Nishant Kaushik, Chief Architect, Identropy
Stress and nervous tension are now serious social problems in all parts of the Galaxy, and it is in order that this situation should not be in any way exacerbated that I will reveal in advance that the answer is No. But Identity is the New Perimeter and the Great Enabler of Next. Establishing that big bold idea, this session will lay out what we mean by Identity, and how attributes, relationships, identifiers, entitlements and the notion of Context fit into the ever-expanding branches of identity management like lifecycle management, provisioning, verification, compliance and federation.
Intralinks Uses Hybrid Computing to Blaze a Compliance Trail Across the Regul...Dana Gardner
Transcript of a sponsored discussion on how regulations around data sovereignty are forcing enterprises to consider new approaches to data, intellectual property, and cloud collaboration services.
CIS14: Identity at Scale: Building from the Ground UpCloudIDSummit
Anthony Randall, Monsanto
A discussion of the concept of large-scale engineering of millions of customer identities combined with many applications and partners, identity information engineering, and thoughts about how to better to mesh the internal IT landscape to improve identity services, user support and user experience.
CIS14: Spinning New Threads with Existing Identity SystemsCloudIDSummit
Mike Neuenschwander, iC Consult Americas
A comparison of use cases for identity in cloud and enterprise deployments, with ideas on how to intertwine enterprise and cloud identity systems in the emerging cloud fabric.
CIS14: Bringing Crypto Back: Web Authentication without Bearer TokensCloudIDSummit
Dirk Balfanz and Adam Dawes, Google
A discussion of two efforts at Google, both designed to incrementally add public-key cryptography to existing authentication mechanisms—one aimed at cookies, and one aimed at passwords—that offer the security of public-key-based challenge-response protocols without getting rid of cookies or passwords.
CIS14: PingOne IDaaS: What You Need to KnowCloudIDSummit
Ian Jaffe, Ping Identity
How to manage identities, how you can get a jump start for the identity revolution, and how to do it all using your existing infrastructure without having a duplicate identity in the cloud, using PingOne.
CIS14: Handling Identity in AllJoyn 14.06CloudIDSummit
Tim Kellogg, 2lemetry
How to use the consumer-facing Internet of Things framework and open-source project called AllJoyn, which takes care of
many aspects surrounding heterogeneous ecosystems of devices, with an understanding of security and identity features and implications.
Intralinks Uses Hybrid Computing to Blaze a Compliance Trail Across the Regul...Dana Gardner
Transcript of a sponsored discussion on how regulations around data sovereignty are forcing enterprises to consider new approaches to data, intellectual property, and cloud collaboration services.
CIS14: Identity at Scale: Building from the Ground UpCloudIDSummit
Anthony Randall, Monsanto
A discussion of the concept of large-scale engineering of millions of customer identities combined with many applications and partners, identity information engineering, and thoughts about how to better to mesh the internal IT landscape to improve identity services, user support and user experience.
CIS14: Spinning New Threads with Existing Identity SystemsCloudIDSummit
Mike Neuenschwander, iC Consult Americas
A comparison of use cases for identity in cloud and enterprise deployments, with ideas on how to intertwine enterprise and cloud identity systems in the emerging cloud fabric.
CIS14: Bringing Crypto Back: Web Authentication without Bearer TokensCloudIDSummit
Dirk Balfanz and Adam Dawes, Google
A discussion of two efforts at Google, both designed to incrementally add public-key cryptography to existing authentication mechanisms—one aimed at cookies, and one aimed at passwords—that offer the security of public-key-based challenge-response protocols without getting rid of cookies or passwords.
CIS14: PingOne IDaaS: What You Need to KnowCloudIDSummit
Ian Jaffe, Ping Identity
How to manage identities, how you can get a jump start for the identity revolution, and how to do it all using your existing infrastructure without having a duplicate identity in the cloud, using PingOne.
CIS14: Handling Identity in AllJoyn 14.06CloudIDSummit
Tim Kellogg, 2lemetry
How to use the consumer-facing Internet of Things framework and open-source project called AllJoyn, which takes care of
many aspects surrounding heterogeneous ecosystems of devices, with an understanding of security and identity features and implications.
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...CloudIDSummit
Wendy Nather, Research Director, Enterprise Security Practice, 451 Research
At first, "identities" just meant employees, and then they meant customers and partners. Then the cloud came along, and all hell broke loose.
But it's always been a lot more complicated in government due to the intersection of roles, context, legal requirements, public information and privacy rights, and a dynamic environment. This is a real-life case study of the migration from a custom-written, ten year old, single sign-on portal with around 60 applications, to a COTS IAM product. Thirty minutes can't do it justice, but it'll be enough to bring some of the pain.
CIS13: Identity Tech Overview: Less Pain, More GainCloudIDSummit
Tim Bray, Developer Advocate, Google
Identity is tricky, and the penalties for getting it wrong are severe. Good news: technologies are surfacing that reduce developer pain while improving user experience. This talk highlights those technologies and introduces a framework, starting from your unique combination of constraints, users and platforms, to help you figure out which technologies and policies will work for you.
CIS14: Authorization: It's What's for DessertCloudIDSummit
Gil Kirkpatrick, ViewDS
The basic concepts of authorization, the
continuum of “graininess” of access,
various authorization architectures, and
the advantages of controlling authorization
with some sort of policy mechanism, along
with discussion of the modern authorization
protocols XACML and OAuth2 and how you can
use them in your environment.
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
Stephen Wilson, Constellation Research, Inc.
Presentation tracing the phylomemetic tree of authentication
and providing new insights into the interoperability of identities and attributes
CIS14: Authentication: Who are You? You are What You EatCloudIDSummit
Dale Olds, VMware
A pinch of authentication theory and methods, a taste of the sweet and the bitter of the much maligned password, and then larger portions of federated authentication protocols from
SAML to OpenID Connect, clearing up along the way some confusion between federated authentication and tokens used for delegated authorization.
CIS14: Best Practices You Must Apply to Secure Your APIsCloudIDSummit
Scott Morrison, CA Technologies
Good practices to put in place and the common security antipatterns you must avoid to ensure your company’s APIs are reliable, safe and secure; includes top ways hackers exploit APIs in the wild, common identity pitfalls and how to avoid them, why OAuth scopes are essential to master, and how to keep web developers from bringing bad habits with them.
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...CloudIDSummit
Rowland Nicholson, Caterpillar, Inc.
Case study of how Caterpillar used identity virtualization to aggregate, correlate and remap identities to create virtual views, enabling each application to have the required identity information on demand.
CIS14: Early Peek at PingFederate Administrative REST APICloudIDSummit
John DaSilva, Ping Identity
Scott Tomilson, Ping Identity
Demonstration of the REST API for automating
PingFederate configuration tasks, providing a
close-up look at what is there now and maybe
even a peek into what is coming
CIS13: APIs, Identity, and Securing the EnterpriseCloudIDSummit
Bradford Stephens, Developer Evangelist, Ping Identity
APIs are the glue of the web, and Enterprise APIs are driving innovation inside and out of the cloud. Now that information is being shared more freely, how can we secure those APIs? Data silos are falling across the enterprise and needs for interoperability are rising -- but how do you manage access in a de-siloed world? This talk will mix best practices and real-world examples for examining how to secure your APIs.
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
Rajiv Dholakia, Nok Nok Labs
Basics of how FIDO protocols work, how they fit into the broader identity ecosystem, the benefits of the design and the state of implementation/deployment in the market; appropriate for both technical and non-technical individuals, giving orientation before diving into the details of the specific FIDO protocols.
CIS14: Physical and Logical Access Control ConvergenceCloudIDSummit
Karyn Higa-Smith,
DHS Science and Technology Directorate
Presentation including a brief demonstration of what is currently going live in a building in Washington, DC, for logical access for hundreds of users with smart cards, using XACML, an OASIS standard to communication between PACS and LACS.
What is ? Modern business questions 2014Exo Futures
What is:
- Important
- Innovation
-- Is it only technology innovation?
- Entrepreneurship
- Money
- Cloud
-- Is it more than the internet?
- Mobility
- Big data
- Business Model
CIS13: The Good, The Bad, and the Government: Wrangling Attributes in the Sta...CloudIDSummit
Wendy Nather, Research Director, Enterprise Security Practice, 451 Research
At first, "identities" just meant employees, and then they meant customers and partners. Then the cloud came along, and all hell broke loose.
But it's always been a lot more complicated in government due to the intersection of roles, context, legal requirements, public information and privacy rights, and a dynamic environment. This is a real-life case study of the migration from a custom-written, ten year old, single sign-on portal with around 60 applications, to a COTS IAM product. Thirty minutes can't do it justice, but it'll be enough to bring some of the pain.
CIS13: Identity Tech Overview: Less Pain, More GainCloudIDSummit
Tim Bray, Developer Advocate, Google
Identity is tricky, and the penalties for getting it wrong are severe. Good news: technologies are surfacing that reduce developer pain while improving user experience. This talk highlights those technologies and introduces a framework, starting from your unique combination of constraints, users and platforms, to help you figure out which technologies and policies will work for you.
CIS14: Authorization: It's What's for DessertCloudIDSummit
Gil Kirkpatrick, ViewDS
The basic concepts of authorization, the
continuum of “graininess” of access,
various authorization architectures, and
the advantages of controlling authorization
with some sort of policy mechanism, along
with discussion of the modern authorization
protocols XACML and OAuth2 and how you can
use them in your environment.
CIS14: Authentication Family Tree (1.1.1 annotated) - Steve WilsonCloudIDSummit
Stephen Wilson, Constellation Research, Inc.
Presentation tracing the phylomemetic tree of authentication
and providing new insights into the interoperability of identities and attributes
CIS14: Authentication: Who are You? You are What You EatCloudIDSummit
Dale Olds, VMware
A pinch of authentication theory and methods, a taste of the sweet and the bitter of the much maligned password, and then larger portions of federated authentication protocols from
SAML to OpenID Connect, clearing up along the way some confusion between federated authentication and tokens used for delegated authorization.
CIS14: Best Practices You Must Apply to Secure Your APIsCloudIDSummit
Scott Morrison, CA Technologies
Good practices to put in place and the common security antipatterns you must avoid to ensure your company’s APIs are reliable, safe and secure; includes top ways hackers exploit APIs in the wild, common identity pitfalls and how to avoid them, why OAuth scopes are essential to master, and how to keep web developers from bringing bad habits with them.
CIS14: Case Study: Using a Federated Identity Service for Faster Application ...CloudIDSummit
Rowland Nicholson, Caterpillar, Inc.
Case study of how Caterpillar used identity virtualization to aggregate, correlate and remap identities to create virtual views, enabling each application to have the required identity information on demand.
CIS14: Early Peek at PingFederate Administrative REST APICloudIDSummit
John DaSilva, Ping Identity
Scott Tomilson, Ping Identity
Demonstration of the REST API for automating
PingFederate configuration tasks, providing a
close-up look at what is there now and maybe
even a peek into what is coming
CIS13: APIs, Identity, and Securing the EnterpriseCloudIDSummit
Bradford Stephens, Developer Evangelist, Ping Identity
APIs are the glue of the web, and Enterprise APIs are driving innovation inside and out of the cloud. Now that information is being shared more freely, how can we secure those APIs? Data silos are falling across the enterprise and needs for interoperability are rising -- but how do you manage access in a de-siloed world? This talk will mix best practices and real-world examples for examining how to secure your APIs.
CIS14: FIDO 101 (What, Why and Wherefore of FIDO)CloudIDSummit
Rajiv Dholakia, Nok Nok Labs
Basics of how FIDO protocols work, how they fit into the broader identity ecosystem, the benefits of the design and the state of implementation/deployment in the market; appropriate for both technical and non-technical individuals, giving orientation before diving into the details of the specific FIDO protocols.
CIS14: Physical and Logical Access Control ConvergenceCloudIDSummit
Karyn Higa-Smith,
DHS Science and Technology Directorate
Presentation including a brief demonstration of what is currently going live in a building in Washington, DC, for logical access for hundreds of users with smart cards, using XACML, an OASIS standard to communication between PACS and LACS.
What is ? Modern business questions 2014Exo Futures
What is:
- Important
- Innovation
-- Is it only technology innovation?
- Entrepreneurship
- Money
- Cloud
-- Is it more than the internet?
- Mobility
- Big data
- Business Model
Digital Transformation and Innovation on http://denreymer.com
- Merging the Real World and the Virtual World
- Intelligence Everywhere
- The New IT Reality Emerges
http://www.gartner.com//it/content/2940400/2940420/january_15_top_10_technology_trends_2015_dcearley.pdf
A set of slides used to support a discussion at the Center for Design Research at Stanford University. Trying to move Design Thinking to DT2.0 so that it is fit for the next phase of development. Time to move from just doing "empathy" to a more system wide approach now that the IIOT/IND4.0 is really here and we have people, equipment, devices and processes all working (or not) together.
Self-Sovereign Identity technology has enormous potential to empower individuals and address privacy challenges globally. It uses shared ledgers (blockchain) to give individuals the power to create and manage their own identifiers, collect verified claims and interact with others on the network on their terms. This lighting talk by one of the pioneers working on this new emerging layer of the internet for 15 years will give a high level picture of how it works covering the core standards and technologies along with outlining some potential use-cases.
DevSecCon London 2018: How to fit threat modelling into agile development: sl...DevSecCon
IRENE MICHLIN, workshop
The earlier in the lifecycle you pay attention to security, the better are the outcomes. Threat modelling is one of the best techniques for improving the security of your software. It is a structured method for identifying weaknesses on design level. However, people who want to introduce it into their work on existing codebase often face time pressure and very rarely can a company afford “security push”, where all new development stops for a while in order to focus on security. Incremental threat modelling that concentrates on current additions and modifications can be time-boxed to fit the tightest of agile life-cycles and still deliver security benefits. Full disclosure is necessary at this point – threat modelling is not the same as adding tests to the ball of mud codebase and eventually getting decent test coverage. You will not be able to get away with doing just incremental modelling, without tackling the whole picture at some point. But the good news are you will approach this point with more mature skills from getting the practice, and you will get a better overall model with less time spent than if you tried to build it upfront. We will cover the technique of incremental threat modelling, and then the workshop will split into several teams, each one modelling an addition of a new feature to a realistic architecture. The participants will learn how to find the threats relevant to the feature while keeping the activity focused (i.e. not trying to boil an ocean). This session targets mainly developers, qa engineers, and architects, but will be also beneficial for scrum masters and product owners.
Some people use the terms "e-business" and "e-commerce" interchangeably. After all, they both involve business processes conducted electronically -- quite likely on the Internet. Others view e-commerce to be a subset of e-business.
Reducing Tickets and Crushing SLAs with StatusPageAtlassian
Downtime is a fact of life, and can be a great competitive advantage for your company and your customers if you handle it well. By keeping customers and employees informed during downtime, you can build trust and cut support costs.
Join Scott, co-founder of StatusPage, for a history of the company and its recent acquisition by Atlassian. We'll cover StatusPage best practices we've learned along the way, and tips for implementing a great StatusPage experience for you and your customers.
Products covered:
StatusPage
AI And IOT Processor Operation Business Technology Information FinanceSlideTeam
"You can download this product from SlideTeam.net"
This complete deck can be used to present to your team. It has PPT slides on various topics highlighting all the core areas of your business needs. This complete deck focuses on AI And IOT Processor Operation Business Technology Information Finance and has professionally designed templates with suitable visuals and appropriate content. This deck consists of total of thirteen slides. All the slides are completely customizable for your convenience. You can change the colour, text and font size of these templates. You can add or delete the content if needed. Get access to this professionally designed complete presentation by clicking the download button below. https://bit.ly/34DxC1w
How to Stay on Top of Users' Identities and their Access RightsIvanti
With the widespread adoption of cloud services and mobile devices, today’s modern IT environment has experienced rapid change. Your users now need access to dozens of applications to do their jobs from day one. Onboarding users has become more complex and time-consuming for IT, especially if undertaken manually. And when users leave or change roles, deprovisioning access to applications is often last on the list of tasks or slips through cracks completely.
How do you give an increasingly diverse and mobile group of users, access to the applications they need and stop them circumnavigating IT to get what they want? To keep your users productive, the best solution is a policy-driven identity and access management (IAM) system to ensure they are accurately identified from day one and to automatically remove access when a user leaves. By providing access to only the systems, applications and data your users need you also reduce the attack vector, common when users have more entitlement than required.
Top 6 Reasons You Should Attend Cloud Identity Summit 2016CloudIDSummit
The Cloud Identity Summit was founded by Ping Identity with support from industry leaders in 2010 to bring together the brightest minds across the identity and security industry. Today the event is recognized as the world’s premier identity industry conference and includes tracks from industry thought leaders, CIOs and practitioners. Cloud Identity Summit serves as a multi-year roadmap to deploy solutions that are here today but built for the future. For more info, go to www.cloudidentitysummit.com.
Be apart of the convo on Twitter: @CloudIDSummit + #CISNOLA
CIS 2015 Mobile Security, Identity & Authentication: Reasons for Optimism - R...CloudIDSummit
In an ever interconnected and inter-reliant world, the state of security has been a cause for deep pessimism. In the midst of all the gloom, there is good cause for optimism.
With some fits and starts, the building blocks for transforming mobile security are taking shape at every level from the processor, to the chipset to special purpose hardware to operating systems and protocols that address use cases from device integrity to user authentication to payments.
How do we think about security, privacy, identity and authentication in this world? This talk will provide a rapid overview of some selected building blocks and some practical examples that are now deployed at scale to illustrate the coming wave and how you as a practitioner or customer can participate and position yourself for maximum benefit.
CIS 2015 Deploying Strong Authentication to a Global Enterprise: A Comedy in ...CloudIDSummit
Does anybody remember seeing a big red button with the word “PANICK!” written on it? I know it was around here somewhere. Also, there’s all these cats running pell-mell around the place, can someone give me a hand in herding them?
In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile work-force was able to turn up strong authentication protections for our critical cloud resources, and how the IT department lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stakeholders to the boots-on-the-ground who were being asked to join us on this new security adventure.
CIS 2015 Without Great Security, Digital Identity is Not Worth the Electrons ...CloudIDSummit
This session will review digital identity’s transition from vulnerable authentication methods and what Microsoft and others are doing to address the hard problems associated with managing and protecting digital identities.
CIS 2015 Mergers & Acquisitions in a Cloud Enabled World - Brian PuhlCloudIDSummit
You'll laugh, you'll cry, and you might even pick up a useful nugget or two listening to a real-world enterprise IT architect share the experiences of the past year trying to support his business migrating to cloud services, and sharing the lessons learned from trying to integrate 2 hybrid enterprises into a single, streamlined company. You'll hear where the cloud came through for us, and how we often had to fall back to on-prem services such as FIM, Ping Federate, and ADFS to make the glue which binds it all together.
A "from the trenches" view into how GE is using federation standards to abstract & harden our growing cloud WAM platform. Topics covered: GE's approach to OpenID Connect for cross platform authentication (web, mobile), 2) GE's API management platform for API publishing, subscription & security, 3) how the two work together, 4) lessons learned & areas for improvement.
CIS 2015 What I Learned From Pitching IAM To My CIO - Steve ToutCloudIDSummit
The IAM program needs to align behind the shift towards ITaaS, building the platform for execution and supporting transformation and migration activities. CIOs should keep informed through a relevant IAM capability roadmap in order to make calculated decisions on where investments should be made. Ongoing investments in the IAM program are crucial in order to fill capability gaps, keep up-to-date with support and license agreements and make opportunistic progress on the strategic roadmap. In this talk, Steve discusses recent experiences and lessons learned in preparing for and pitching VMware’s CIO on enterprise IAM program initiatives.
CIS 2015 How to secure the Internet of Things? Hannes TschofenigCloudIDSummit
Companies and researchers are exploring ways to make software and hardware development easier for the masses. Soon you will be able to build your own autonomous drone, create a sensor that assess the watering needs of your plants, and develop a cat tracking device with minimal coding and hardware skills.
What is the place of security and privacy in this exciting development?
Are we building the next generation of Internet security vulnerabilities right now?
In his talk Hannes Tschofenig will highlight challenges with Internet of Things, what role standardization plays, and what contributions ARM, a provider of microprocessor IP, is making to improve IoT security.
CIS 2015 The IDaaS Dating Game - Sean DeubyCloudIDSummit
The IDaaS (identity as a service) market segment continues to grow in popularity, and the scope of its vendor's capabilities continue to grow as well. It's still not a match for everyone, however. Join identity architect Sean Deuby for an overview of the most popular IDaaS deployment scenarios, scenarios where IDaaS has a tougher time meeting customer requirements, and whether your company is likely to find its perfect IDaaS mate.
CIS 2015 SSO for Mobile and Web Apps Ashish JainCloudIDSummit
In the past Enterprise Mobility Management (EMM) has focused primarily on MDM, MAM and MCM. Recently there has been a lot of focus on the fourth pillar of EMM - Mobile Identity Management (MIM). This session will cover the primary use cases and discuss current solutions available for managed/un-managed, internal/public and mobile/web apps for iOS/Android devices.
The Industrial Internet, the Identity of Everything and the Industrial Enterp...CloudIDSummit
This talk will review the breadth of the Internet of Things (IoT), the challenges of Identity Management and the IoT and the impact to Industrial Enterprise.
CIS 2015 SAML-IN / SAML-OUT - Scott Tomilson & John DasilvaCloudIDSummit
Are you in a situation where you have two business units (maybe because of a merger) that have their own Federation solutions and now you need to share access to SaaS resources among the 2 workforces. But you don't want to have to setup to separate SaaS connections to the same vendor and you want to manage this connection on premises instead of in the Cloud. We can help with that, come see how!
CIS 2015 Session Management at Scale - Scott Tomilson & Jamshid KhosravianCloudIDSummit
Centralized session management has long been a goal of Web Access Management systems: the idea that one session can give end users access to dozens of protected applications with a seamless SSO experience, and terminating it (either by the end user themselves, or by an administrator) cuts off access instantly. It’s a nice dream isn’t it? Turns out that while most WAM products claim they can do this, when deployment time comes around (especially in globally distributed organizations) serious security and scalability challenges emerge that make it unfeasible. In this “session”, come and learn our vision for deploying session management at scale and see how Ping Identity has implemented it in our Federated Access Management solution.
CIS 2015 So you want to SSO … Scott Tomilson & John DasilvaCloudIDSummit
Are you asking yourself how do I take my inhouse application and make it available to internal users, partners or customers using SSO and access management technologies? Oh, and you don't want it to be a 6 month project? No problem. Come and find out how to leverage your existing investments and move to modern standards like OpenID Connect, without having to rip and replace infrastructure. Learn the capabilities and tradeoffs you can make to deploy the right level of identity and access management infrastructure to match your security needs.
CIS 2015 Identity Relationship Management in the Internet of ThingsCloudIDSummit
Devices need owners, people need confidence in device authenticity, data needs to persist in systems long after devices change hands, and access needs to be authorized selectively. That's a lot to ask; even if emerging web identity and security technologies are simpler than the models of yesteryear, IoT devices have complicating limitations when it comes to processing power, memory, user interface, and connectivity. But many use cases span web and IoT environments, so we must try! What are the specific requirements? What elements of web technologies can we borrow outright? What elements may need tweaking?
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
CIS13: Is Identity the Answer to the Great Question of Life, the Universe, and Everything?
1. Is
Iden'ty
the
Answer
to
the
Great
Ques'on
of
Life,
the
Universe,
and
Everything?
Nishant
Kaushik
/
Chief
Architect
@NishantK
2. Is
Iden'ty
the
Answer
to
the
Great
Ques'on
of
Life,
the
Universe,
and
Everything?
Nishant
Kaushik
/
Chief
Architect
@NishantK
3. In
the
beginning
the
Universe
was
created.
This
has
made
a
lot
of
people
very
angry
and
has
been
widely
regarded
as
a
bad
move.
4. In
the
beginning
the
Internet
was
created
without
an
Iden'ty
layer.
This
has
made
a
lot
of
people
very
angry
and
has
been
widely
regarded
as
a
bad
move.
6. Iden'ty
=
Context
Trust
Transparency
Convenience
Security
Privacy
Community
7. Interac've
Subjec'vity
Frameworks
“Just
as
Einstein
observed
that
space
was
not
an
absolute
but
depended
on
the
observer’s
movement
in
space,
and
that
'me
was
not
an
absolute,
but
depended
on
the
observer’s
movement
in
'me,
so
it
is
now
realized
that
numbers
are
not
absolute,
but
depend
on
the
observer’s
movement
in
restaurants.”
13. Context
In
Ac'on:
Hiring
Amy,
Part
1
Recrui'ng
App
Social
Login
Authen'ca'on
Service
Iden'ty
Verifica'on
Service
Iden'ty
Store
Service
14. Context
In
Ac'on:
Hiring
Amy,
Part
2
Recrui'ng
App
Social
Login
Authen'ca'on
Service
A^ribute
Exchange
Service
Iden'ty
Store
Service
Authorize
Data
Release
A^ribute
Authority
15. Context
in
Ac'on:
A
Day
in
the
Life
of
Amy
Company
Portal
Social
Login
Authen'ca'on
Service
Iden'ty
Store
Service
Launch
box.net
Passive
Step-‐up
Authen<ca<on
JIT
Provisioning
&
Federated
AuthN
A^ribute
Exchange
Service
16. Context
in
Ac'on:
A
Day
in
the
Life
of
Amy
(Alt.)
Iden'ty
Store
Service
Logs
in
with
personal
account,
then
requests
access
to
company
site
Iden'ty
Hub
Service
Authen'ca'on
Service
Step-‐up
Authen<ca<on
via
Iden<ty
Verifica<on
Register
for
Iden<ty
Event
No<fica<ons
via
Graph
API
17. Context
in
Ac'on:
Amy
Unleashed
Recommenda'on
Service
Walks
into
retail
store
and
uses
their
Recommenda<on
Service.
Directs
service
to
the
Iden<ty
Oracle
using
her
mobile
Various
Authorita've
Sources
Iden'ty
Oracle
Service
Requests
access
to
personaliza<on
data.
User
policy
enforced
via
UMA
Log
out
&
Dispose
19. (De)Construc'ng
Iden'ty
A^ribute:
A
property
of
a
subject
that
may
have
zero
or
more
values
Hair
Color:
Blond
Age:
31
Name:
Janet
Munroe
Title:
VP,
Engineering
Loca'on:
40.783147,
-‐73.971277
Mobile:
212-‐555-‐2962
Roles:
Github
Admin,
SOX12,
Developer,
…
23. (De)Construc'ng
Iden'ty
Iden'fier:
A
representa'on
mapped
to
a
subject
en'ty
that
uniquely
refers
to
it
589-25-6029
465-05-6873
034-39-7383
945-27-4834
437-52-0358
576-23-2957
085-72-2068
25. So,
What’s
a
Magrathean
to
do?
For
Applica'ons,
it’s
been
a
DIY
world,
baby!
26. So,
What’s
a
Magrathean
to
do?
For
Applica'ons,
it’s
been
a
DIY
world,
baby!
User
Tables
Roles
&
Policies
Registra'on
Processes
User
Administra'on
Profile
Management
Security
Enforcement
30. Enter
Iden'ty
&
Access
Management
“The
History
of
every
major
Galac'c
Civiliza'on
tends
to
pass
through
three
dis'nct
and
recognizable
phases,
those
of
Survival,
Inquiry
and
Sophis'ca'on,
otherwise
known
as
the
How,
Why
and
Where
phases.”
31. Enter
Iden'ty
&
Access
Management
“The
History
of
every
major
Galac'c
Civiliza'on
tends
to
pass
through
three
dis'nct
and
recognizable
phases,
those
of
Survival,
Inquiry
and
Sophis'ca'on,
otherwise
known
as
the
How,
Why
and
Where
phases.”
The
Goal
• Reduce
security
risks
while
empowering
users
• Ensure
compliance
with
corporate
policies
and
regulatory
requirements
• Drama'cally
reduce
the
cost
of
providing
and
managing
access
to
valuable
corporate
resources
• Increase
produc'vity
and
opera'onal
efficiency
• Enable
IT
to
be
more
responsive
to
evolving
business
requirements
37. The
Typical
Employee
On-‐Boarding
ID
Store
Iden'ty
Provider
Trust
HR
Applica'on
A^ribute
Authority
38. The
Typical
Contractor
On-‐Boarding
ID
Store
Iden'ty
Provider
Trust
Contractor
Database/Spreadsheet
A^ribute
Authority
39. Adding
Automa'on
HR
Applica'on
Trust
A^ribute
Authori'es
Contractor
DB
ID
Store
Iden'ty
Provider
Provisioning
System
40. Transi'oning
to
an
Online
World
System(s)
of
Record
ID
Store
Iden'ty
Provider
Trust
A^ribute
Authori'es
Provisioning
System
Recrui'ng/Registra'on
App
Self-‐Asserted
Claims
41. Iden'ty
Proofing
System
of
Record
ID
Store
Provisioning
System
Recrui'ng/Registra'on
App
Iden'ty
Proofing
Service
A^ribute
Authori'es
Self-‐Asserted
Claims
42. Iden'ty
Proofing
ID
Store
User
Registra'on
Portal
Iden'ty
Proofing
Service
A^ribute
Authori'es
Self-‐Asserted
Claims
43. Social
Iden'ty
Proofing
ID
Store
User
Registra'on
Portal
Iden'ty
Proofing
Service
Risk
Score
44. Access
Provisioning
&
De-‐Provisioning
“To
summarize
the
summary
of
the
summary:
people
are
a
problem.”
45. Access
Provisioning
is…
…the
crea'on,
maintenance
and
deac'va'on
of
user
objects
and
user
a^ributes,
as
they
exist
in
one
or
more
systems,
directories
or
applica'ons,
in
response
to
automated
or
interac've
business
processes
Source:
h^p://en.wikipedia.org/wiki/Provisioning#User_provisioning
46. Access
Provisioning
is…
…the
crea'on,
maintenance
and
deac'va'on
of
user
objects
and
user
a^ributes,
as
they
exist
in
one
or
more
systems,
directories
or
applica'ons,
in
response
to
automated
or
interac've
business
processes
This
Covers
• Crea'ng
and
Dele'ng
User
Accounts
• Upda'ng
their
A^ributes
• Assigning
and
Removing
Privileges
• Password
Management
(Change,
Reset,
Sync,
Recovery)
Source:
h^p://en.wikipedia.org/wiki/Provisioning#User_provisioning
47. The
Basic
Manual
Approach
Employee/Contractor
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
HR
Manager
Applica'on
Admins/Helpdesk
APPROVED
Access
Request
Form
Ops
Team
48. Marvin
the
Paranoid
Android
Says…
We’re
talking
about
lost
produc'vity
and
error
prone
processes.
Your
IT
staff
is
burdened
with
tasks
well
below
their
levels.
Don’t
even
begin
to
ask
me
about
handling
updates
and
moves,
what
with
the
lack
of
tracking
and
clarity
on
policies
or
processes.
And
if
someone
leaves?
I
could
tell
you
all
the
access
you
need
to
cancel
or
delete
since
you
clearly
won’t
know.
But
why
bother?
What’s
the
point,
really?
49. Tradi'onal
Provisioning
Architecture
Employee/Contractor
IT
Admins/
Developers
Consultants
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
50. Marvin
the
Paranoid
Android
Says…
The
first
ten
million
enhancements
are
the
worst,
and
the
second
ten
million
enhancements,
they
were
the
worst
too.
The
third
ten
million
I
didn’t
enjoy
at
all.
Axer
that
I
went
into
a
bit
of
a
decline.
It’s
the
armies
of
developers
and
consultants
you
need
to
hire
in
this
job
that
really
get
you
down.
51. The
Compliance
Problem
Employee/Contractor
IT
Admins/
Developers
Consultants
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
52. Marvin
the
Paranoid
Android
Says…
My
capacity
for
happiness
at
the
prospect
of…
…gathering
all
that
data
from
different
applica'ons,
running
axer
and
nagging
all
my
applica'on
administrators
and
business
owners
to
get
them
to
help
me,
then
trying
to
put
it
into
spreadsheets
that
my
managers
can
actually
use
without
rubber
stamping
them
or
wan'ng
to
throw
their
computers
down
an
elevator
shax…
…you
could
fit
into
a
matchbox
without
taking
out
the
matches
first.
53. The
Birth
of
a
New
Solu'on
Category
Employee/Contractor
IT
Admins/
Developers
Consultants
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
Applica'on
Recer'fica'on
54. Marvin
the
Paranoid
Android
Says…
I
suppose
you
want
me
to
configure,
manage
and
maintain
two
of
these
beasts?
I’m
not
going
to
enjoy
this.
55. The
Cloud
Problem
Cometh
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
Admins/Helpdesk
Business
Users
Manual
Fulfillment
56. Marvin
the
Paranoid
Android
Says…
You
think
you’ve
got
problems?
What
are
you
supposed
to
do
if
you
are
a
manically
depressed
robot?
57. When
SaaS
A^acks
(the
Enterprise
Market)
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
AD
Directory
Synchroniza<on
58. Marvin
the
Paranoid
Android
Says…
You
may
not
see
the
folly
of
opening
up
all
those
connec'ons
to
your
internal
IT
environment,
but
then
your
logic
circuits
don’t
compare
to
mine.
And
to
try
and
model
all
those
SaaS
apps
privileges
into
your
AD
environment
so
that
you
can
con'nue
to
give
users
a
single
management
and
request
portal?
Not
even
the
Googleplex
Star
Thinker,
which
can
calculate
the
trajectory
of
every
single
dust
par'cle
throughout
a
five-‐week
Dangrabad
Beta
sand
blizzard
can
do
that!
59. We
Could
Try
Some
Extensions…
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
60. We
Could
Try
Some
Extensions…
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
61. SCIM?
Whither
the
Standardized
Solu'on?
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Auditors
Applica'on
Recer'fica'on
62. Marvin
the
Paranoid
Android
Says…
I
suppose
I
could
hang
around
and
wait
for
another
five
hundred
and
seventy-‐six
thousand
million,
three
thousand
five
hundred
and
seventy-‐nine
years.
63. The
Requisite
Cloud-‐Based
Solu'on
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Cloud-‐based
Iden'ty
Bridge
64. Marvin
the
Paranoid
Android
Says…
Here
I
am,
brain
the
size
of
a
planet
and
they
ask
me
to
build
a
bridge.
Call
that
job
sa<sfac<on?
‘Cos
I
don’t.
65. IDaaS
Solu'ons
–
The
First
Wave
Employee/Contractor
Provisioning
System
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
AD
Directory
Synchroniza<on
Cloud-‐based
SSO
SAML
/
Oauth/
Form
Filling
66. Marvin
the
Paranoid
Android
Says…
I
could
tell
you
that
it
ignores
everything
that
is
deployed
on-‐premises,
and
assumes
that
you
something
else
to
manage
the
iden'ty
store.
I
suppose
it
might
be
relevant
that
de-‐provisioning
is
a
problem
area,
and
that
there
is
a
lack
of
governance
controls.
And
all
the
problems
of
directory
synchroniza'on
will
show
up
here…
…but
I
don’t
suppose
you’ll
be
very
interested
in
knowing
that.
67. IDaaS
Solu'ons
–
The
Next
Wave
Employee/Contractor
On-‐Prem
Iden'ty
Bridge
Internal
Applica'ons
User
Stores
(SSO,
IdP,
Fed)
Cloud-‐based
Provisioning
System
68. Marvin
the
Paranoid
Android
Says…
Good
idea,
if
you
ask
me.
It’s
brilliant.
But
they’re
not.
71. Adding
Automa'on
System
of
Record
ID
Store
Internal
Applica'ons
User
Stores
Provisioning
System
72. Adding
Automa'on
System
of
Record
ID
Store
Internal
Applica'ons
User
Stores
Provisioning
System
• Account
Reten'on
Period
• Re'rees
• Rehires
• Scheduled
Termina'on
with
Warning
and
Extensions
73. The
Myth
of
SSO-‐Based
De-‐Provisioning
System
of
Record
ID
Store
Internal
Applica'ons
(SSO)
User
Stores
SSO
System
74. Marvin
the
Paranoid
Android
Says…
They’ve
spent
the
last
five
years
building
it.
They
think
they’ve
got
it
right
but
they
haven’t.
First
off,
the
meter
on
those
accounts
is
s'll
running.
And
they’re
ac've,
which
means
they
can
be
logged
into.
And
they
can
be
exploited
in
ways
that
circumvent
SSO.
And
did
no
one
stop
to
consider
mobile
access?
There’s
nothing
I
can
do.
It’s
on
an
independent
circuit
from
the
others.