately exploit these to harvest sensitive data.

4. Mitigation Strategies: Best practices for developers and organizations to protect their projects, including dependency management, using private package repositories, and educating developers on the risks and detection of supply chain attacks.

Join me to learn how to safeguard your projects against these insidious threats and ensure the integrity of your software supply chain.

Todor Todorov, Senior Software Engineer at Payhawk
11:45 - 12:10
Track 1:
Lightning Talks
Think twice before becoming a team lead

Have you ever been curious about what it is – to be a team lead?
Perhaps you’re aspiring to become a team lead, or you’re already in that role and striving to optimize your daily operations. Despite employing time management strategies and delegation, you are not seeing the positive impact you anticipated by being a team lead? Are you concerned as your colleagues’ technical skills advance while your own development seems to have plateaued?
I’ll provide tips and tricks that can make a tangible difference. Exploring cases from my experience as a team lead and fellow managers, you will understand if this role is for you and how to overcome most typical obstacles that you may have at the beginning of your journey.

Daria Suprunova, QA Team Lead at Devexperts
"Two (soft) things I learned the (hard) way."

“When someone hits fifty, they either start writing memoirs, or tend to do soft-skills talks on various conferences. With more than 15 years experience in living via coding, and then another 15 years in living via leading people and teams, Doncho has a story to tell. A story about how (not) to (mis)treat people; A story about what I wish I knew when I was 30, and how it’d help me; A story about basic life hacks, that would keep us afloat, even when the times are dire; A story about the stories, which did not make it to that talk. There won’t be much AI involved, but more like RL (real life). With some lessons.”

Doncho Angelov , Software Engineering Director at Musala Soft
Fake intelligence! We are not intelligent at all. Real-life QA / DEV examples of testing approaches that pretend to be "intelligent".

What if the human definition of intelligence is wrong? If we don’t know what intelligence is, how we can develop and trust artificial intelligence? During the talk, I will go through specific decisions that might be classified as smart and intelligent, but in the end they are not. Real-world examples of testing and development choices that shouldn’t happen.

As a people, we think that any action is intelligent only if we will do the same action. Example: AI is intelligent because it can answer millions of questions and the answers sound meaningful for us.
Example 2: Monkeys are intelligent animals because some of them use tools, like humans do. But birds and fishes are not intelligent because we don’t understand their actions.

The same situation happens when teams (qa and dev) choose tools/technologies/processes.
Teams/Companies are mainly making their choices based on trends and what they see in other companies. But some of the tools/processes might not work for them. For example, using Playwright only because Microsoft does might not work for your team.

Martin Ivanov, QA Tech Lead at Merkle
Blockchain in Everyday Life

How blockchain technology is becoming integrated into everyday applications, such as digital identity verification, voting systems, and decentralized finance (DeFi).
Abstract:
Blockchain technology is quickly becoming a part of our lives with its decentralized, transparent and secure features making it invaluable, in various industries. This presentation delves into how blockchain’s being incorporated into applications particularly focusing on digital identity verification, voting systems and decentralized finance (DeFi).
Digital identity verification utilizes blockchain to offer identities that are decentralized tackling issues like security breaches and identity theft. The e Residency program in Estonia serves as an example by providing a blockchain based identity that is both secure and easily verifiable.
In the realm of voting blockchain technology holds the promise of enhancing transparency and security in processes. By ensuring that votes cannot be altered or manipulated and are easily verifiable blockchain based voting systems can help build trust in practices. Examples like Voatz in the US and various global trials of voting underscore the potential for this technology to revolutionize our voting methods.
Decentralized Finance (DeFi) stands out as another application of technology offering financial services through decentralized networks without traditional middlemen. DeFi platforms facilitate activities such as lending, borrowing and trading cryptocurrencies while democratizing access to services and boosting efficiency. Leading DeFi projects such, as Uniswap, Compound and Aave demonstrate how blockchain is reshaping the sector.

Ognyan Chikov, Senior Blockchain Developer at LimeChain
Track 2:
AI Writing Our Code. Real Experience. Real Opportunities. Real Data.

Real data and the future of AI-assisted coding
GitHub Copilot’s impact on code quality
Does GitHub Copilot’s performance meet expectations
How to integrate AI-assisted coding into your workflow
Ethical considerations and grey areas in AI-powered coding
How far does the AI evolution go

Nikola Netsov, Senior Software Engineer at Scalefocus
12:10 - 13:10
Track 1:
LUNCH BREAK
Track 2:
LUNCH BREAK
13:10 - 13:50
Track 1:
The Fifth Element : Azure Secure DevOps

In the 21st Century the Cyber Universe is threatened by Evil Source Code and Evil entities. The only hope for many developers is the Fifth Element : the Sec in Devops, which must be implemented side by side with the Four elementals : Code, Build, Test , Deploy. A Microsoft Service is bringing the Four Elements but can the Fifth be included, and will it save us from disaster?

Learn about secure development practices, hardening developer ecosystems , secure coding, and much much more !

Turning Complexity Into Modularity

Mike Martin, Senior Cloud Solution Architect and Technical Evangelist at Microsoft
Track 2:
Turning Complexity Into Modularity

Every software engineer and architect wants to design modular software systems and to avoid complexity. Yet, frequently, we end up with the opposite: what promised to be an elegant, well-thought architecture results in another big ball of mud. Why does this sad story keep repeating? In this talk, I will delve into the nature of modularity and complexity, highlighting their surprising similarities. You will learn what forces push software architecture towards complexity, and which strategies result in the desired modularity. Ultimately, you will learn to harness these forces to design systems that withstand changes and the test of time.

Vlad Khononov , Software and Cloud Architect at O'Reilly Author and Trainer
13:55 - 14:20
Track 1:
Effective Unit & Integration Testing: Pitfalls and How to Avoid Them

In today’s agile software development processes, effective testing is crucial. It must be an integral part of writing code to ensure the resulting product functions as specified. In this session, we will define what constitutes good unit and integration tests and share common bad practices in unit testing that we have encountered over time.

We’ll explore real-world examples of poor testing patterns, their negative impacts, and how to rework them into more effective practices. Additionally, we will discuss how AI can be used to improve unit testing by assisting in writing effective test cases and enhancing test maintenance.

By the end, you’ll have a structured approach to writing better tests!

Key Takeaways:
– Characteristics of Effective Tests
– Common Pitfalls in Testing
– Efficient Test Creation
– Integrating AI in Testing

Note to the organizers: The talk can also fit the 25-minute format by dropping the AI section.

Petyo Dimitrov, Senior Software Architect at Musala Soft
Track 2:
Application Security in the Age of AI

Risk Assessment: Understanding the capabilities of identifying and evaluating security risks via AI and what risks AI presents
What is SSDLC: An introduction to the Secure Software Development Life Cycle and its significance.
Modern SSDLC Methodologies: Exploring the latest trends and methodologies leveraging AI
How to Implement a SSDLC: Practical steps and strategies for integrating a Secure Software Development Life Cycle in your processes.
Threat Modeling & AI-Assisted Threat Modeling: Leveraging AI to identify and mitigate potential threats during the development phase.
Secure Coding Today: Best practices for writing secure code in an AI-influenced environment.
Modern Runtime Security with AI: Utilizing AI to enhance runtime application security and protect from emerging threats.

Radostina Kondakova, CyberSec Team Lead at Scalefocus
Yordan Popov, Senior Security Engineer at Scalefocus
14:30 - 14:55
Track 1:
What do you need to know about RAG(Retrieval Augmented Generation)

We’ll explore the fundamentals of Retrieval Augmented Generation (RAG), which combines retrieval and generative models for enhanced AI capabilities. We’ll look at the practical applications of RAG such as implementing a simple customer support chatbot. Additionally, we’ll explore vector databases, understanding their role in storing and retrieving information efficiently, while highlighting best practices and advanced techniques for maximizing RAG’s potential.

Kristian Mariyanov, Principal Software Developer at Progress
Track 2:
Online shopping - The nightmare for people with disabilities

During the talk you will learn what is web accessibility and why is so important for everyone. You will hear about different good and bad practices, learn about the approach of adding Accessibility on already built component based site, along with high-level techniques and tools.

Accessibility understanding – people with disabilities and their way to shop online and why e-commerce sector receive more lawsuit for inaccessible sites
Buying power for people with disabilities
What are the accessibility principles from e-commerce point of view?
Examples of inaccessible components, that can make the online shopping a nightmare for disable people – Videos(реклами), Colors – contrast,Zoom 400%, Navigation, Inaccessible forms, Pop ups (that cannot be closed)
What should the approach of adding accessibility to an already built component based site?
DEV point of view:
High-level techniques – Skip to main content, aria (html guidance), linter
Tools – NVDA, Voice Over, AXE automation testing, Contrast ratio checker, Paid AXE
Who will benefit from it: companies and clients
– revenue increase
– social sustainability
– better SEO ranking for site with accessibility
Why should we pick this talk:
– positive social impact
– inforce increaesment near future
– from 2025 the European accessibility act will be applicable through the web

Ekaterina Gousheva , QA Engineer at Merkle
Emil Peychev , Development Team Lead at Merkle
14:55 - 15:15
Track 1:
COFFEE BREAK
Track 2:
COFFEE BREAK
15:15 - 15:40
Track 1:
Growth Mindset: The path to building performant and innovative teams and organizations

In this session we will get a glimpse on how to instill growth mindset in teams and organizations. And pave the way to higher employee engagement, innovation and performance.

Stanislava Baltova, Product Lead at SAP
Track 2:
Different approaches in detection of machine-generated texts

Without a shadow of a doubt machine text generation has become a work of art in the past years. Articles, posts, reviews and other are flooding the internet space. An important question that people have to answer is how to detect if a piece of text is written by a human or a large language model. In this talk I am presenting the challenges of this task by describing how some solutions work under the hood and whether sufficient results can be achieved without training a specific model for the problem. In addition, there is going to be a demonstration that shows the performance with several paragraphs.

Daniel Georgiev, Software Consultant at Accedia
15:50 - 16:15
Track 1:
The State of Web Testing

Web is huge and so is the variety of tools and strategies for testing web applications. Selenium has been around for two decades, but nowadays we have Cypress, Playwright, Puppeteer, WebdriverIO and many more. Let’s also not forget that e2e testing is just the top of the testing pyramid, we have various options to do component testing as well. The web testing world is evolving rapidly and we will talk about its state in 2024.

Dimitar Topuzov, QA Architect at Progress
Track 2:
Metamorphosis: The Daily Delivery Transformation Story

This a story about journey, fraught with high-stress levels, and accentuated by the varied understanding of cloud culture, differing technical expertise, and diverse professional experience. The absence of established procedures meant reliance on manual deployment in an environment where change was the only constant. Like a caterpillar transforming into a butterfly, the team adapted to leverage cloud services, bringing much-needed speed and agility to respond to the fast-evolving global marketplace, a metamorphosis driven by necessity and survival. The transformation adhered to the industry-standard for software delivery, through the lens of DevOps Research and Assessment (DORA) key performance indicators (KPIs). In choosing tools, compatibility with these strategic ideals was the guiding principle. Clear and honest communication mapped out the shared objectives and the untrodden path.

Iva Ivanova , Technical Release Manager at SAP
16:25 - 16:50
Track 1:
Achieving Operational Quality: Comparing Corporate vs Public Sector

Now that Ivan Goychev has seen both the private companies and public administration, he wants to share some insights of the differences and similarities(yes, there are such) in how each organization type ensures delivering high quality services. He will present some practical process examples of what works, what to avoid and what can be done better. He will including some counterintuitive advices backed by research to encourage those who might be hesitant to try. The topic is suitable for C-Level executives, managers and individual contributors at all levels.

Ivan Goychev, Deputy Mayor of Sofia at "Digitalization and Innovation"
Track 2:
Leveraging Pattern Object Model for Efficient Test Automation

In the realm of software testing, the challenge persists: how can testers, especially those lacking coding experience, contribute effectively to test automation? The traditional approach of relying solely on developers for automation can lead to inefficiencies, especially concerning team dynamics and continuity. This dilemma is exacerbated when testers depart, leaving behind convoluted codebases and intricate page objects.
Enter the Pattern Object Model (POM), a game-changer in the landscape of test automation. This methodology transcends the limitations of individual coding prowess by providing a structured framework for crafting robust automated tests. Through the implementation of POM, our team witnessed a paradigm shift, empowering testers to deliver automated tests from day one of the projects, irrespective of their coding background.
Moreover, POM significantly alleviates the burden of maintenance, a perennial concern in test automation. By adhering to standardized patterns and practices, we mitigated duplication of logic across page objects, thus facilitating seamless refactoring and reducing maintenance overhead. Our experiences with POM have not only garnered the trust of new clients but also fortified relationships with existing ones, thanks to reduced maintenance cycles and enhanced test reliability.
This presentation delves into the transformative power of POM, offering insights gleaned from practical implementations. Attendees will discover how adopting POM can streamline test automation workflows, enhance team collaboration, and ultimately elevate the quality of software deliverables. For those eager to explore further, code samples and conceptual elucidations are readily accessible on my GitHub repository.
Join us as we unravel the nuances of Effective Test Automation using a Pattern Object Model, and embark on a journey towards more efficient and sustainable testing practices.

Gjore Zaharchev, Head of Quality Assurance at Qinshift
17:00 - 17:40
Track 1:
CLOSING KEYNOTE
Paul Saunders , Head of Product Strategy and Chief Evangelist Cloud ERP at SAP
Track 2:
17:40 - 18:00
Track 1:
RAFFLE & CLOSING
Track 2:

Tickets

  • √ Two tracks onsite
  • √ Fun expo zone
  • √ Breakfast and Lunch
  • √ Unlimited Coffee
  • √ Goodie Bag
  • √ Raffle with amazing gifs
Buy Tickets Now
For volume discount or questions, please contact office@istacon.org

Partners

Gold Sponsors:
Silver Sponsors:
Event Partners:
Media Partners:

ISTA Sponsors Brochure 2024 - Download Here

About

ISTA is not just a conference. Organized since 2011 by IT professionals for IT professionals, ISTA has become a tradition. This is one of the biggest and most prominent tech events in the region.

 

ISTA is the place to be for anyone who is truly passionate about information technology, development, quality, automation, and innovation. Throughout the years, ISTA has gathered IT professionals and world-renowned speakers who have shared their knowledge and expertise.

 

The conference is all about collaboration, knowledge sharing, meeting new friends, inspiring and being inspired in a world of constantly evolving technology.

 

Organized by leading IT companies in Bulgaria – Experian, Infragistics, Musala Soft & SAP – ISTA combines the ability of the five organizations to create INNOVATION, to SHARE KNOWLEDGE and to bring together people, who CHANGE THE WORLD.

 

Join our ISTA world of Discoverers and Innovators!