Abstracts And Presentations

Here is where you will find demos and presentations that we have done. Click on one of the links below for slides, code, notes, and more. I also have some archived talks. Archived talks are talks which I am no longer presenting. They run the risk of containing outdated information or need to be revamped.


A .NET Developer's View Of The OWASP Top 10

The Open Web Application Security Project periodically puts out a report showing the top ten risks for web applications. In this talk, we will review the latest version of the OWASP Top 10 Application Security Risks, released in 2017. We will briefly cover each of the ten topics and explain how the topic applies to the Microsoft .NET world of MVC and Web Forms, focusing on things a developer can do to write more secure code. This talk will not go into great detail on any individual topic, but we will have a chance to see a couple of these risks and mitigation techniques in action.

Go to the presentation for more information.


Applying Forensic Accounting Techniques Using SQL And R

Forensic accountants and fraud examiners use a range of techniques to uncover fraudulent journal entries and illegal activities. As data professionals, most of us will never unravel a Bernie Madoff scheme, but we can apply these same techniques in our own environments to uncover dirty data. This session will use a combination of SQL Server and R to apply these fraud detection techniques, which include Benford's Law, outlier analysis, time series analysis, and cohort analysis.

Go to the presentation for more information.


APPLY Yourself

Microsoft introduced the APPLY operator in SQL Server 2005. This under-used, non-standard operator can help us solve a number of common (and not-so-common) problems with elegant code which performs well. We will look several problem spaces in which the APPLY operator shines, such as joining to table-valued functions, getting the top N child records for each parent record, string splitting, and word matching. With the use of these examples, we will gain a deeper understanding of when to use the APPLY operator.

Go to the presentation for more details.


Big Data, Small Data, and Everything in Between

The breadth of options available to data professionals today is staggering: between relational, object, graph, and document databases, we have a wide array of storage options, as well as a huge number of access and analysis tools. This talk will walk you through data platform, data analysis, and data processing options. We’ll discuss when to use (and when not to use) Spark, R, Storm, and SSAS, as well as a range of other tools and technologies. By the end of this talk, you may not have MongoDB or Neo4J, but you will know where they might fit.

Go to the presentation for more details.


Client Migration With Biml

Many companies scale out their databases horizontally, partitioning data by customer (or some other identifier) into separate databases or instances. Sometimes, it becomes important to move that data from one database to another. SQL Server Integration Services is a fantastic tool for ETL, but creating and maintaining dozens or hundreds of data flows by hand is exhaustingly tedious. Instead of doing it the hard way, use the BI Markup Language (Biml) to automate package development. This talk will show how we can use metadata tables and Biml to auto-create SSIS packages to migrate data from one database to another, handling foreign key constraints along the way.

Go to the presentation for more details.


Data Cleansing with SQL and R

On a given project, data scientists can spend upwards of 80% of their time preparing, cleaning, and correcting data. In this session, we will look at different data cleansing and preparation techniques using both SQL Server and R. We will investigate the concept of tidy data and see how we can use tools in both languages to simplify research and analysis of a small but realistic data set.

Go to the presentation for more information.


Genetics In Action: Evolutionary Algorithms

Evolutionary algorithms help us solve optimization problems where we know what the answer is, but don't know how to get that answer. In this talk, we will look at how different evolutionary algorithms apply the concepts of genetics to discover formulas and patterns. Specifically, we will look at genetic algorithms and genetic programming, digging into how they work and solving a number of problems with each. We will also include a crash course on basic genetics, just in case high school biology isn't fresh in your mind.

Go to the presentation for more information.


Introducing Azure ML

Azure Machine Learning is a point-and-click Software-as-a-Service offering on the Microsoft Azure platform. It allows data scientists to manage, cleanse, and filter data; train, score, and evaluate models; and write custom components in R and Python. Once the data scientist's work is done, Azure ML then automatically generates a production-ready web service to implement the model, saving significant development effort. This talk will walk through the Azure ML offerings and discuss how they may integrate into a mature business platform.

Go to the presentation for more details.


Learning Languages

As IT professionals, we have a mind-boggling number of technical research options. The purpose of this light-hearted talk is to think a little bit about ways to sharpen our skills while still leaving at least a trace of free time.

Go to the presentation for more details


Much Ado About Hadoop

If you're interested in Hadoop but don't know where to begin, this session will give you an idea of what you can do with the open-source platform. We will see an overview of the Hadoop architecture, becoming familiar with the overall platform and its solutions for warehousing, ETL, streaming data ingest, in-memory processing, and more. We will compare Hadoop to SQL Server to help gain an understanding of when to deploy which technology.

Go to the presentation for more details.


Peanut Butter & Chocolate: Integrating Hadoop and SQL Server

So you jumped on the bandwagon and set up a Hadoop cluster…but now what? Your database developers and app developers know how to integrate with and develop against SQL Server, but the Hadoop world can be a completely different experience. This talk will help bridge the gap between SQL Server and Hadoop, using tools such as SQL Server Integration Services and Sqoop to migrate data between a Hadoop cluster and a SQL Server instance, as well as PolyBase to integrate the two like never before.

Go to the presentation for more details.


Polybase In Action

Polybase is Microsoft's newest way of integrating SQL Server with external systems such as Hadoop and Azure Blob Storage. In this talk, we will connect SQL Server to an on-premises Hadoop cluster as well as Azure Blob Storage, writing T-SQL queries to retrieve remote data. We will then use DMVs and other resources to tease out what the Polybase engine is doing behind the scenes. Finally, we will look at several interesting use cases for Polybase.

Go to the presentation for more information.


Power BI Custom Visuals

Microsoft has made it possible for developers to create and release their own custom visuals to enhance the Power BI experience. In this session, we will take a look at six custom visuals and see how they integrate into the rest of the Power BI Desktop application.

Go to the presentation for more details


R For The SQL Developer

R is the premiere language for data analysis. If the world of data science sounds fun and exciting, now is the time to get into R. We will walk through the core constructs of R, learn how to retrieve data from flat files and databases, and get a peek at the power behind R. This session will also give resources on where to go in order to become more familiar with statistics, R the language, and the R package ecosystem..

Go to the presentation for more details


Securing SQL Server

A default SQL Server installation is reasonably secure, but "reasonably secure" doesn't cut it in an era in which one bad line of code, one weak password, or one open port can result in your customer database ending up on Pastebin. In this talk, we will look at different methods of securing a SQL Server instance, from venerable (principle of least privilege, Transparent Data Encryption) to novel (Always Encrypted, row-level security). These tools and techniques will show us ways for developers, database administrators, and network specialists to work together to secure SQL Server instances.

Go to the presentation for more details.


SQL Injection

Over the past several years, hacktivists, criminals, and people just "out for lulz" have managed to find sensitive data owned by organizations like Sony, Yahoo, NASA, and the U.S. army, among many others. In all of these cases, the attackers exploited websites using SQL injection attacks. SQL injection is at the top of the Open Web Application Security Project (OWASP) top 10 list and is an important part of one of the SANS 20 critical security controls. This talk will go into what SQL injection is, how attackers can use it, and how to secure your sites so that your CIO and CISO never show up on the evening news. Although the talk will focus on using the Microsoft stack (IIS, ASP.Net, and SQL Server), the lessons will apply to all web systems everywhere.

Go to the presentation for more details.


Using Kafka for Real-Time Data Ingestion with .NET

Remember that first time you saw Service Broker and thought of all the great things you could do with it? Remember when you actually tried Service Broker and found all the limitations and pain points? Enter Apache Kafka. Apache Kafka is a distributed publish-subscribe messaging system which can scale out to handle millions of messages per second and support a distributed, microservices-oriented architecture. In this talk, we will cover the basics of this powerful system, including general architectural and design principles. We will also build a .NET project which uses Kafka to produce and consume messages quickly and efficiently.

Go to the presentation for more information.


Working Effectively with Legacy SQL

A legacy code base can be a frightening thing. Between strict deadlines, ever-evolving requirements, differing skill levels of contributors over time, and historical circumstances, keeping database code clean and concise is difficult at best. This example- and demo-driven talk will help you build out a mental framework to prune those gnarled code bases. Much of this talk will be familiar to software developers who know of the "clean code" philosophy, but no knowledge of the topic is necessary. If you shudder whenever you look at your SQL code base, this talk may be for you.

Go to the presentation for more details.