Securing serverless applications in the cloud

•

0 likes•67 views

Serverless applications offer a number of advantages, the biggest one being freedom from a number of standard operational tasks. And while you may not need to do basic ops tasks, you still have a responsibility to keep your data safe and secure. Serverless designs require a completely new approach to development, and securing these applications also requires new concepts, processes and tools. (Source : RSA Conference USA 2017)

SESSION ID:SESSION ID:
#RSAC
Mark Nunnikhoven
Securing Serverless Applications In The Cloud
CSV-R02
Vice President, Cloud Research
Trend Micro
@marknca

#RSAC
2

#RSAC
3

#RSAC
4

#RSAC
5

#RSAC
6

#RSAC
7

#RSAC
8

#RSAC
9
Microservices

#RSAC
10

#RSAC
11

#RSAC
12

#RSAC
13

#RSAC
14

#RSAC
15

#RSAC
16

#RSAC
17

#RSAC
18

#RSAC
19

#RSAC
20

#RSAC
21

#RSAC
22

#RSAC
23

#RSAC
24

#RSAC
25

#RSAC
26

#RSAC
27

#RSAC
28

#RSAC
29

#RSAC
30

#RSAC
31

#RSAC
32

#RSAC
33

#RSAC
34

#RSAC
35

#RSAC
36

#RSAC
37

#RSAC
38

#RSAC
39

#RSAC
40

#RSAC
41

#RSAC
42

#RSAC
43

#RSAC
44

#RSAC
45

#RSAC
46

#RSAC
47

#RSAC
48

#RSAC
49

#RSAC
50

#RSAC
51

#RSAC
52

#RSAC
53

#RSAC
54

#RSAC
55

#RSAC
56

#RSAC
57

#RSAC
58

#RSAC
59

#RSAC
60

#RSAC
61

#RSAC
62

#RSAC
63

#RSAC
64

#RSAC
65

#RSAC
66

#RSAC
67

#RSAC
68

#RSAC
69

#RSAC
70

#RSAC
71

#RSAC
72

#RSAC
73

#RSAC
74

#RSAC
75

#RSAC
76

#RSAC
77

#RSAC
78

#RSAC
79

#RSAC
80

#RSAC
81

#RSAC
82

#RSAC
83

#RSAC
84

#RSAC
85

#RSAC
86

#RSAC
87

#RSAC
88

#RSAC
89

#RSAC
90

#RSAC
91

#RSAC
92

#RSAC
93

#RSAC
94

#RSAC
Here’s How To Apply What You’ve Learned
Today
95
Next week you should:
Map out the data and services used in your serverless designs
Line up those data:service pairings with data sensitivity
Within 3 months you should:
Have a handle on the quality of your code & be working to improve it
Understand the level of risk and trust of your 3rd party services
Within 6 months you should:
Have a unified monitoring event stream in place
Start to create automated responses to specific issues & events

#RSAC
96
Mark Nunnikhoven
@marknca
Questions?
Thank you!

More Related Content

Similar to Securing serverless applications in the cloud

The SNOC (Security & Network Operations Center) is a cost-effective, world-class, proactive integrated function that leverages and optimizes your current NOC members while hiring a minimal number of additional security professionals. Learn how to use the SNOC framework to transform your existing NOC into a single effective team that is responsible for both network and security functions. (Source: RSA USA 2016-San Francisco)

Building a World-Class Proactive Integrated Security and Network Ops Center

Building a World-Class Proactive Integrated Security and Network Ops Center

Building a World-Class Proactive Integrated Security and Network Ops Center

Cloud Security Essentials 2.0 at RSA

Cloud Security Essentials 2.0 at RSA

Cloud Security Essentials 2.0 at RSA

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

Practical Approaches to Cloud Native Security

Practical Approaches to Cloud Native Security

Practical Approaches to Cloud Native Security

Karthik Gaekwad

This session will explore how we can leverage containers, network/endpoint virtualization technologies and virtualized security instrumentation, concurrently, to transformationally improve security visibility, security analytics, system resilience and actionable context, greatly increasing our ability to attest that systems will be secure and compliant in any state into which they may be driven. (Source: RSA USA 2016-San Francisco)

Transforming Security: Containers, Virtualization and Softwarization

Transforming Security: Containers, Virtualization and Softwarization

Transforming Security: Containers, Virtualization and Softwarization

TLS Certificates on the Web – The Good, The Bad and The Ugly

TLS Certificates on the Web – The Good, The Bad and The Ugly

TLS Certificates on the Web – The Good, The Bad and The Ugly

Living BeyondCorp comes with its own challenges. This talk will dive into how Duo gets our hands around difficult problems regarding the security and management of cloud services and endpoints internally. This session will cover technical details of our security orchestration and automation approach, cloud service monitoring, and chatops-driven endpoint application whitelisting strategies. (Source: RSA Conference USA 2018)

Corpsec: “What Happened to Corpses A and B?”

Corpsec: “What Happened to Corpses A and B?”

Corpsec: “What Happened to Corpses A and B?”

DevOps toolchains are transforming modern IT, but hackers can undermine their benefits through poorly implemented or vulnerable DevOps tools. Chris Gates and Ken Johnson will share their collaborative attack research into the technology driving DevOps. They will share an attacker's perspective on exploiting DevOps organizations and the countermeasures these organizations should employ. RSAC 2017 Ken Johnson & Chris Gates

DevOOPS: Attacks and Defenses for DevOps Toolchains

DevOOPS: Attacks and Defenses for DevOps Toolchains

DevOOPS: Attacks and Defenses for DevOps Toolchains

Smart Megalopolises. How Safe and Reliable Is Your Data?

Smart Megalopolises. How Safe and Reliable Is Your Data?

Smart Megalopolises. How Safe and Reliable Is Your Data?

Many companies establish their Secure Development Lifecycle. The adoption of it crucial especially for corporations with dozens of applications. The main challenges they face are the diversity of architecture, dev languages, methodologies, compliance, regulations, etc. This talk will shed light on scaling up and out the application security capabilities and maximizing the software security maturity. (Source : RSA Conference USA 2017)

Securing 100 products - How hard can it be?

Securing 100 products - How hard can it be?

Securing 100 products - How hard can it be?

Fighting malware - keeping your Intellectual Property safe

Fighting malware - keeping your Intellectual Property safe

Fighting malware - keeping your Intellectual Property safe

Professional drones are now actively used across various industries to perform daily critical operations. In this awareness session, Nils Rodday will perform a live hack which exploits vulnerabilities of the professional drone and effectively compromises the security of the system to take over control. His session will also discuss practical fixes and approaches for remediating these issues. (Source: RSA USA 2016-San Francisco)

Hacking a Professional Drone

Hacking a Professional Drone

Hacking a Professional Drone

Conventional wisdom tells us to use two-factor authentication—and it does help to improve security. But the best way to reduce user-friction is to never require a person to authenticate. This talk will provide a modern solution to reconcile these two divergent imperatives by leveraging standard profiles of OAuth2 for “trust elevation.” Its not just the front door that needs protection! (Source: RSA USA 2016-San Francisco)

DON'T Use Two-Factor Authentication...Unless You Need It!

DON'T Use Two-Factor Authentication...Unless You Need It!

DON'T Use Two-Factor Authentication...Unless You Need It!

A Pragmatic Union: Security and SRE

A Pragmatic Union: Security and SRE

A Pragmatic Union: Security and SRE

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA 2017 APJ DevSecOps Fabian Slides

RSA 2017 APJ DevSecOps Fabian Slides

RSA 2017 APJ DevSecOps Fabian Slides

The dramatic rise in malicious code designed to evade detection, specifically from network sandboxes, caused industry analysts to suggest the deployment of multiple network sandboxes for the same network. Learn how to maximize protection from advanced persistent threats by using multiple security engines within the same sandbox and best practices to stop advanced malware including ransomware. (Source: RSA Conference USA 2017)

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

We-built-a-honeypot-and-p4wned-ransomware-developers-too

We-built-a-honeypot-and-p4wned-ransomware-developers-too

We-built-a-honeypot-and-p4wned-ransomware-developers-too

Christiaan Beek

Blockchains have attracted overwhelming global interest within the governments and businesses, with applications in key industries, such as finance, insurance, logistics, energy and transportation. The blockchain technology is foreseen as a key component of future smart cities and companies by enhancing the security, data management and process automation. However, there is still a number of challenges on multiple stages that need to be solved prior to substantial adoption of blockchain technology in the enterprise, starting from scalability and manageability of blockchain networks up to integration, privacy and compliance issues. These and other challenges are discussed in the talk, together with existing and future approaches to solve them.

Challenges of Blockchain Technology for the Enterprise

Challenges of Blockchain Technology for the Enterprise

Challenges of Blockchain Technology for the Enterprise

DevSecOps brings security to the DevOps party and it is completely changing the security playbook. This talk will cover 10 practices and patterns we have implemented that bring DevSecOps value to everyone involved. This talk will be loaded with examples that will be usable for developers, security and operations teams and you can take home next week to put into practice. Shannon Lietz, Intuit James WIckett, Signal Sciences RSA Conference 2019

Release Your Inner DevSecOp

Release Your Inner DevSecOp

Release Your Inner DevSecOp

Similar to Securing serverless applications in the cloud (20)

Building a World-Class Proactive Integrated Security and Network Ops Center

Building a World-Class Proactive Integrated Security and Network Ops Center

Building a World-Class Proactive Integrated Security and Network Ops Center

Cloud Security Essentials 2.0 at RSA

Cloud Security Essentials 2.0 at RSA

Cloud Security Essentials 2.0 at RSA

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

CLOUD SECURITY ESSENTIALS 2.0 Full Stack Hacking & Recovery

Practical Approaches to Cloud Native Security

Practical Approaches to Cloud Native Security

Practical Approaches to Cloud Native Security

Transforming Security: Containers, Virtualization and Softwarization

Transforming Security: Containers, Virtualization and Softwarization

Transforming Security: Containers, Virtualization and Softwarization

TLS Certificates on the Web – The Good, The Bad and The Ugly

TLS Certificates on the Web – The Good, The Bad and The Ugly

TLS Certificates on the Web – The Good, The Bad and The Ugly

Corpsec: “What Happened to Corpses A and B?”

Corpsec: “What Happened to Corpses A and B?”

Corpsec: “What Happened to Corpses A and B?”

DevOOPS: Attacks and Defenses for DevOps Toolchains

DevOOPS: Attacks and Defenses for DevOps Toolchains

DevOOPS: Attacks and Defenses for DevOps Toolchains

Smart Megalopolises. How Safe and Reliable Is Your Data?

Smart Megalopolises. How Safe and Reliable Is Your Data?

Smart Megalopolises. How Safe and Reliable Is Your Data?

Securing 100 products - How hard can it be?

Securing 100 products - How hard can it be?

Securing 100 products - How hard can it be?

Fighting malware - keeping your Intellectual Property safe

Fighting malware - keeping your Intellectual Property safe

Fighting malware - keeping your Intellectual Property safe

Hacking a Professional Drone

Hacking a Professional Drone

Hacking a Professional Drone

DON'T Use Two-Factor Authentication...Unless You Need It!

DON'T Use Two-Factor Authentication...Unless You Need It!

DON'T Use Two-Factor Authentication...Unless You Need It!

A Pragmatic Union: Security and SRE

A Pragmatic Union: Security and SRE

A Pragmatic Union: Security and SRE

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA Conference 2016: Don't Use Two-Factor Authentication... Unless You Need It!

RSA 2017 APJ DevSecOps Fabian Slides

RSA 2017 APJ DevSecOps Fabian Slides

RSA 2017 APJ DevSecOps Fabian Slides

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection

We-built-a-honeypot-and-p4wned-ransomware-developers-too

We-built-a-honeypot-and-p4wned-ransomware-developers-too

We-built-a-honeypot-and-p4wned-ransomware-developers-too

Challenges of Blockchain Technology for the Enterprise

Challenges of Blockchain Technology for the Enterprise

Challenges of Blockchain Technology for the Enterprise

Release Your Inner DevSecOp

Release Your Inner DevSecOp

Release Your Inner DevSecOp

More from Priyanka Aash

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Verizon Breach Investigation Report (VBIR).pdf

Verizon Breach Investigation Report (VBIR).pdf

Verizon Breach Investigation Report (VBIR).pdf

Top 10 Security Risks .pptx.pdf

Top 10 Security Risks .pptx.pdf

Top 10 Security Risks .pptx.pdf

Simplifying data privacy and protection.pdf

Simplifying data privacy and protection.pdf

Simplifying data privacy and protection.pdf

Generative AI and Security (1).pptx.pdf

Generative AI and Security (1).pptx.pdf

Generative AI and Security (1).pptx.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

DPDP Act 2023.pdf

DPDP Act 2023.pdf

DPDP Act 2023.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Crisis Management.pdf

Cyber Crisis Management.pdf

Cyber Crisis Management.pdf

CISOPlatform journey.pptx.pdf

CISOPlatform journey.pptx.pdf

CISOPlatform journey.pptx.pdf

Chennai Chapter.pptx.pdf

Chennai Chapter.pptx.pdf

Chennai Chapter.pptx.pdf

Cloud attack vectors_Moshe.pdf

Cloud attack vectors_Moshe.pdf

Cloud attack vectors_Moshe.pdf

Stories From The Web 3 Battlefield

Stories From The Web 3 Battlefield

Stories From The Web 3 Battlefield

Lessons Learned From Ransomware Attacks

Lessons Learned From Ransomware Attacks

Lessons Learned From Ransomware Attacks

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Cloud Security Groups are the firewalls of the cloud. They are built-in and provide basic access control functionality as part of the shared responsibility model. However, Cloud Security Groups do not provide the same protection or functionality that enterprises have come to expect with on-premises deployments. In this talk we will discuss the top cloud risks in 2020, why perimeters are a concept of the past and how in the world of no perimitiers do Cloud Security groups, the "Cloud FIrewalls", fit it. We will practically explore Cloud Security Group limitations across different cloud setups from a single vNet to multi-cloud

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Most organizations have good enterprise-level security policies that define their approach to maintaining, improving, and securing their information and information systems. However, once the policies are signed by senior leadership and distributed throughout the organization, significant cybersecurity governance challenges remain. In this workshop I will explain the transforming organizational security to strengthen defenses and integrate cybersecurity with the overall approach toward security governance, risk management and compliance.

Cyber Security Governance

Cyber Security Governance

Cyber Security Governance

The Internet is home to seemingly infinite amounts of confidential and personal information. As a result of this mass storage of information, the system needs to be constantly updated and enforced to prevent hackers from retrieving such valuable and sensitive data. This increasing number of cyber-attacks has led to an increasing importance of Ethical Hacking. So Ethical hackers' job is to scan vulnerabilities and to find potential threats on a computer or networks. An ethical hacker finds the weakness or loopholes in a computer, web applications or network and reports them to the organization. It requires a thorough knowledge of Networks, web servers, computer viruses, SQL (Structured Query Language), cryptography, penetration testing, Attacks etc. In this session, you will learn all about ethical hacking. You will understand the what ethical hacking, Cyber- attacks, Tools and some hands-on demos. This session will also guide you with the various ethical hacking certifications available today.

Ethical Hacking

Ethical Hacking

Ethical Hacking

More from Priyanka Aash (20)

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Digital Personal Data Protection (DPDP) Practical Approach For CISOs

Verizon Breach Investigation Report (VBIR).pdf

Verizon Breach Investigation Report (VBIR).pdf

Verizon Breach Investigation Report (VBIR).pdf

Top 10 Security Risks .pptx.pdf

Top 10 Security Risks .pptx.pdf

Top 10 Security Risks .pptx.pdf

Simplifying data privacy and protection.pdf

Simplifying data privacy and protection.pdf

Simplifying data privacy and protection.pdf

Generative AI and Security (1).pptx.pdf

Generative AI and Security (1).pptx.pdf

Generative AI and Security (1).pptx.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

EVERY ATTACK INVOLVES EXPLOITATION OF A WEAKNESS.pdf

DPDP Act 2023.pdf

DPDP Act 2023.pdf

DPDP Act 2023.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Truths_Are you Prepared version 1.1.pptx.pdf

Cyber Crisis Management.pdf

Cyber Crisis Management.pdf

Cyber Crisis Management.pdf

CISOPlatform journey.pptx.pdf

CISOPlatform journey.pptx.pdf

CISOPlatform journey.pptx.pdf

Chennai Chapter.pptx.pdf

Chennai Chapter.pptx.pdf

Chennai Chapter.pptx.pdf

Cloud attack vectors_Moshe.pdf

Cloud attack vectors_Moshe.pdf

Cloud attack vectors_Moshe.pdf

Stories From The Web 3 Battlefield

Stories From The Web 3 Battlefield

Stories From The Web 3 Battlefield

Lessons Learned From Ransomware Attacks

Lessons Learned From Ransomware Attacks

Lessons Learned From Ransomware Attacks

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Chennai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities In 2022 (Mumbai)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Emerging New Threats And Top CISO Priorities in 2022 (Bangalore)

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Cloud Security: Limitations of Cloud Security Groups and Flow Logs

Cyber Security Governance

Cyber Security Governance

Cyber Security Governance

Ethical Hacking

Ethical Hacking

Ethical Hacking

Recently uploaded

This presentation dives into the practical applications of machine learning within Google's operations, providing a comprehensive overview of how to leverage AI technologies to solve real-world business challenges. Key Points Covered: - Introduction to Machine Learning at Google: Discussion on the role of ML and its evolution in enhancing Google's operational efficiency. - Experience Sharing: Insights into the team's long-term engagement with machine learning projects and the impacts on Google’s operational strategies. - Practical Applications: Real-world examples of ML applications within Google’s daily operations, providing a blueprint to adapt similar strategies. - Challenges and Solutions: Discussion on the challenges faced during the implementation of ML projects and the strategic solutions employed to overcome them. - Future of ML at Google: Insights into future trends in machine learning at Google and how they plan to continue integrating AI into their ecosystem.

Strategic AI Integration in Engineering Teams

Strategic AI Integration in Engineering Teams

Strategic AI Integration in Engineering Teams

ScyllaDB has the potential to deliver impressive performance and scalability. The better you understand how it works, the more you can squeeze out of it. But before you squeeze, make sure you know what to monitor! Watch our experienced Postgres developer work through monitoring and performance strategies that help him understand what mistakes he’s made moving to NoSQL. And learn with him as our database performance expert offers friendly guidance on how to use monitoring and performance tuning to get his sample Rust application on the right track. This webinar focuses on using monitoring and performance tuning to discover and correct mistakes that commonly occur when developers move from SQL to NoSQL. For example: - Common issues getting up and running with the monitoring stack - Using the CQL optimizations dashboard - Common issues causing high latency in a node - Common issues causing replica imbalance - What a healthy system looks like in terms of memory - Key metrics to keep an eye on This isn’t “Death-by-Powerpoint.” We’ll walk through problems encountered while migrating a real application from Postgres to ScyllaDB – and try to fix them live as well.

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Explore the core of Salesforce success in 'Salesforce Adoption – Metrics, Methods, and Motivation.' We will discuss essential metrics, effective methods to drive adoption, and the driving force behind user engagement and explore strategies for onboarding, training, and continuous support that empower users to navigate the platform seamlessly. By leveraging these tools, you can effectively measure adoption against your company’s goals and create an environment where users not only adopt Salesforce but actively contribute to its ongoing success.

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Welcome to UiPath Test Automation using UiPath Test Suite series part 2. In this session, we will cover API test automation along with a web automation demo. Topics covered: Test Automation introduction API Example of API automation Web automation demonstration Speaker Pathrudu Chintakayala, Associate Technical Architect @Yash and UiPath MVP Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

We're living the AI revolution and Salesforce is adapting and bring new value to their customers. Einstein products are evolving rapidly and navigating their limitations, language support, and use cases can be challenging. Let's make review of what Einstein product are available currently, what are the capabilities and what can be used for in CEE region and how Rossie.ai can help to learn Salesforce speak Czech. We will explore the Einstein roadmap and I will make a short live demo (based on your vote) of some Einstein feature.

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

Screen flow is a powerful automation tool that is commonly designed for internal and external users. However, what about the guest users? We will dive into various methods of launching screen flows and understand how to make them publicly accessible, extending their usability to a broader audience. The presentation will also cover the implementation of security layers and highlight best practices for a smooth and protected user experience. Discover the potential of screen flows beyond conventional use and learn how to leverage them effectively.

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

I have heard many times that architecture is not important for the front-end. Also, many times I have seen how developers implement features on the front-end just following the standard rules for a framework and think that this is enough to successfully launch the project, and then the project fails. How to prevent this and what approach to choose? I have launched dozens of complex projects and during the talk we will analyze which approaches have worked for me and which have not.

"Impact of front-end architecture on development cost", Viktor Turskyi

"Impact of front-end architecture on development cost", Viktor Turskyi

"Impact of front-end architecture on development cost", Viktor Turskyi

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

This talk offers actionable insights at an executive level for enhancing productivity and refining your portfolio management approach to propel your organization to greater heights. Key Points Covered: 1. Experience Transformation: - The core challenge remains consistent across organizations: converting budget into user-centric designs. - Strategies for deploying design resources effectively in both startups and large enterprises. 2. Strategic Frameworks: - Introduction to the "Ziggurat of Impact" model, detailing layers from basic system interactions to comprehensive customer experiences. - Practical insights on creating frameworks that scale with organizational complexity. 3. Organizational Impact: - Real-world examples of navigating design in large settings, focusing on the synthesis of consumer products and customer experiences. - Emphasis on the importance of designing systems that directly influence customer interactions. 4. Design Execution: - Detailed walkthrough of organizational layers affecting design execution, from touchpoints and customer activities to shared capabilities. - How to ensure design influences both the micro and macro aspects of customer interactions. 5. Measurement and Adaptation: - Techniques for measuring the impact of design decisions and adapting strategies based on data-driven insights. - The critical role of continuous improvement and feedback in refining customer experiences.

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

The New York Times continues to lead in user-centered design by innovating and adapting to enhance both user engagement and understanding, aligning product experiences with its journalistic mission. This presentation discusses innovative strategies in user experience at The New York Times, focusing on subscriber experiences and storytelling. Key Points Covered: - Mission-Driven Design: Emphasizing the Times' mission to "seek the truth and help people understand the world," the design team prioritizes clarity and engagement to support high-quality journalism. - UX Design Principles: The team follows five core UX tenets—clarity, time optimization, craftsmanship, accessibility, and trust—to maintain a strong focus on user-centric design. - Innovative Design Strategies: Product Feature Advancement, Editorial Expression, Long-term Visioning - Integrating Diverse Content: Examples include the successful integration of popular games like Wordle, which not only entertain but also attract and retain a diverse user base.

Transforming The New York Times: Empowering Evolution through UX

Transforming The New York Times: Empowering Evolution through UX

Transforming The New York Times: Empowering Evolution through UX

Knowledge engineering: from people to machines and back

Knowledge engineering: from people to machines and back

Knowledge engineering: from people to machines and back

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

The standard Salesforce Approval process can be limiting in many ways, especially in complex scenarios. What if there was a way to implement very flexible approvals where one can use Apex code to make data updates in unrelated records, dynamically generate next steps details, and compute assignees on the fly? And still use UI-based configurations to implement concrete approval processes. In this session, we will share ideas behind such a solution and show a few lines of code to get you started.

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Enterprise Security Monitoring, And Log Management.

Enterprise Security Monitoring, And Log Management.

Enterprise Security Monitoring, And Log Management.

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

I'm excited to share my latest predictions on how AI, robotics, and other technological advancements will reshape industries in the coming years. The slides explore the exponential growth of computational power, the future of AI and robotics, and their profound impact on various sectors. Why this matters: The success of new products and investments hinges on precise timing and foresight into emerging categories. This deck equips founders, VCs, and industry leaders with insights to align future products with upcoming tech developments. These insights enhance the ability to forecast industry trends, improve market timing, and predict competitor actions. Highlights: ▪ Exponential Growth in Compute: How $1000 will soon buy the computational power of a human brain ▪ Scaling of AI Models: The journey towards beyond human-scale models and intelligent edge computing ▪ Transformative Technologies: From advanced robotics and brain interfaces to automated healthcare and beyond ▪ Future of Work: How automation will redefine jobs and economic structures by 2040 With so many predictions presented here, some will inevitably be wrong or mistimed, especially with potential external disruptions. For instance, a conflict in Taiwan could severely impact global semiconductor production, affecting compute costs and related advancements. Nonetheless, these slides are intended to guide intuition on future technological trends.

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Peter Udo Diehl

You’ve heard good data matters in Machine Learning, but does it matter for Generative AI applications? Corporate data often differs significantly from the general Internet data used to train most foundation models. Join me for a demo on building an open source RAG (Retrieval Augmented Generation) stack using Milvus vector database for Retrieval, LangChain, Llama 3 with Ollama, Ragas RAG Eval, and optional Zilliz cloud, OpenAI.

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Recently uploaded (20)

Strategic AI Integration in Engineering Teams

Strategic AI Integration in Engineering Teams

Strategic AI Integration in Engineering Teams

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Optimizing NoSQL Performance Through Observability

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

Salesforce Adoption – Metrics, Methods, and Motivation, Antone Kom

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

UiPath Test Automation using UiPath Test Suite series, part 2

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

AI presentation and introduction - Retrieval Augmented Generation RAG 101

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

AI revolution and Salesforce, Jiří Karpíšek

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

Free and Effective: Making Flows Publicly Accessible, Yumi Ibrahimzade

"Impact of front-end architecture on development cost", Viktor Turskyi

"Impact of front-end architecture on development cost", Viktor Turskyi

"Impact of front-end architecture on development cost", Viktor Turskyi

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Structuring Teams and Portfolios for Success

Transforming The New York Times: Empowering Evolution through UX

Transforming The New York Times: Empowering Evolution through UX

Transforming The New York Times: Empowering Evolution through UX

Knowledge engineering: from people to machines and back

Knowledge engineering: from people to machines and back

Knowledge engineering: from people to machines and back

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder

Enterprise Security Monitoring, And Log Management.

Enterprise Security Monitoring, And Log Management.

Enterprise Security Monitoring, And Log Management.

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

WSO2CONMay2024OpenSourceConferenceDebrief.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Introduction to Open Source RAG and RAG Evaluation

Securing serverless applications in the cloud

1. SESSION ID:SESSION ID: #RSAC Mark Nunnikhoven Securing Serverless Applications In The Cloud CSV-R02 Vice President, Cloud Research Trend Micro @marknca

9. #RSAC 9 Microservices

95. #RSAC Here’s How To Apply What You’ve Learned Today 95 Next week you should: Map out the data and services used in your serverless designs Line up those data:service pairings with data sensitivity Within 3 months you should: Have a handle on the quality of your code & be working to improve it Understand the level of risk and trust of your 3rd party services Within 6 months you should: Have a unified monitoring event stream in place Start to create automated responses to specific issues & events

96. #RSAC 96 Mark Nunnikhoven @marknca Questions? Thank you!