This document discusses exploring human identity through personalization and data mining. It covers foundations of identity like tribalism, experimental identity methods like WebFinger and BrowserID, tracking anonymous users, and social grouping. It also discusses challenges like privacy concerns and finding the right balance between insight and being creepy. The key lessons are that identity is more than just a login, to have social conscience, and to choose tools that have needed data and work for your business.
OOCSS for JavaScript Pirates jQcon BostonJohn Hann
At first glance, Object-Oriented CSS looks like yet another rehash of CSS "best practices". Maybe the OO part caught your attention briefly before you dismissed it as a gimmick. Who cares about CSS anyways? I'm a JavaScript Pirate! CSS is for lollygaggers and deck scrubbers!
That's what these JavaScript Pirates thought, too, at first. But now that we're skilled in the arcane art of OOCSS, we've come to realize that it not only helps us write better CSS, but it also helps us write much better JavaScript!
You too will be able to create kick-ass web apps that are engineering marvels -- able to withstand high seas and hurricane-force winds -- er... or at least unreasonable customer demands.
First, we'll review the basics of OOCSS. Then, we'll delve deeper. Way deeper.
Attending pirates will learn how to:
1) use OOCSS principles to modularize HTML into reusable components, 2) mate these components with CSS rules and JavaScript ""controllers"", and 3) identify and implement inheritance patterns in CSS, HTML, and JavaScript.
More importantly, pirates will discover several little-known secrets about OOCSS. These ""secrets"" are tips and techniques that you won't find in any book, tutorial, or treasure map. They're not even divulged on the OOCSS Github repository! Once you see them in action, you'll never want to do it the ""old way"" again.
For certain, by the end of this session, you will: 1) have a much greater appreciation for CSS, 2) understand several simple, yet powerful, techniques for applying OOCSS, and 3) feel much more confident about creating and maintaining large web apps.
Arrrrrr, matey!!! Let the wind blow!
Nothing Hard Baked: Designing the Inclusive Webcolinbdclark
We've all experienced the frustration and exclusion of using an application that is awkwardly designed or poorly suited to our preferred device. In this talk, I redefine accessibility as a usability problem, exploring some of the limitations we've inherited from traditional, desktop-centric approaches to accessibility and user interface design. I also show a few of the techniques used in Fluid Infusion to support open web user interfaces that can more readily adapt to the needs of both developers and end-users alike.
User Interface Development with jQuerycolinbdclark
A half-day workshop covering all aspects of user interface development with jQuery. Starts with a JavaScript refresher, followed by coverage of each major feature of jQuery. Real world code samples are included throughout.
Presented by Colin Clark and Justin Obara at the 2010 Jasig Conference in San Diego.
Creating an In-Aisle Purchasing System from ScratchJonathan LeBlanc
The future of retail is in removing the divide between the offline shopping state and the enhanced online buying experience. To create this type of enhanced retail experience, we can remove complexities in the process, such as simplifying checkout.
In this session we’ll learn how to use internet-connected microelectronics to attach to a buyer’s mobile device to provide the functionality to buy products right from the aisle.
There's a lot of talk about the what and the how of HTML5. This talk aims to cover the why.
Why you should care. Why it’s important. Why you should use it now.
The arena of proper auth & data security standards is often some of the most misunderstood, confusing, and tricky aspects of building Node apps. Using open source auth techniques and proper data encryption standards, we’ll learn how to make intelligent decisions on creating a solid infrastructure to protect our users and data. We’ll dive into auth systems, data attack vectors, how to protect your systems, and common security pitfalls in Node.
OOCSS for JavaScript Pirates jQcon BostonJohn Hann
At first glance, Object-Oriented CSS looks like yet another rehash of CSS "best practices". Maybe the OO part caught your attention briefly before you dismissed it as a gimmick. Who cares about CSS anyways? I'm a JavaScript Pirate! CSS is for lollygaggers and deck scrubbers!
That's what these JavaScript Pirates thought, too, at first. But now that we're skilled in the arcane art of OOCSS, we've come to realize that it not only helps us write better CSS, but it also helps us write much better JavaScript!
You too will be able to create kick-ass web apps that are engineering marvels -- able to withstand high seas and hurricane-force winds -- er... or at least unreasonable customer demands.
First, we'll review the basics of OOCSS. Then, we'll delve deeper. Way deeper.
Attending pirates will learn how to:
1) use OOCSS principles to modularize HTML into reusable components, 2) mate these components with CSS rules and JavaScript ""controllers"", and 3) identify and implement inheritance patterns in CSS, HTML, and JavaScript.
More importantly, pirates will discover several little-known secrets about OOCSS. These ""secrets"" are tips and techniques that you won't find in any book, tutorial, or treasure map. They're not even divulged on the OOCSS Github repository! Once you see them in action, you'll never want to do it the ""old way"" again.
For certain, by the end of this session, you will: 1) have a much greater appreciation for CSS, 2) understand several simple, yet powerful, techniques for applying OOCSS, and 3) feel much more confident about creating and maintaining large web apps.
Arrrrrr, matey!!! Let the wind blow!
Nothing Hard Baked: Designing the Inclusive Webcolinbdclark
We've all experienced the frustration and exclusion of using an application that is awkwardly designed or poorly suited to our preferred device. In this talk, I redefine accessibility as a usability problem, exploring some of the limitations we've inherited from traditional, desktop-centric approaches to accessibility and user interface design. I also show a few of the techniques used in Fluid Infusion to support open web user interfaces that can more readily adapt to the needs of both developers and end-users alike.
User Interface Development with jQuerycolinbdclark
A half-day workshop covering all aspects of user interface development with jQuery. Starts with a JavaScript refresher, followed by coverage of each major feature of jQuery. Real world code samples are included throughout.
Presented by Colin Clark and Justin Obara at the 2010 Jasig Conference in San Diego.
Creating an In-Aisle Purchasing System from ScratchJonathan LeBlanc
The future of retail is in removing the divide between the offline shopping state and the enhanced online buying experience. To create this type of enhanced retail experience, we can remove complexities in the process, such as simplifying checkout.
In this session we’ll learn how to use internet-connected microelectronics to attach to a buyer’s mobile device to provide the functionality to buy products right from the aisle.
There's a lot of talk about the what and the how of HTML5. This talk aims to cover the why.
Why you should care. Why it’s important. Why you should use it now.
The arena of proper auth & data security standards is often some of the most misunderstood, confusing, and tricky aspects of building Node apps. Using open source auth techniques and proper data encryption standards, we’ll learn how to make intelligent decisions on creating a solid infrastructure to protect our users and data. We’ll dive into auth systems, data attack vectors, how to protect your systems, and common security pitfalls in Node.
2012 POSSCON Changing the Face of Identity in EcommerceJonathan LeBlanc
March 2012 presentation on open source Ecommerce identity for POSSCON (Columbia, SC).
The audio recording from this session is available at http://archive.org/details/ChangingTheFaceOfOpenIdentityInEcommercePosscon2012
This presentation covers emerging and mature technologies which may be used to increase the viral social experiences of your sites and applications.
This presentation was given at Enterprise 2.0 conference 2011 in Santa Clara, CA
Slides de mi Conferencia: We Are Digital Puppets Actualizada (Inglés) que dicté en San Francisco CA. Hablo sobre el Tracking y el profiling de personas.
Persona: in your browsers, killing your passwordsFrancois Marier
Introduction to Persona, a new cross-browser login system for the web that's built entirely in Javascript. Powered by node.js on the backend, it pushes most of the crypto to the browser in order to create a secure and privacy-sensitive experience.
jQuery Makes Writing JavaScript Fun Again (for HTML5 User Group)Doris Chen
Get frustrated by cross-browser incompatibility? Hate to develop application using JavaScript? jQuery is a powerful JavaScript library that can enhance your websites regardless of your background. jQuery is fast, lean, simple and hugely expandable, enabling you to build compelling web applications quickly and easily. In this session, we will start with a quick introduction of jQuery, illustrate what’s so good about jQuery, and demonstrate step by step how to develop jQuery Ajax application efficiently with database, web services, OData, NetFlix and ASP.NET MVC. Microsoft is now shipping, supporting, and contributing to jQuery, with ASP.NET and Visual Studio. New features which will be available in the next release of jQuery such as globalization, templating and data-linking will be introduced in the session as well.
Fronteers 2009 Of Hamsters, Feature Creatures and Missed OpportunitiesChristian Heilmann
My presentation at Fronteers 2009 about the opportunity we have as developers to liberate ourselves from the fail that is browsers and write some nice code to mix data on the web.
The Rise of Social Media
Social media Brand
Knowledge from consumer generated media
Development Areas of Expertise
Development Environment of open source and Microsoft
Social media The three Strategies for Government
An examination of the current data portability design patterns used in Social Media sites. Looking at a possible new Open Stack concept to create true plug and play interfaces for user to exchange data
The slides here are part of my presentation at the Confraria0day meeting in March 2017. It is an introduction to the various HTTP security headers with some insights about them. It covers HSTS, HPKP, X-Frame-Options, Content Security Policy, X-XSS-Protection, X-Content-Type-Options, Referrer-Policy and Set-Cookie options.
Passwords suck, but centralized proprietary services are not the answerFrancois Marier
Passwords are a big problem online and a lot of websites have turned to centralized services to handle logins for them. It's a disturbing trend from a privacy/surveillance point of view, but from a software freedom point of view, it's also turning these proprietary services into core dependencies.
That's why Mozilla is building Persona, a new federated and cross-browser system which makes identity a standard part of the browser. It's simple, privacy-sensitive and entirely free software.
A few people like to say that passwords are dead, but the reality is far from it. First of all, we can't get rid of passwords entirely, because the alternatives all suck: physical tokens are easy to lose and retina scans are pretty creepy. What we should focus on is eliminating site-specific passwords.
Mozilla Persona was introduced at OSDC last year, but a number of new things have been added to it since. But more importantly, it's still the best shot we have at a decentralized web-wide identity system that works for average users and doesn't violate their privacy.
So I'm back to show you what's new and to talk about what organizations can gain from adding native support on their domain. It's time to solve the password problem on the web.
JavaScript App Security: Auth and Identity on the ClientJonathan LeBlanc
The story is always the same; if you want to create a JavaScript centric app with API and identity security, you’re told that you need to have a server-side component for handling your identity and application security. That’s simply not the case in modern development.
In this session we'll look at client-side identity, API, and token security, exploring token downscoping methodologies, key management tools, and security on the client.
Improving Developer Onboarding Through Intelligent Data InsightsJonathan LeBlanc
A developer platform lives and dies by it's developer community. When huge problems need to be solved, it's easy to make valuable improvements, but what do you do when those are solved and you still see high bounce rates on your site, low developer application completion, and generally poor adoption of your product? This is where your data can save you.
In this talk we'll run through:
- How to track valuable developer path insights, from moments of anxiety to time to first valuable call.
- Overlaying support and ticketing information on top of developer path data to decrease developer friction.
- How to create automated analytics systems to measure success.
- When these systems should be built, before it's too late.
More Related Content
Similar to 2012 ConvergeSE: Exploring Human Identity Through Personalization and Data Mining
2012 POSSCON Changing the Face of Identity in EcommerceJonathan LeBlanc
March 2012 presentation on open source Ecommerce identity for POSSCON (Columbia, SC).
The audio recording from this session is available at http://archive.org/details/ChangingTheFaceOfOpenIdentityInEcommercePosscon2012
This presentation covers emerging and mature technologies which may be used to increase the viral social experiences of your sites and applications.
This presentation was given at Enterprise 2.0 conference 2011 in Santa Clara, CA
Slides de mi Conferencia: We Are Digital Puppets Actualizada (Inglés) que dicté en San Francisco CA. Hablo sobre el Tracking y el profiling de personas.
Persona: in your browsers, killing your passwordsFrancois Marier
Introduction to Persona, a new cross-browser login system for the web that's built entirely in Javascript. Powered by node.js on the backend, it pushes most of the crypto to the browser in order to create a secure and privacy-sensitive experience.
jQuery Makes Writing JavaScript Fun Again (for HTML5 User Group)Doris Chen
Get frustrated by cross-browser incompatibility? Hate to develop application using JavaScript? jQuery is a powerful JavaScript library that can enhance your websites regardless of your background. jQuery is fast, lean, simple and hugely expandable, enabling you to build compelling web applications quickly and easily. In this session, we will start with a quick introduction of jQuery, illustrate what’s so good about jQuery, and demonstrate step by step how to develop jQuery Ajax application efficiently with database, web services, OData, NetFlix and ASP.NET MVC. Microsoft is now shipping, supporting, and contributing to jQuery, with ASP.NET and Visual Studio. New features which will be available in the next release of jQuery such as globalization, templating and data-linking will be introduced in the session as well.
Fronteers 2009 Of Hamsters, Feature Creatures and Missed OpportunitiesChristian Heilmann
My presentation at Fronteers 2009 about the opportunity we have as developers to liberate ourselves from the fail that is browsers and write some nice code to mix data on the web.
The Rise of Social Media
Social media Brand
Knowledge from consumer generated media
Development Areas of Expertise
Development Environment of open source and Microsoft
Social media The three Strategies for Government
An examination of the current data portability design patterns used in Social Media sites. Looking at a possible new Open Stack concept to create true plug and play interfaces for user to exchange data
The slides here are part of my presentation at the Confraria0day meeting in March 2017. It is an introduction to the various HTTP security headers with some insights about them. It covers HSTS, HPKP, X-Frame-Options, Content Security Policy, X-XSS-Protection, X-Content-Type-Options, Referrer-Policy and Set-Cookie options.
Passwords suck, but centralized proprietary services are not the answerFrancois Marier
Passwords are a big problem online and a lot of websites have turned to centralized services to handle logins for them. It's a disturbing trend from a privacy/surveillance point of view, but from a software freedom point of view, it's also turning these proprietary services into core dependencies.
That's why Mozilla is building Persona, a new federated and cross-browser system which makes identity a standard part of the browser. It's simple, privacy-sensitive and entirely free software.
A few people like to say that passwords are dead, but the reality is far from it. First of all, we can't get rid of passwords entirely, because the alternatives all suck: physical tokens are easy to lose and retina scans are pretty creepy. What we should focus on is eliminating site-specific passwords.
Mozilla Persona was introduced at OSDC last year, but a number of new things have been added to it since. But more importantly, it's still the best shot we have at a decentralized web-wide identity system that works for average users and doesn't violate their privacy.
So I'm back to show you what's new and to talk about what organizations can gain from adding native support on their domain. It's time to solve the password problem on the web.
JavaScript App Security: Auth and Identity on the ClientJonathan LeBlanc
The story is always the same; if you want to create a JavaScript centric app with API and identity security, you’re told that you need to have a server-side component for handling your identity and application security. That’s simply not the case in modern development.
In this session we'll look at client-side identity, API, and token security, exploring token downscoping methodologies, key management tools, and security on the client.
Improving Developer Onboarding Through Intelligent Data InsightsJonathan LeBlanc
A developer platform lives and dies by it's developer community. When huge problems need to be solved, it's easy to make valuable improvements, but what do you do when those are solved and you still see high bounce rates on your site, low developer application completion, and generally poor adoption of your product? This is where your data can save you.
In this talk we'll run through:
- How to track valuable developer path insights, from moments of anxiety to time to first valuable call.
- Overlaying support and ticketing information on top of developer path data to decrease developer friction.
- How to create automated analytics systems to measure success.
- When these systems should be built, before it's too late.
Better Data with Machine Learning and ServerlessJonathan LeBlanc
Creating valuable insights out of raw data files, such as audio or video, has traditionally been a very manual and tedious process, and has produced mixed results due to an influential human element in the mix.
Thanks to enhancements in machine learning systems, coupled with the rapidly deployable nature of serverless technology as a middleware layer, we are able to create highly sophisticated data insight platforms to replace the huge time requirements that have typically been required in the past.
With this in mind, we’ll look at:
- How to build end-to-end data insight and predictor systems, built on the back of serverless and machine learning systems.
- Best practices for working with serverless technology for ferrying information between raw data files and machine learning systems through an eventing system.
- Considerations and practical examples of working with the security implications of dealing with sensitive information.
Best Practices for Application Development with BoxJonathan LeBlanc
Covering the best practices for building new applications on top of Box platform, including token management, error condition and program flow, architecture, and other such topics.
This topic will go through current standards and future trends for building a scalable security model for distributed cloud based data. We’ll look into practices and considerations behind handing highly privileged data globally, diving into topics such as:
- How global compliance and regulations affect security practices.
- Handling data permissions, identity, and security with application access to data.
- Considerations, trends, and standards for global data availability.
Building a modern API architecture is a constant struggle between ease of development and security. JSON Web Tokens (JWTs) introduce a means of building authentication into JSON objects being transmitted through APIs.
In this session we’ll explore how JWTs work to build verifiable and trusted objects, allowing them to be combined with standards such as OAuth 2 for capturing access tokens, leading to a secure means of JavaScript SDK dev.
As web enabled systems become an integral part of everything we interact with, how do we secure data in potential unsecure environments?
In this session you'll learn how to apply fundamental security precepts in potentially insecure environments. Topics include:
Securing identity and payment data through voice commands or text
Tokenization and encryption security
Triggering secure transactions from communications media
We are in an age where more people have phones than toilets, and there are more active cell phones than people on the planet. How do we protect all of these devices roaming around unsecured locations, especially when they want to pay for something. Learn the secrets behind building a secure mobile backbone, as we explore how to harden security, build systems based on identity confidence, and work towards a future proofed mobile framework.
The screencast of this presentation can be found at https://youtu.be/o3uy7dgG_n4
There is an assumption in the industry, amongst companies large and small alike, that if they store sensitive user data (and sometimes do some mild encryption) in their database, it's locked in and secured from potential attacks. People rely too heavily on their false assumptions of security, and it usually ends up costing them extensively when that is proven wrong.
In this session, Jonathan will build a foundation for identity and data security that everyone dealing with sensitive data should understand. We'll break down concepts of identity security, common attack vectors and how to protect yourself, and how to harden your web application.
Web enabled systems are now an integral part of everything we interact with, from microelectronics to voice enabled hardware, from text messages and phone calls to email, and really we’re just limited by our imaginations as to what we can connect. As we explore vast new realms of communication over mixed digital media, we have to ask ourselves how we protect our critical data within potential unsecure environments. Going beyond that, how do we protect some of our more critical data, payment information, in this same realm.
As we look at a multitude of different environments, we’ll be exploring how to secure user identity and payment information through the communication channels, covering topics like:
* Securing identity and payment data through voice commands or text.
* Tokenization and encryption security.
* Techniques for triggering secure transactions from communications media.
At the end of the session, we’ll have a stronger understanding of proper techniques for working with new communication media sources, and see how we can apply fundamental security precepts in potentially insecure environments.
Audio from the session at OSCON (Portland, OR) on July 22nd, 2015 is available at https://archive.org/details/protecting_future_mobile_payments
We are now in an age where more people have phones than toilets, and there are more active cell phones than people on the planet. How do we protect all of these devices as they’re roaming around unsecured locations, especially when we want to pay for something.
In this talk we’re going to rip apart the illusion of mobile security and explore some of the most difficult to secure experiences: payments. We’ll cover the concepts of building a rich feature set to protect the user, how to encrypt all interactions, building scalable trust zones, and extending identification with wearables and biometrics.
In a world where technology is transforming with mobile devices and wearables, its key to have a solid security backbone. From having a strong password to using biometrics, companies are finding ways to help consumers protect themselves without impacting the experience. We'll take a look at the current landscape of passwords, the importance of proper systems and how we can use wearables and mobile devices to build trust systems.
You have a solid security infrastructure, all user data is encrypted, your users are protected right? As long as passwords remain the standard methods for identifying your users on the web, people will still continue to use "letmein" or "password123" for their secure login, and will continue to be shocked when their accounts become compromised.
Passwords are not secure, they need to be replaced. In this talk we're going to explore the pitfalls of a system designed around a username and password, then dive into the ways that technology is giving us a slew of new ways to build a secure user identity system. From biometrics to wearables, hardware to tokens, we'll explore a multitude of ways that we can finally kill all passwords.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
2012 ConvergeSE: Exploring Human Identity Through Personalization and Data Mining
1. Exploring Human Identity
Through Personalization and Data Mining
Jonathan LeBlanc
Developer Evangelist: X.commerce
Twitter: @jcleblanc
E-Mail: jleblanc@x.com
Github: github.com/jcleblanc
2. What We’re Going to Cover
The Foundations of Human Identity
Tribalism and Social Grouping
Experimental Identity Methods
The Big Bag of Social Identity Fail
http://www.x.com http://slideshare.net/jcleblanc
3. What We’re Going to Cover
The Foundations of Human Identity
Tribalism and Social Grouping
Experimental Identity Methods
The Big Bag of Social Identity Fail
http://www.x.com http://slideshare.net/jcleblanc
4. Human Identity: User Types
Anonymous Users Registered Users
http://www.x.com http://slideshare.net/jcleblanc
5. Human Identity: Open Identity Programming
OpenID (…and the upcoming OpenID Connect)
PayPal Access, Google, Yahoo!
OAuth (1.0a + 2.0)
PayPal Access, Facebook, Twitter
BrowserID
Mozilla
http://www.x.com http://slideshare.net/jcleblanc
7. Human Identity: Tracking Anonymous Users
There are a few common options
Tracking Cookie Local Storage
http://www.x.com http://slideshare.net/jcleblanc
8. Human Identity: Tracking Anonymous Users
Program Overview
• On each page visited, track the URL
• HTML5 Local Storage as primary storage
• Cookies as secondary storage
http://www.x.com http://slideshare.net/jcleblanc
9. Tracking Anonymous Users with Local Storage
var storeName = "visited";
if (typeof(localStorage) == 'undefined' ) {
//Local Storage Not Available
} else {
try {
var sites = localStorage.getItem(storeName);
sites = (sites === null) ? window.location : sites + window.location;
localStorage.setItem(storeName, sites + "|");
} catch (e) {
if (e == QUOTA_EXCEEDED_ERR) {
//quota exceeded
}
}
}
10. Tracking Anonymous Users with Cookies
function readCookie(name) {
var nameEQ = name + "=";
var ca = document.cookie.split(';');
for (var i = 0; i < ca.length; i++) {
var c = ca[i];
while (c.charAt(0) == ' '){ c = c.substring(1, c.length) };
if (c.indexOf(nameEQ) == 0){
return c.substring(nameEQ.length, c.length);
}
}
return null;
}
11. Tracking Anonymous Users with Cookies
var storeName = "visited";
if (typeof(localStorage) == "undefined" ) {
var cookieVal = readCookie(storeName);
var value = ((cookieVal === null) ? window.location : cookieVal
+ window.location);
var days = 1;
var date = new Date();
date.setTime(date.getTime() + (days*24*60*60*1000));
var expires = "; expires=" + date.toGMTString();
document.cookie = storeName + "=" + value + "|"
+ expires + "; path=/";
} else {
//Use Local Storage
}
12. Human Identity: Tracking Anonymous Users
Next Steps / Improvements
• Remove oldest results when storage fills
• Build categorization mapping prior to
storage to save space (more on this later)
http://www.x.com http://slideshare.net/jcleblanc
20. PayPal Access: Using the Access Token
//construct URI to fetch profile information for current user
$profile_url =
sprintf("%s?oauth_token=%s", PROFILE_ENDPOINT, $token-
>access_token);
//fetch profile of current user
$profile = run_curl($profile_url);
var_dump($profile);
?>
21. PayPal Access: Using the Raw Data
http://www.x.com http://slideshare.net/jcleblanc
22. PayPal Access: Using the Raw Data
http://www.x.com http://slideshare.net/jcleblanc
23. What We’re Going to Cover
The Foundations of Human Identity
Tribalism and Social Grouping
Experimental Identity Methods
The Big Bag of Social Identity Fail
http://www.x.com http://slideshare.net/jcleblanc
24. Social Grouping: It’s Not A New Thing…
http://www.x.com http://slideshare.net/jcleblanc
25. Social Grouping: Foundation in Tribalism
Tribalism started as a way to keep us safe
…it has lead to some horrible parts of history
but it is also a foundation of many of our social
relationships
http://www.x.com http://slideshare.net/jcleblanc
26. Social Grouping: The Real Life Social Graph
http://www.x.com http://slideshare.net/jcleblanc
27. Social Grouping: The Online Social Graph
http://www.x.com http://slideshare.net/jcleblanc
28. Social Grouping: Group Types
Follower Type
Connection Type
Group Type
http://www.x.com http://slideshare.net/jcleblanc
29. Social Grouping: Data Miners are Rock Stars
http://www.x.com http://slideshare.net/jcleblanc
30. Social Grouping: Group Programming Primer
Program Overview
• Use all URLs from the previous program.
• Obtain content category for page.
• Categorize user interest.
http://www.x.com http://slideshare.net/jcleblanc
31. Social Grouping: Group Programming Primer
Step 1: Obtain
Website Content
http://www.x.com http://slideshare.net/jcleblanc
32. Social Grouping: Group Programming Primer
Step 2: Perform
Keyword Density
Search
http://www.x.com http://slideshare.net/jcleblanc
33. Social Grouping: Group Programming Primer
Step 3: Weight
Keywords
http://www.x.com http://slideshare.net/jcleblanc
34. What We’re Going to Cover
The Foundations of Human Identity
Tribalism and Social Grouping
Experimental Identity Methods
The Big Bag of Social Identity Fail
http://www.x.com http://slideshare.net/jcleblanc
40. Experimental Identity: WebFinger
profileUrl name
id formatted
thumbnail url family name
urls given name
photos display name
http://www.x.com http://slideshare.net/jcleblanc
45. What We’re Going to Cover
The Foundations of Human Identity
Tribalism and Social Grouping
Experimental Identity Methods
The Big Bag of Social Identity Fail
http://www.x.com http://slideshare.net/jcleblanc
46. Social Identity Fail: Personal Safety
When Social Discovery Impacts Personal Safety
“My privacy concerns are not trite.
They are linked to my actual
physical safety”
--Harriet Jacobs (Gizmodo)
http://www.x.com http://slideshare.net/jcleblanc
47. Social Identity Fail: Privacy Concerns
When Making Things Easy Impairs Privacy
“Path Uploads Your Entire iPhone
Contact List By Default”
--Mark Hachman (PCMag)
http://www.x.com http://slideshare.net/jcleblanc
48. Social Identity Fail: The Fine Line
The Fine Line Between Insightful and Creepy
“How Target Figured Out A Teen Girl
Was Pregnant Before Her Father Did”
--Kashmir Hill (Forbes)
http://www.x.com http://slideshare.net/jcleblanc
49. Identity Programming Core Concepts
Identity is more than just a login
Have a social conscience
Find the tool that:
– Has the raw data that you need
– Works with your business
http://www.x.com http://slideshare.net/jcleblanc
50. Thanks! Any Questions?
http://slidesha.re/convergese_id
Jonathan LeBlanc
Developer Evangelist: X.commerce
Twitter: @jcleblanc
E-Mail: jleblanc@x.com
Github: github.com/jcleblanc
Editor's Notes
Concepts of bound vs unbound scopes
Suck in web content via curlConvert to valid XML document (do not use as text and run Regex against it)
Search through text on the page and store words + how often they are usedStrip out common words
Use meta description and keywords to match against your keyword density searchUse Open Graph protocol tags to find more keywords and page content
http://www.forbes.com/sites/kashmirhill/2012/02/16/how-target-figured-out-a-teen-girl-was-pregnant-before-her-father-did/The statistician is now a rock star