Engineering

Engineering Blog

Yelp Dataset Challenge Round 9 Winner

Yelp Dataset Challenge Round 9 Winners The ninth round of the Yelp Dataset Challenge ran throughout the first half of 2017 and, as usual, we received a large number of highly impressive and interesting submissions. Needless to say, we were struck by the quality of the entries: keep up the good work! Today, we are proud to announce the grand prize winner of the $5,000 award: “CORALS: Who are My Potential New Customers? Tapping into the Wisdom of Customers’ Decisions” by Ruirui Li, Chelsea J-T Ju, Jyunyu Jiang, and Wei Wang (from the Department of Computer Science of the University...

Continue reading

Keeping Yelp two steps ahead: How we built GSET to protect employee email

Earlier this year, Gmail users across the globe were affected by one of the largest phishing attacks of its kind. Yelp emails were among the many corporate email systems that experienced this Google Docs phishing attack. Fortunately, our security engineers had already prepared for this level of security threat and were able to delete the suspicious emails before impacting employees. As phishing attacks have become more and more prevalent, the need for new tools and countermeasures to protect users has become more important than ever. According to the last IBM X-Force Threat Intelligence Index report, the amount of spam email...

Continue reading

Breaking down the monolith with AWS Step Functions

As we’ve discussed in earlier blog posts, Yelp Engineering has been working hard to break down our largest monolithic code base (yelp-main) for the past few years. We’ve made great progress but some of our oldest, most critical code remains within yelp-main. A great example of an older, more established system is our monthly subscription billing cycle. The system is core to how Yelp collects revenue and has proven technically challenging and risky to transition. The Revenue engineering team knows these older systems should be moved into services, but the challenge of extracting tangled, business-critical code has proven expensive and...

Continue reading

Code Review Guidelines

We deeply value code review and feel that it’s crucial to being a high-functioning engineering organization. Code review results in higher quality code that is more broadly understood. It also lets engineers learn from their peers, practice mentorship, and engage in open dialog and discussion about what they build. The benefits of code review align well with Yelp’s value Play Well with Others and support our culture of continually teaching and learning. As our organization has continued to grow, there are certain patterns that have made code reviews more beneficial and keep them from becoming a bottleneck. We’ve been following...

Continue reading

Yelp @ Grace Hopper - Orlando Edition!

Yelp returned to Grace Hopper Celebration once more, this time in Orlando! Let’s take a look at what GHC2017 is all about from the insights of our attendees. Who Neha H.: Android engineer @ Search User Experience team Grace J.: Recruiting manager @ University Recruiting team Tiffany K.: Product manager @ Contributions team Lauren C: Product designer @ Messaging team Xun T.: Software engineer @ Ad Creative team, first time speaker at GHC this year. Favorite sessions during GHC Tiffany: Women Who Build The Product Management Journey. I really appreciated hearing from women leaders who have been successful in the...

Continue reading

Day in the Life of a Product Manager

Meet Brittany Cheng, a 5-star Product Manager! Learn what she loves about product management and how she has grown over her career here at Yelp. Are you interested in building great products? Do you love working with different teams? Are you motivated by the user experience? Mentorship, ownership, and great people — we’ve got it all. Bring your ideas to life and join our all-star Product Management team! Head to https://www.yelp.com/careers to learn more.

Continue reading

SignalForm: Charts as Code with SignalFx and Terraform

Monitoring the health of our systems is a critical part of maintaining Yelp’s infrastructure. We collect millions of data points that help us observe the performance and status of our services. This data powers visualization and monitoring systems so that we can alert on anomalies and derive actionable insights, especially during on-call procedures. SignalFx is our preferred vendor for metrics visualization and monitoring. They provide a rich UI with many robust analytics capabilities. At Yelp’s scale, we use SignalFx to create hundreds of detectors, charts and dashboards. Managing and finding these resources quickly is a challenge. Our engineering teams need...

Continue reading

The Road To HSTS

What is HTTP Strict Transport Security? HTTP Strict Transport Security, commonly referred to as HSTS, is a Web standard that aims to ensure all web resources off a domain are fetched over a secure transport layer. The core objective of HSTS is to protect users against passive and active network attacks. To this end, it prevents protocol downgrade attacks and blocks insecure click throughs. From a configuration perspective, HSTS is an easy to deploy HTTP header. Its format is: Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Unfortunately, many companies who have tried to deploy HSTS have experienced various challenges, some of which resulted...

Continue reading