The Venerdì Protetto retrospective: a way to grow together
After the summer break, we’re back with the much-anticipated Venerdì Protetto, a day when work pauses to make room for learning and discussion. During the September edition of Venerdì Protetto, we held a retrospective to gather feedback and ideas on how to make this initiative even more meaningful and engaging.
Why Venerdì Protetto is important
Venerdì Protetto is an opportunity for our IT department to come together, share knowledge, and cultivate new skills. It is a unique occasion to gain valuable insights into technical approaches and solutions through internal contributions, as well as to learn about other realities through external talks.
Innovating for a cleaner tomorrow: our company hackathon experience
In today’s fast-paced tech landscape, innovation often thrives in unconventional environments. One such event that has gained popularity in recent years is the hackathon. A hackathon is a collaborative event that brings together people from different backgrounds to brainstorm and create innovative solutions to specific challenges, all within a limited timeframe. These events foster a culture of creativity, teamwork, and rapid problem-solving, making them invaluable for companies looking to harness the collective intelligence of their employees.
This page contains the abstracts of the talks held during the latest Venerdì Protetto on June 14, 2024.
Topics:
Big project management
What really matters?
by Stefano Bosio
This presentation explored the primary technical hurdles of managing large IT projects, including technical challenges, planning, time management, technical debt, documenting, testing, and rollout strategy.
After the successful experience of having a code challenge in March 2024, we decided to go further in delivering experiences to our colleagues.
Scouting around, I turned to Alessio Giorgianni, a developer with a passion for white hat hacking competition. We agree to try an experience using a platform called Hack the Box. Hack the Box Academy offers lots of information and training about IT Security and, in our case, some exercises we can use for hacking dummy applications, with a whitebox example (i.e., an example where all the code is undisclosed to us. There are also different kind of pentest). We agreed upon using a non-trivial quest, called Jerrytok. Jerrytok is a WAPT (Web App Penetration Testing) whitebox challenge. We got a simple web-application, written in PHP, which disclose the harm of using template engines in a not-proper way. It’s a good introduction to SSTI, Server Side Template Injection.
This page contains the abstracts of the talks held during the latest Venerdì Protetto on May 17, 2024.
Here they are:
Share this post
X
Facebook
Reddit
LinkedIn
StumbleUpon
Pinterest
Email