YAML is the new Eval

YAML is the new eval

               09.02.2013 @rug_b



                   @plexus
        github/arnebrasseur
You




Need to think about security
YAML is the new Eval
I'm a Rails developer
I'm a Rails developer

I'm not a security expert
I'm a Rails developer

I'm not a security expert
That's the point
“You Should Be At
Defcon 2 For Most
  Of February”
  http://bit.ly/you_will_be_compromised
§
“Security”
Many aspects
confidentiality, integrity,
availability, authenticity
gem “security” ?
YAML is the new Eval
Emergent Property
It's not a feature
Infinity Maxim
Limitless vulnerabilities, most
unknown
Trade off
No such thing as 100% secure
Ignorance is bliss
If you believe you're safe,
You can assume you're not.
Attack Surface
Your outer shell
Least Authority
Can't break what you can't reach
Constrained code
Positive security
Whitelist vs Blacklist
§
Rails Security
YAML is the new Eval
"secure by default"
XSS, CSRF, sql escaping, etc.
Tasty Magic
Programmer happiness
“People who use magic without knowing
what they are doing usually come to a sticky end.
     All over the entire room, sometimes.”
                ~ Terry Pratchett
§
  What
happened?
4 x Rails Vulnerability
Rubygems Hacked
Bonus : MySQL “feature”
Jan 2
CVE-2012-5664
SQL Injection Vulnerability
Post.find_by_id(id, opts = {})
Plain Old Dynamic Finder




                                                Jan 2
                                       CVE-2012-5664
                           SQL Injection Vulnerability
Post.find_by_id(:select => sql)
I Can Haz Inject SQL?




                                             Jan 2
                                    CVE-2012-5664
                        SQL Injection Vulnerability
Post.find_by_id(params[:id])
I Can Haz Inject SQL?




                                             Jan 2
                                    CVE-2012-5664
                        SQL Injection Vulnerability
HashWithIndifferentAccess



Post.find_by_id(params[:id])
I Can Haz Inject SQL?




                                             Jan 2
                                    CVE-2012-5664
                        SQL Injection Vulnerability
Exploitable?
Probably, but not trivially



                                                   Jan 2
                                          CVE-2012-5664
                              SQL Injection Vulnerability
AuthLogic
User.find_by_persistence_token(token)



                                               Jan 2
                                      CVE-2012-5664
                          SQL Injection Vulnerability
CookieStore
session[:token] = {:select => “foo; DROP TABLE… ; --”}



                                               Jan 2
                                      CVE-2012-5664
                          SQL Injection Vulnerability
config.session.key
Do you know where your session key is
at 4 o'clock in the morning?


                                                Jan 2
                                       CVE-2012-5664
                           SQL Injection Vulnerability
Jan 8
CVE-2013-0155
Unsafe Query Generation
Foo.find_by_bar( [ nil ] )




JSON or XML payload


Result



                                               Jan 8
                                       CVE-2013-0155
                             Unsafe Query Generation
Jan 8
          CVE-2013-0155
Unsafe Query Generation
Jan 14
CVE-2013-0156
XML will deserialize YAML
THE BIG ONE
Who thought YAML in XML was a good idea anyway?



                                            Jan 14
                                    CVE-2013-0156
                        XML will deserialize YAML
Never trust YAML
!ruby/hash:I::Am::In::Your::Objects
!ruby/object:Setting::Your::Ivars


                                                Jan 14
                                        CVE-2013-0156
                            XML will deserialize YAML
!ruby/hash
Calls #[]=

                                 Jan 14
                         CVE-2013-0156
             XML will deserialize YAML
!ruby/object
Calls instance_variable_set

                                     Jan 14
                             CVE-2013-0156
                 XML will deserialize YAML
ActionController::Routing::
RouteSet::NamedRouteCollection
def add(name, route)
  define_named_route_methods(name, route)
end
alias []= add


def define_url_helper(route, name, kind, options)
  @module.module_eval <<-END
      def #{name}_#{kind}(*args)
                                                               Jan 14
        options = hash_for_#{name}_#{kind}(args.extract_options!)

                                                       CVE-2013-0156
                                           XML will deserialize YAML
EVAL ALL THE THINGS
$ rails new myapp ; cd myapp ; bundle install
$ cd `rvm gemdir`/gems
$ egrep -r '(module_eval|instance_eval|class_eval)' . | wc -l
321
$ egrep -r '(module_eval|instance_eval|class_eval)' . | sed 's//.*//' | uniq -c | sort -n
   62 activesupport-3.2.11
   50 erubis-2.7.0
   38 actionpack-3.2.11
   24 activerecord-3.2.11
   19 railties-3.2.11


                                                                   Jan 14
                                                           CVE-2013-0156
                                               XML will deserialize YAML
Jan 28
CVE-2013-0333
Vulnerability in JSON Parser
in Ruby on Rails 3.0 and 2.3
Only 3.0 and 2.3

                         Jan 28
                  CVE-2013-0333
           JSON parsed as YAML
JSON is YAML
True story

                           Jan 28
                    CVE-2013-0333
             JSON parsed as YAML
Jan 30
Rubygems Hacked
Gemspecs are … YAML
Jan 14
            CVE-2013-0156
XML will deserialize YAML
Feb 7
Bonus Level
SELECT 0 = “foo”; # => true
YAML is the new Eval
§
Practical
YAML is the new Eval
Are you up-to-date?
Rails 3.2 / 3.1 get security updates
Rails 2.3 for severe security issues
Ruby 1.8 is End of Life June 2013
What now?

Sign up to the security mailing list
What now?

Read the Rails Guide on Security
GET routes don't check CSRF token
match 'user/reset/:id' => 'user#reset', :via => :put
attr_accessible
even better : strong_parameters
params.require(:person).permit(:name, :age)
params.permit(:name, { :emails => [ ] }
Careful with to_json in templates
<script>
 Accounts.reset(<%= raw @accounts.to_json %>);
</script>
Careful with to_json in templates
<script>
Accounts.reset([{name: "</script><script>alert('xss')</script>", ...}]);

</script>
Escaped by default in Rails 4
ActiveSupport::JSON::Encoding.escape_html_entities_in_json = true


There are other solutions as well
●   json_escape
●   data-* attributes
Regexp Anchors
“some@email.comn'; I AM IN YOUR SQLZ ; --” =~ /^...$/
Use A and z
$ : beginning of line
^ : end of line
A : beginning of string
z : end of string
Z : ignores final newline
SafeYAML
Will probably become part of Psych
Brakeman
Static security analysis for Rails apps
Sanitize Your Inputs
Distrust params, cookies and request
Thank you!




 Twitter : @plexus
Github : arnebrasseur
1 of 68

Recommended

Testing untestable code - phpday by
Testing untestable code - phpdayTesting untestable code - phpday
Testing untestable code - phpdayStephan Hochdörfer
1.2K views69 slides
Real World Dependency Injection - phpday by
Real World Dependency Injection - phpdayReal World Dependency Injection - phpday
Real World Dependency Injection - phpdayStephan Hochdörfer
3.3K views69 slides
Rails and security by
Rails and securityRails and security
Rails and securityAndrey Tokarchuk
1.3K views41 slides
Deadly Code! (seriously) Blocking &amp; Hyper Context Switching Pattern by
Deadly Code! (seriously) Blocking &amp; Hyper Context Switching PatternDeadly Code! (seriously) Blocking &amp; Hyper Context Switching Pattern
Deadly Code! (seriously) Blocking &amp; Hyper Context Switching Patternchibochibo
1.6K views30 slides
XSS And SQL Injection Vulnerabilities by
XSS And SQL Injection VulnerabilitiesXSS And SQL Injection Vulnerabilities
XSS And SQL Injection VulnerabilitiesMindfire Solutions
2.3K views20 slides
SQL Injection: complete walkthrough (not only) for PHP developers by
SQL Injection: complete walkthrough (not only) for PHP developersSQL Injection: complete walkthrough (not only) for PHP developers
SQL Injection: complete walkthrough (not only) for PHP developersKrzysztof Kotowicz
17.9K views64 slides

More Related Content

What's hot

Advanced SQL Injection: Attacks by
Advanced SQL Injection: Attacks Advanced SQL Injection: Attacks
Advanced SQL Injection: Attacks Nuno Loureiro
47.2K views35 slides
Advanced Sql Injection ENG by
Advanced Sql Injection ENGAdvanced Sql Injection ENG
Advanced Sql Injection ENGDmitry Evteev
4.6K views62 slides
Sql injection by
Sql injectionSql injection
Sql injectionMehul Boghra
257 views26 slides
iOS Automation Primitives by
iOS Automation PrimitivesiOS Automation Primitives
iOS Automation PrimitivesSynack
965 views38 slides
Not so blind SQL Injection by
Not so blind SQL InjectionNot so blind SQL Injection
Not so blind SQL InjectionFrancisco Ribeiro
10K views96 slides
Sql Injection Myths and Fallacies by
Sql Injection Myths and FallaciesSql Injection Myths and Fallacies
Sql Injection Myths and FallaciesKarwin Software Solutions LLC
115.3K views77 slides

What's hot(10)

Advanced SQL Injection: Attacks by Nuno Loureiro
Advanced SQL Injection: Attacks Advanced SQL Injection: Attacks
Advanced SQL Injection: Attacks
Nuno Loureiro47.2K views
Advanced Sql Injection ENG by Dmitry Evteev
Advanced Sql Injection ENGAdvanced Sql Injection ENG
Advanced Sql Injection ENG
Dmitry Evteev4.6K views
iOS Automation Primitives by Synack
iOS Automation PrimitivesiOS Automation Primitives
iOS Automation Primitives
Synack965 views
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto by Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya MorimotoSQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
SQL Injection 101 : It is not just about ' or '1'='1 - Pichaya Morimoto
Pichaya Morimoto17.9K views
Advanced Topics On Sql Injection Protection by amiable_indian
Advanced Topics On Sql Injection ProtectionAdvanced Topics On Sql Injection Protection
Advanced Topics On Sql Injection Protection
amiable_indian8.5K views
Sql injection by Aaron Hill
Sql injection Sql injection
Sql injection
Aaron Hill436 views
SQL Injection in action with PHP and MySQL by Pradeep Kumar
SQL Injection in action with PHP and MySQLSQL Injection in action with PHP and MySQL
SQL Injection in action with PHP and MySQL
Pradeep Kumar7K views

Viewers also liked

Yaml by
YamlYaml
YamlChristoph Santschi
3.8K views10 slides
Intro to Codefresh YAML by
Intro to Codefresh YAML  Intro to Codefresh YAML
Intro to Codefresh YAML Codefresh
602 views20 slides
The slick YAML based configuration by file in Magnolia 5.4 by
The slick YAML based configuration by file in Magnolia 5.4The slick YAML based configuration by file in Magnolia 5.4
The slick YAML based configuration by file in Magnolia 5.4Magnolia
2.8K views34 slides
Trabalhando Com YAML by
Trabalhando Com YAMLTrabalhando Com YAML
Trabalhando Com YAMLKaê Angeli Coutinho
1.1K views18 slides
Tool Development 05 - XML Schema, INI, JSON, YAML by
Tool Development 05 - XML Schema, INI, JSON, YAMLTool Development 05 - XML Schema, INI, JSON, YAML
Tool Development 05 - XML Schema, INI, JSON, YAMLNick Pruehs
2.5K views64 slides
Translation Markup Language and Universal Translation Memory by
Translation Markup Language and Universal Translation MemoryTranslation Markup Language and Universal Translation Memory
Translation Markup Language and Universal Translation MemoryMichael Berkovich
674 views71 slides

Viewers also liked(20)

Intro to Codefresh YAML by Codefresh
Intro to Codefresh YAML  Intro to Codefresh YAML
Intro to Codefresh YAML
Codefresh602 views
The slick YAML based configuration by file in Magnolia 5.4 by Magnolia
The slick YAML based configuration by file in Magnolia 5.4The slick YAML based configuration by file in Magnolia 5.4
The slick YAML based configuration by file in Magnolia 5.4
Magnolia2.8K views
Tool Development 05 - XML Schema, INI, JSON, YAML by Nick Pruehs
Tool Development 05 - XML Schema, INI, JSON, YAMLTool Development 05 - XML Schema, INI, JSON, YAML
Tool Development 05 - XML Schema, INI, JSON, YAML
Nick Pruehs2.5K views
Translation Markup Language and Universal Translation Memory by Michael Berkovich
Translation Markup Language and Universal Translation MemoryTranslation Markup Language and Universal Translation Memory
Translation Markup Language and Universal Translation Memory
Michael Berkovich674 views
EuroPython 2014 YAML Reader Lightning Talk by Schlomo Schapiro
EuroPython 2014 YAML Reader Lightning TalkEuroPython 2014 YAML Reader Lightning Talk
EuroPython 2014 YAML Reader Lightning Talk
Schlomo Schapiro1.2K views
Teoriden Pratiğe Mikroservisler - Özgür Web Teknolojileri Günü 2014 by Lemi Orhan Ergin
Teoriden Pratiğe Mikroservisler - Özgür Web Teknolojileri Günü 2014Teoriden Pratiğe Mikroservisler - Özgür Web Teknolojileri Günü 2014
Teoriden Pratiğe Mikroservisler - Özgür Web Teknolojileri Günü 2014
Lemi Orhan Ergin3.7K views
Fix Your Broken Windows With Code Reviews - phpist14 by Lemi Orhan Ergin
Fix Your Broken Windows With Code Reviews - phpist14Fix Your Broken Windows With Code Reviews - phpist14
Fix Your Broken Windows With Code Reviews - phpist14
Lemi Orhan Ergin12.9K views
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan... by DataStax
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
A Detailed Look At cassandra.yaml (Edward Capriolo, The Last Pickle) | Cassan...
DataStax5.8K views
Docker 101 - Intro to Docker by Adrian Otto
Docker 101 - Intro to DockerDocker 101 - Intro to Docker
Docker 101 - Intro to Docker
Adrian Otto10.2K views
そのyaml放っておくと大変なことになりますよ by Akira Ohta
そのyaml放っておくと大変なことになりますよそのyaml放っておくと大変なことになりますよ
そのyaml放っておくと大変なことになりますよ
Akira Ohta1.3K views
Happy Developer's Guide to the Galaxy: Thinking About Motivation of Developers by Lemi Orhan Ergin
Happy Developer's Guide to the Galaxy: Thinking About Motivation of DevelopersHappy Developer's Guide to the Galaxy: Thinking About Motivation of Developers
Happy Developer's Guide to the Galaxy: Thinking About Motivation of Developers
Lemi Orhan Ergin4.3K views
Best Practices in Exception Handling by Lemi Orhan Ergin
Best Practices in Exception HandlingBest Practices in Exception Handling
Best Practices in Exception Handling
Lemi Orhan Ergin29K views
properties, yaml, and me by Y Watanabe
properties, yaml, and meproperties, yaml, and me
properties, yaml, and me
Y Watanabe7.8K views
Java Exception Handling Best Practices - Improved Second Version by Lemi Orhan Ergin
Java Exception Handling Best Practices - Improved Second VersionJava Exception Handling Best Practices - Improved Second Version
Java Exception Handling Best Practices - Improved Second Version
Lemi Orhan Ergin17.3K views
Git and Git Workflow Models as Catalysts of Software Development by Lemi Orhan Ergin
Git and Git Workflow Models as Catalysts of Software DevelopmentGit and Git Workflow Models as Catalysts of Software Development
Git and Git Workflow Models as Catalysts of Software Development
Lemi Orhan Ergin14.2K views

Similar to YAML is the new Eval

Breakfast cereal for advanced beginners by
Breakfast cereal for advanced beginnersBreakfast cereal for advanced beginners
Breakfast cereal for advanced beginnersTruptiranjan Nayak
286 views19 slides
Spot the Web Vulnerability by
Spot the Web VulnerabilitySpot the Web Vulnerability
Spot the Web VulnerabilityMiroslav Stampar
7.1K views35 slides
Owasp Au Rev4 by
Owasp Au Rev4Owasp Au Rev4
Owasp Au Rev4sumsid1234
3.5K views34 slides
SQL/JavaScript Hybrid Worms As Two-stage Quines by
SQL/JavaScript Hybrid Worms As Two-stage Quines SQL/JavaScript Hybrid Worms As Two-stage Quines
SQL/JavaScript Hybrid Worms As Two-stage Quines José Ignacio
419 views13 slides
New and improved hacking oracle from web apps sumit sidharth by
New and improved hacking oracle from web apps   sumit sidharthNew and improved hacking oracle from web apps   sumit sidharth
New and improved hacking oracle from web apps sumit sidharthowaspindia
1.8K views31 slides
Sql injection - security testing by
Sql injection - security testingSql injection - security testing
Sql injection - security testingNapendra Singh
1.8K views20 slides

Similar to YAML is the new Eval(18)

Owasp Au Rev4 by sumsid1234
Owasp Au Rev4Owasp Au Rev4
Owasp Au Rev4
sumsid12343.5K views
SQL/JavaScript Hybrid Worms As Two-stage Quines by José Ignacio
SQL/JavaScript Hybrid Worms As Two-stage Quines SQL/JavaScript Hybrid Worms As Two-stage Quines
SQL/JavaScript Hybrid Worms As Two-stage Quines
José Ignacio419 views
New and improved hacking oracle from web apps sumit sidharth by owaspindia
New and improved hacking oracle from web apps   sumit sidharthNew and improved hacking oracle from web apps   sumit sidharth
New and improved hacking oracle from web apps sumit sidharth
owaspindia1.8K views
Sql injection - security testing by Napendra Singh
Sql injection - security testingSql injection - security testing
Sql injection - security testing
Napendra Singh1.8K views
Exploiting Deserialization Vulnerabilities in Java by CODE WHITE GmbH
Exploiting Deserialization Vulnerabilities in JavaExploiting Deserialization Vulnerabilities in Java
Exploiting Deserialization Vulnerabilities in Java
CODE WHITE GmbH34.2K views
2 Roads to Redemption - Thoughts on XSS and SQLIA by guestfdcb8a
2 Roads to Redemption - Thoughts on XSS and SQLIA2 Roads to Redemption - Thoughts on XSS and SQLIA
2 Roads to Redemption - Thoughts on XSS and SQLIA
guestfdcb8a453 views
Java EE Web Security By Example: Frank Kim by jaxconf
Java EE Web Security By Example: Frank KimJava EE Web Security By Example: Frank Kim
Java EE Web Security By Example: Frank Kim
jaxconf665 views
Web Security - OWASP - SQL injection & Cross Site Scripting XSS by Ivan Ortega
Web Security - OWASP - SQL injection & Cross Site Scripting XSSWeb Security - OWASP - SQL injection & Cross Site Scripting XSS
Web Security - OWASP - SQL injection & Cross Site Scripting XSS
Ivan Ortega1.9K views
Owasp top 10 by markstory
Owasp top 10Owasp top 10
Owasp top 10
markstory9.2K views
55j7 by swein2
55j755j7
55j7
swein22.7K views
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference) by Grand Parade Poland
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
Pawel Cygal - SQL Injection and XSS - Basics (Quality Questions Conference)
OWASP Top 10 2007 for JavaEE by Magno Logan
OWASP Top 10 2007 for JavaEE OWASP Top 10 2007 for JavaEE
OWASP Top 10 2007 for JavaEE
Magno Logan4K views
Easy Integration with Apache Camel and Fuse IDE by JBUG London
Easy Integration with Apache Camel and Fuse IDEEasy Integration with Apache Camel and Fuse IDE
Easy Integration with Apache Camel and Fuse IDE
JBUG London6.7K views
Security testing of YUI powered applications by dimisec
Security testing of YUI powered applicationsSecurity testing of YUI powered applications
Security testing of YUI powered applications
dimisec2.9K views

Recently uploaded

Ransomware is Knocking your Door_Final.pdf by
Ransomware is Knocking your Door_Final.pdfRansomware is Knocking your Door_Final.pdf
Ransomware is Knocking your Door_Final.pdfSecurity Bootcamp
76 views46 slides
Business Analyst Series 2023 - Week 3 Session 5 by
Business Analyst Series 2023 -  Week 3 Session 5Business Analyst Series 2023 -  Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5DianaGray10
369 views20 slides
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T by
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TShapeBlue
56 views34 slides
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... by
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...ShapeBlue
48 views17 slides
"Surviving highload with Node.js", Andrii Shumada by
"Surviving highload with Node.js", Andrii Shumada "Surviving highload with Node.js", Andrii Shumada
"Surviving highload with Node.js", Andrii Shumada Fwdays
40 views29 slides
Kyo - Functional Scala 2023.pdf by
Kyo - Functional Scala 2023.pdfKyo - Functional Scala 2023.pdf
Kyo - Functional Scala 2023.pdfFlavio W. Brasil
434 views92 slides

Recently uploaded(20)

Business Analyst Series 2023 - Week 3 Session 5 by DianaGray10
Business Analyst Series 2023 -  Week 3 Session 5Business Analyst Series 2023 -  Week 3 Session 5
Business Analyst Series 2023 - Week 3 Session 5
DianaGray10369 views
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T by ShapeBlue
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&TCloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
CloudStack and GitOps at Enterprise Scale - Alex Dometrius, Rene Glover - AT&T
ShapeBlue56 views
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava... by ShapeBlue
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
Centralized Logging Feature in CloudStack using ELK and Grafana - Kiran Chava...
ShapeBlue48 views
"Surviving highload with Node.js", Andrii Shumada by Fwdays
"Surviving highload with Node.js", Andrii Shumada "Surviving highload with Node.js", Andrii Shumada
"Surviving highload with Node.js", Andrii Shumada
Fwdays40 views
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ... by ShapeBlue
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
Backup and Disaster Recovery with CloudStack and StorPool - Workshop - Venko ...
ShapeBlue77 views
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda... by ShapeBlue
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
Hypervisor Agnostic DRS in CloudStack - Brief overview & demo - Vishesh Jinda...
ShapeBlue63 views
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f... by TrustArc
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc Webinar - Managing Online Tracking Technology Vendors_ A Checklist f...
TrustArc77 views
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue by ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlueCloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
CloudStack Object Storage - An Introduction - Vladimir Petrov - ShapeBlue
ShapeBlue46 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas... by Bernd Ruecker
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
iSAQB Software Architecture Gathering 2023: How Process Orchestration Increas...
Bernd Ruecker50 views
State of the Union - Rohit Yadav - Apache CloudStack by ShapeBlue
State of the Union - Rohit Yadav - Apache CloudStackState of the Union - Rohit Yadav - Apache CloudStack
State of the Union - Rohit Yadav - Apache CloudStack
ShapeBlue145 views
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue by ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
2FA and OAuth2 in CloudStack - Andrija Panić - ShapeBlue
ShapeBlue50 views
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue by ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlueElevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
Elevating Privacy and Security in CloudStack - Boris Stoyanov - ShapeBlue
ShapeBlue96 views
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ... by Jasper Oosterveld
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...
ESPC 2023 - Protect and Govern your Sensitive Data with Microsoft Purview in ...

YAML is the new Eval